开发者

WCF: programatically configuring the service with certificate

开发者 https://www.devze.com 2023-01-05 20:53 出处:网络
Here\'s the whole issue:I want to create WCF dll to access WCF services.... the only issue is, when I use the WCF DLL config file with an application that has it\'s OWN app.config file, the WCF DLL ap

Here's the whole issue: I want to create WCF dll to access WCF services.... the only issue is, when I use the WCF DLL config file with an application that has it's OWN app.config file, the WCF DLL app.config file gets ignored.......

I figure one way to fix this problem is to translate my app.config to code, but unfortunately I don't know what I am doing.

If you look at the app.config file below, you can also see that I use a certificate with an encoded value, which has made it more difficult for me to translate because like I said before I have no idea what I am doing, this is kind of a "learn as you go approach" for me.

Does anyone have any idea of how to accomplish either being able to use the app.config as is, instead of the WCF service accessing the APPLICATION's app.config?

OR

Does anyone have an article, tool or advice on how to translate the following app.config to C#?

any information would be fantastic..... Thanks, in advance.

<system.serviceModel>
    <bindings>
      <customBinding>
        <binding name="customBindingHTTP">
          <security authenticationMode="SecureConversation">
            <localClientSettings maxClockSkew="23:30:00" />
            <secureConversationBootstrap authenticationMode="UserNameForSslNegotiated">
              <localClientSettings maxClockSkew="23:30:00" />
            </secureConversationBootstrap>
          </security>
          <binaryMessageEncoding maxReadPoolSize="20000000" maxWritePoolSize="20000000"
            maxSessionSize="20000000">
            <readerQuotas maxDepth="20000000" maxStringContentLength="20000000"
              maxArrayLength="20000000" maxBytesPerRead="20000000" maxNameTableCharCount="20000000" />
          </binaryMessageEncoding>
          <httpTransport maxBufferPoolSize="20000000" maxReceivedMessageSize="20000000"
            maxBufferSize="20000000" useDefaultWebProxy="false" />
        </binding>
        <binding name="CustomBinding_ITestService">
          <security defaultAlgorithmSuite="Default" authenticationMode="SecureConversation"
            requireDerivedKeys="true" securityHeaderLayout="Strict" includeTimestamp="true"
            keyEntropyMode="CombinedEntropy" messageProtectionOrder="SignBeforeEncryptAndEncryptSignature"
            messageSecurityVersion="WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10"
            requireSecurityContextCancellation="true" requireSignatureConfirmation="false">
            <localClientSettings cacheCookies="true" detectReplays="true"
              replayCacheSize="900000" maxClockSkew="00:05:00" maxCookieCachingTime="Infinite"
              replayWindow="00:05:00" sessionKeyRenewalInterval="10:00:00"
              sessionKeyRolloverInterval="00:05:00" reconnectTransportOnFailure="true"
              timestampValidityDuration="00:05:00" cookieRenewalThresholdPercentage="60" />
            <localServiceSettings detectReplays="true" issuedCookieLifetime="10:00:00"
              maxStatefulNegotiations="128" replayCacheSize="900000" maxClockSkew="00:05:00"
              negotiationTimeout="00:01:00" replayWindow="00:05:00" inactivityTimeout="00:02:00"
              sessionKeyRenewalInterval="15:00:00" sessionKeyRolloverInterval="00:05:00"
              reconnectTransportOnFailure="true" maxPendingSessions="128"
              maxCachedCookies="1000" timestampValidityDuration="00:05:00" />
            <secureConversationBootstrap defaultAlgorithmSuite="Default"
              authenticationMode="UserNameForSslNegotiated" requireDerivedKeys="true"
              securityHeaderLayout="Strict" includeTimestamp="true" keyEntropyMode="CombinedEntropy"
              messageProtectionOrder="SignBeforeEncryptAndEncryptSignature"
              messageSecurityVersion="WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10"
              requireSecurityContextCancellation="true" requireSignatureConfirmation="false">
              <localClientSettings cacheCookies="true" detectReplays="true"
                replayCacheSize="900000" maxClockSkew="00:05:00" maxCookieCachingTime="Infinite"
                replayWindow="00:05:00" sessionKeyRenewalInterval="10:00:00"
                sessionKeyRolloverInterval="00:05:00" reconnectTransportOnFailure="true"
                timestampValidityDuration="00:05:00" cookieRenewalThresholdPercentage="60" />
              <localServiceSettings detectReplays="true" issuedCookieLifetime="10:00:00"
                maxStatefulNegotiations="128" replayCacheSize="900000" maxClockSkew="00:05:00"
                negotiationTimeout="00:01:00" replayWindow="00:05:00" inactivityTimeout="00:02:00"
                sessionKeyRenewalInterval="15:00:00" sessionKeyRolloverInterval="00:05:00"
                reconnectTransportOnFailure="true" maxPendingSessions="128"
                maxCachedCookies="1000" timestampValidityDuration="00:05:00" />
            </secureConversationBootstrap>
          </security>
          <binaryMessageEncoding maxReadPoolSize="64" maxWritePoolSize="16"
            maxSessionSize="2048">
            <readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
              maxBytesPerRead="4096" maxNameTableCharCount="16384" />
          </binaryMessageEncoding>
          <httpTransport manualAddressing="false" maxBufferPoolSize="524288"
            maxReceivedMessageSize="65536" allowCookies="false" authenticationScheme="Anonymous"
            bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard"
            keepAliveEnabled="true" maxBufferSize="65536" proxyAuthenticationScheme="Anonymous"
            realm="" transferMode="Buffered" unsafeConnectionNtlmAuthentication="false"
            useDefaultWebProxy="true" />
        </binding>
      </customBinding>
    </bindings>
    <client>
      <endpoint address="http://xx.xx.xxx.xxx:xxxx/TestService/custom"
        behaviorConfiguration="ClientCertificateBehavior" binding="customBinding"
        bindingConfiguration="customBindingHTTP" contract="ServiceReference1.ITestService"
        name="CustomBinding_ITestService">
        <identity>
          <certificate encodedValue="xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx />
        </identity>
      <开发者_C百科/endpoint>
    </client>
    <behaviors>
      <endpointBehaviors>
        <behavior name="ClientCertificateBehavior">
          <clientCredentials>
            <serviceCertificate>
              <authentication certificateValidationMode="None" />
            </serviceCertificate>
          </clientCredentials>
        </behavior>
      </endpointBehaviors>
    </behaviors>
  </system.serviceModel>


The code below should be a good starting point for what you require. I've filled in a handful of the properties that I saw in your app.config and set them appropriately.

CustomBinding endpointBinding = new CustomBinding();

SymmetricSecurityBindingElement securityElement = SecurityBindingElement.CreateUserNameForSslBindingElement();
securityElement.MessageSecurityVersion = MessageSecurityVersion.WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10;
securityElement.LocalClientSettings.MaxClockSkew = new TimeSpan(23, 30, 0);

endpointBinding.Elements.Add(securityElement);
endpointBinding.Elements.Add(new BinaryMessageEncodingBindingElement());
endpointBinding.Elements.Add(new HttpsTransportBindingElement());

As for the certificate... Once you have a WCF service host object you can add the certificate like so:

 host.Credentials.ServiceCertificate.Certificate = cert;


Also you can put your dll's app.config file contents into the caller app's app.config file.

0

精彩评论

暂无评论...
验证码 换一张
取 消