[英]WCF wsdualhttpBinding custom username
I'v got very annoying error: My scenario - simple message/mail server\\client implemented in WCF with wsdualhttpbinding (dual for callbacks , online update on new message). 我遇到了一个非常烦人的错误:我的场景-在wcf中使用wsdualhttpbinding(双重用于回调,对新消息进行在线更新)实现的简单消息/邮件服务器\\客户端。
All security config is written in code (no *.config at all) . 所有安全配置都用代码编写(根本没有* .config)。 Upon first connection the client throws the following [System.Security.Cryptography.CryptographicException] = {"Bad Length.\\r\\n"} with NULL inner exception , so drilling deeper isn't possible .
首次连接时,客户端会抛出以下[System.Security.Cryptography.CryptographicException] = {“ Bad Length。\\ r \\ n”},且内部异常为NULL,因此无法进行更深的钻取。 Server configuration :
服务器配置:
WSDualHttpBinding binding = new WSDualHttpBinding(WSDualHttpSecurityMode.Message);
binding.Security.Message.ClientCredentialType = MessageCredentialType.UserName;
Uri baseServiceAddress = new Uri(@"http://"+Environment.MachineName+":7921/Mail/");
host = new ServiceHost(theMightyMailServer,baseServiceAddress);
host.Credentials.ClientCertificate.Authentication.CertificateValidationMode = X509CertificateValidationMode.None;
host.Credentials.UserNameAuthentication.UserNamePasswordValidationMode = UserNamePasswordValidationMode.Custom;
host.Credentials.UserNameAuthentication.CustomUserNamePasswordValidator = validator;
host.Credentials.ServiceCertificate.SetCertificate(StoreLocation.CurrentUser, StoreName.Root, X509FindType.FindByIssuerName, "MailServer");
ServiceDebugBehavior d = new ServiceDebugBehavior();
d.IncludeExceptionDetailInFaults = true;
host.Description.Behaviors.Remove<ServiceDebugBehavior>();
host.Description.Behaviors.Add(d);
ServiceMetadataBehavior b = new ServiceMetadataBehavior();
b.HttpGetEnabled = true;
host.Description.Behaviors.Remove<ServiceMetadataBehavior>();
host.Description.Behaviors.Add(b);
var mexBinding = MetadataExchangeBindings.CreateMexHttpBinding();
host.AddServiceEndpoint(typeof(IMailServer), binding, "Service");
host.AddServiceEndpoint(typeof(IMetadataExchange),mexBinding,"");
host.Open();
Client configuration : 客户端配置:
client = new MailServerReference.MailServerClient(new InstanceContext(this));
client.ClientCredentials.UserName.UserName = currentUser.UserName;
client.ClientCredentials.UserName.Password = currentUser.Password;
client.ClientCredentials.ServiceCertificate.Authentication.CertificateValidationMode = System.ServiceModel.Security.X509CertificateValidationMode.None;
client.ClientCredentials.ClientCertificate.SetCertificate(StoreLocation.CurrentUser, StoreName.Root,X509FindType.FindByIssuerName, "MailServer");
currentUser.ID = client.getUID();
client.RegisterOnServer(currentUser.ID);
return true;
}
catch (Exception ex) { MessageBox.Show(ex.Message); return false; }
Any help would be very much appreciated.And BTW I am new to WCF , so maybe I am missing some basic concept . 任何帮助将非常感谢。顺便说一句,我是WCF的新手,所以也许我缺少一些基本概念。
I would try setting the ServiceCertificate
and ClientCertificate
to the same thing on both the client and the server. 我会尝试在客户端和服务器上将
ServiceCertificate
和ClientCertificate
设置为相同的内容。 At least, that is the way I've done this. 至少,这就是我这样做的方式。 It has been a while, but I think I had issues when only one certificate or the other was set, and not both.
已经有一段时间了,但是我认为设置一个或另一个证书而不是同时设置两个证书时遇到了问题。
Edit for additional info: 编辑其他信息:
In my case, I use a CustomBinding
instead of a WSDualHttpBinding
but I ended up using the exact same certificate for the ServiceCertificate and ClientCertificate on both sides (client and server). 就我而言,我使用
CustomBinding
而不是WSDualHttpBinding
但最终在双方(客户端和服务器)的ServiceCertificate和ClientCertificate上使用了完全相同的证书。
More specifically, I have a class that extends System.ServiceModel.Description.ServiceCredentials
更具体地说,我有一个扩展
System.ServiceModel.Description.ServiceCredentials
的类
public class MyServiceCredentials : ServiceCredentials
{
public MyServiceCredentials() : base()
{
LoadCertificate();
}
public MyServiceCredentials(MyServiceCredentials other) : base(other)
{
LoadCertificate();
}
private void LoadCertificate()
{
ServiceCertificate.Certificate = _cert;
ClientCertificate.Certificate = _cert;
ClientCertificate.Authentication.CertificateValidationMode = X509CertificateValidationMode.None;
ClientCertificate.Authentication.RevocationMode = X509RevocationMode.NoCheck;
}
}
And I pass one of those to my CustomBinding constructor in both the client and server implementation. 我将其中之一传递给客户端和服务器实现中的CustomBinding构造函数。
Anyway, I think because Message
security is turned on for the binding, it expects there to be message level security in both directions, so it needs a certificate on both sides (ServiceCertificate and ClientCertificate). 无论如何,我认为因为已为绑定打开了
Message
安全性,所以它期望双向都有消息级别的安全性,因此它需要双方都具有证书(ServiceCertificate和ClientCertificate)。
I could be completely wrong though, I'm just saying; 我只是说,我可能完全错了。 try it and see if that helps...
试试看,看看是否有帮助...
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.