堆栈内存溢出
  简体   繁体   English

msmq身份验证减慢了加密速度

[英]msmq authentication slows encryption

 原文  2015-09-01 14:01:41       wcf/ msmq/ msmqintegrationbinding

问题描述

When sending an encrypted msmq message it seems like the authentication bogs down the speed (from 2500 msg/sec to 150 msgs/sec). 当发送加密的msmq消息时,似乎认证速度降低了(从2500 msg / sec降低到150 msgs / sec)。

This seems to be the case for both System.Messaging.MessageQueue and the Wcf client with msmqIntegration binding. 对于System.Messaging.MessageQueue和具有msmqIntegration绑定的Wcf客户端,似乎都是这种情况。

My requirement is for encrypted transport, I can do without authentication. 我的要求是加密传输,我可以不进行身份验证。 I would prefer the WCF client since settings can be changed from app.config. 我希望使用WCF客户端,因为可以从app.config更改设置。

Is there a way for the msmqIntegrationBinding to do transport encryption without authentication ? msmqIntegrationBinding是否可以在没有身份验证的情况下进行传输加密? 

    <msmqIntegrationBinding>
        <binding name="VisionAirMessagingBinding"
            timeToLive="12:00:00"
            maxReceivedMessageSize="4100000"
            receiveErrorHandling="Move"
            retryCycleDelay="00:30:00"
            useMsmqTracing="false"
            serializationFormat="Stream">
            <security mode="Transport">
                <transport msmqAuthenticationMode="WindowsDomain"
                    msmqEncryptionAlgorithm="RC4Stream"
                    msmqProtectionLevel="EncryptAndSign"
                    msmqSecureHashAlgorithm="Sha1"/>
                    </security>
                </binding>

I found out that authentication slows me down by commenting out the following when using the System. 我发现使用系统时,通过注释掉以下内容使身份验证减慢了速度。 

q1.Send(new Message 
{
    BodyStream = new MemoryStream(
        Encoding.ASCII.GetBytes("ABCDEFGHIJKLMNOPQRSTUVXYZ")),
        Label = i.ToString(),
        //UseAuthentication = true,
        UseEncryption = true
}, msmqTx);

If I switch on the authentication, sendings becomes slow again! 如果我打开身份验证,发送将再次变慢!

Thx for any help! 感谢您的帮助!

1 个解决方案

解决方案1
 0 已采纳  2015-09-01 17:08:19

WindowsDomain authentication means Kerberos authentication. WindowsDomain身份验证表示Kerberos身份验证。 It is necessarily a multiple agent protocol (using something like 4+ different messages being sent). 它必须是多代理协议(使用发送4个或更多不同消息之类的协议)。 Since you are using the blocking .Send() method. 由于您使用的是.Send()方法。 This is going to limit your rate (due to multiple latency paths), if you do not throw in some asynchronicity/concurrency. 如果您不引发一些异步性/并发性,这将限制您的速率(由于多个延迟路径)。

You might find that switching to simple Certificate authentication will suffice. 您可能会发现切换到简单的Certificate身份验证就足够了。

The result is that the server will be executing the message without the user's credentials, but will be authenticated (you know who sent the message, but you can't elevate to the that user's permissions). 结果是服务器将在没有用户凭据的情况下执行消息,但将进行身份验证(您知道谁发送了消息,但无法提升该用户的权限)。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 证书,加密和身份验证 - Certificates, Encryption, And Authentication 使用NetTcpBinding在WCF中进行Windows身份验证/加密 - Windows Authentication / Encryption in WCF With NetTcpBinding 具有SSL加密的WCF身份验证服务 - WCF Authentication Service with SSL encryption 没有X.509或Windows身份验证的WCF流量的加密 - Encryption of WCF traffic without X.509 or Windows authentication WCF,MSMQ-不支持协议“ net.msmq” - WCF, MSMQ - the protocol 'net.msmq' is not supported 使用 MSMQ 而不在客户端计算机上安装 MSMQ - Using MSMQ without installing MSMQ on client machines 用于Web服务的WCF客户端,具有WS-Security,签名的标头,身份验证令牌和主体加密 - WCF Client for web service with WS-Security, signed headers, authentication tokens and encryption of body IIS中托管的MSMQ WCF - MSMQ WCF hosted in IIS 通过互联网订阅MSMQ - Subscribing to MSMQ over the internet MSMQ,WCF和Flaky服务器 - MSMQ, WCF, and Flaky Servers
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM