2

我创建了一个具有 HTTPS/SSL、传输安全性和基本身份验证的自托管 WCF 服务。出于某种原因,当我在浏览器中运行该服务时,它从不要求提供凭据。怎么了?

服务配置:

<?xml version="1.0" encoding="utf-8" ?>
<configuration>
  <system.web>
    <compilation debug="true" />
  </system.web>
  <system.serviceModel>
    <behaviors>
      <serviceBehaviors>
        <behavior name="WsHttpTest.GreetingServiceBehavior">
          <serviceMetadata httpsGetEnabled="True"/>
          <serviceDebug includeExceptionDetailInFaults="False" />
        </behavior>
      </serviceBehaviors>
    </behaviors>
    <bindings>
      <wsHttpBinding>
        <binding name="TransportSecurity">
          <security mode="Transport">
            <transport clientCredentialType="Basic"/>
          </security>
        </binding>
      </wsHttpBinding>
    </bindings>
    <services>
      <service behaviorConfiguration="WsHttpTest.GreetingServiceBehavior" name="WsHttpTest.GreetingService">
        <host>
          <baseAddresses>
            <add baseAddress="https://localhost:8555/WsHttpTest/Greeting" />
          </baseAddresses>
        </host>
        <endpoint address="" binding="wsHttpBinding" bindingConfiguration="TransportSecurity" contract="WsHttpTest.IGreetingService" />
        <endpoint address="mex" binding="mexHttpsBinding" contract="IMetadataExchange" />
      </service>
    </services>
  </system.serviceModel>
</configuration>

HTTP 配置:

C:\>httpcfg query ssl
    IP                      : 0.0.0.0:8555
    Hash                    : 14ae237add3c49 a5091367487563cf6f6a8f586
    Guid                    : {9416496a-6d3e-4680-a9d1-03defd97d7d6}
    CertStoreName           : MY
    CertCheckMode           : 0
    RevocationFreshnessTime : 0
    UrlRetrievalTimeout     : 0
    SslCtlIdentifier        :
    SslCtlStoreName         :
    Flags                   : 0
------------------------------------------------------------------------------
C:\>httpcfg query urlacl
    URL : https://localhost:8555/WsHttpTest/Greeting/
    ACL : D:(A;;GX;;;WD)
------------------------------------------------------------------------------
4

1 回答 1

2

wsHttpBinding仅当您与端点通信时才使用配置=您创建代理并调用服务合同上公开的操作。打开服务的帮助页面时,您不会与端点通信。

ServiceMetadataBehavior还提供了两个附加属性HttpsHelpPageBindingHttpsHelpPageBindingConfiguration. 也许如果您使用这些属性并为它们配置一些自定义绑定(必须是自定义的,因为它需要MessageVersion.None),您将能够强制帮助页面也要求身份验证,但我从未尝试过。

我将从以下内容开始:

<bindings>
  <cutstomBinding>
    <binding name="helpPage">
      <textMessageEncoding messageVersion="None" />
      <httpsTransport authenticationScheme="Basic" />
    </binding>
  </customBinding>
</bindings>
于 2011-05-14T08:55:16.793 回答