I did wcf username/password authentication to my SOA application. Security model is Message, and the key is a x509 certificate encrypted RSA 4096 bits. Every client has the same key in config file
<certificate encodedValue="VeryVeryBigRsaKey />
I am curious if for example one application user, having the VeryVeryBigRsaKey can sniff the packets of other users, that share the same key (VeryVeryBigRsaKey). If yes i think is a very serious issue, and i have to change the security model to TransportWithMessageCredential
.
I think you mean you use the UserName credential type and the < certificate > is used to identify the server so that client can trust it gets the message from the correct server.
if another user wants to sniff the package, he needs the server certificate that can only be owned by the real server.
Therefore, your concern is no reason.
The configuration you refer to is I think in the endpoint identity element. If so, this represents the identity of the service, which the client stack will check before communicating with the server. It therefore has to be the same on every client.
The keys used to secure message traffic are derived from the client credentials. Your fears based on this certificate identity are groundless.
I'm sure there is a security bug in WCF but this isn't it.
The certificate is used to
a) verify the server
b) encrypt a client-generated symmetric key and send it to the server
Another client can not break in to this.
精彩评论