0

如何验证我的 WCF 消息是否已签名?我的设置运行正常,但需要能够检查服务器端的签名。这是怎么做到的?我正在使用 MsmqIntegrationBinding,并使用 X509Certificate2 对其进行签名。

var binding = new MsmqIntegrationBinding(MsmqIntegrationSecurityMode.Transport)
            {
                SerializationFormat = MsmqMessageSerializationFormat.Binary,
                Security = new MsmqIntegrationSecurity()
                {
                    Mode = MsmqIntegrationSecurityMode.Transport,
                    Transport = new MsmqTransportSecurity()
                    {
                        MsmqAuthenticationMode = MsmqAuthenticationMode.Certificate,
                        MsmqProtectionLevel = System.Net.Security.ProtectionLevel.Sign
                    }
                }
            };

EndpointAddress address = new EndpointAddress("myaddress");
ChannelFactory<IMyMessage> channelFactory = new ChannelFactory<IMyMessage>(binding, address);

channelFactory.Credentials.ClientCertificate.Certificate = my_x509certificate2;
IMyMessage channel = channelFactory.CreateChannel();

//create message and send using the channel
4

1 回答 1

0

用这个注释你的服务或你的操作:

[OperationContract(ProtectionLevel = ProtectionLevel.EncryptAndSign)]

这将基本上在服务器端强制执行/除非消息经过签名和加密,否则不会调用操作。

如果您需要更多参考,请查看 MSDN 上的 ProtectionLevel:

http://msdn.microsoft.com/en-us/library/aa347692.aspx

于 2013-03-22T19:11:19.457 回答