stackoom
  简体   繁体   中英

WCF/basicHttp with message security interoperable with Java client?

 原文  2014-04-28 03:14:49       wcf/ x509

Question

The basicHttp binding works great for Java client with no problem, if I turn on the message security, would it causing trouble for Java client?

Since basicHttp is SOAP1.1, if message security is turned on, will it use WS-Security to support certificate based authentication?

1 answers

solution1
 1 ACCPTED  2014-04-28 04:14:31

It would be preferable to use Custom binding if you want to use certificate based authentication while using SOAP 1.1(Also considering interoperability like Java based clients or oracle services). AuthenticationMode would change based on your needs.

For example, the below binding shows Mutual certificate authentication on both server and client side + transport security(https). 

<customBinding>
    <binding name="customSSLMutualCertificate" sendTimeout="00:05:00" receiveTimeout="00:05:00">
      <customTextMessageEncoding messageVersion="Soap11"/>
      <security defaultAlgorithmSuite="Basic256Rsa15" authenticationMode="MutualCertificate"
          requireDerivedKeys="false" securityHeaderLayout="Lax" includeTimestamp="false"
          keyEntropyMode="CombinedEntropy" messageProtectionOrder="SignBeforeEncrypt"
          messageSecurityVersion="WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10"
          requireSignatureConfirmation="false" enableUnsecuredResponse="true">
        <localClientSettings cacheCookies="true" detectReplays="false"
            replayCacheSize="900000" maxClockSkew="00:05:00"
            maxCookieCachingTime="Infinite"
            replayWindow="00:05:00" sessionKeyRenewalInterval="10:00:00"
            sessionKeyRolloverInterval="00:05:00" reconnectTransportOnFailure="true"
            timestampValidityDuration="00:05:00" cookieRenewalThresholdPercentage="60" />
        <localServiceSettings detectReplays="true" issuedCookieLifetime="10:00:00"
            maxStatefulNegotiations="128" replayCacheSize="900000" maxClockSkew="00:05:00"
            negotiationTimeout="00:01:00" replayWindow="00:05:00"
            inactivityTimeout="00:02:00"
            sessionKeyRenewalInterval="15:00:00" sessionKeyRolloverInterval="00:05:00"
            reconnectTransportOnFailure="true" maxPendingSessions="128"
            maxCachedCookies="1000" timestampValidityDuration="00:05:00" />
        <secureConversationBootstrap />
      </security>
      <httpsTransport manualAddressing="false" maxBufferPoolSize="524288"
                   maxReceivedMessageSize="65536" allowCookies="false"
                   authenticationScheme="Anonymous"
                   bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard"
                   keepAliveEnabled="true" maxBufferSize="65536"
                   proxyAuthenticationScheme="Anonymous"
                   realm="" transferMode="Buffered"
                   unsafeConnectionNtlmAuthentication="false"
                   useDefaultWebProxy="true"  requireClientCertificate="false"/>
    </binding>
  </customBinding>

Also refer Does WCF support WS-Security with SOAP 1.1? for other options

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question WCF Callback: Is it interoperable with Java? WCF client to java webservice getting Message security verification failed on responses WCF Service (JSON) and Android client - message security WCF Message Level Security Client Credentials Recommended WCF client channel lifetime with Message security WCF - Authenticate the client with Message Security using Certificates WCF message / method security without a client certificate WCF/basicHttp and NTLM authentication WCF: Is using WsHttpBinding interoperable? WCF and gSOAP - interoperable code?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM