1

我有一个具有 WS-* 安全性的 WCF Web 服务,我需要使用 WSS4J API 为它编写一个 Java 客户端。但是,事实证明 WSS4J 不支持 WS-SecureConversation 特有的<SecurityContextToken>and<DerivedKeyToken>标记。

有没有办法通过代码或更好的方式通过 web.config 关闭它?

更新:

服务定义:

      <service name="my.service" 
           behaviorConfiguration="SecureTransport">
    <endpoint 
      address="mex" 
      binding="mexHttpBinding" 
      contract="IMetadataExchange" />
    <endpoint 
      contract="my.interface" 
      binding="wsHttpBinding" 
      bindingConfiguration="UsernameAndPassword"/>
  </service>

行为和绑定:

<behaviors>
  <serviceBehaviors>
    <behavior name="SecureTransport">
      <serviceMetadata httpGetEnabled="true" />
      <serviceDebug includeExceptionDetailInFaults="true"/>
      <serviceCredentials>
        <userNameAuthentication   userNamePasswordValidationMode="Custom"
                                  customUserNamePasswordValidatorType="example.API.Security.CustomUserNameValidator, APISecurity" />
        <serviceCertificate findValue="CN=Example" storeLocation="LocalMachine" storeName="TrustedPeople" x509FindType="FindBySubjectDistinguishedName" />
      </serviceCredentials>
    </behavior>
  </serviceBehaviors>
</behaviors>

<bindings>
  <wsHttpBinding>
    <binding name="UsernameAndPassword">
      <security mode="Message">
        <message clientCredentialType="UserName" />            
      </security>
    </binding>
  </wsHttpBinding>
</bindings>
4

1 回答 1

0

只需在绑定配置中打开安全上下文并可能还进行协商:

<bindings>
  <wsHttpBinding>
    <binding name="UsernameAndPassword">
      <security mode="Message">
        <message clientCredentialType="UserName" establishSecurityContext="false"
                 negotiateServiceCredential="false" />            
      </security>
    </binding>
  </wsHttpBinding>
</bindings>
于 2011-12-21T20:26:13.470 回答