WCF Message Level Security

Question

WCF Message Level Security

Hope someone can help me on this. I am looking for a message-level security method in my WCF service other than using certificates. The problem is that the application is used on clients that connect via VPN with several sites, each of which has its own domain controller, and the domains do not trust each other. I am completely unfamiliar with certificates, although many of ppl say the way, I don’t know if it can work in this environment?

I ask for help :) Regards Andries

+3

security .net certificate wcf

Andries Jan 29 '09 at 8:28

source share

3 answers

Pavel Nikolov · Answer 1 · 2009-01-29T13:01:25+0000

- ! ! . : " ". , . , :

1) . → → "cmd" Enter. : makecert.exe MakeCert -pe -ss My -sr LocalMachine -a sha1 -sky exchange -n CN = ClientCertificateName ( "ClientCertificateName" )

2) , !

3) 1) 2) , . TrustedPeople TrustedPeople . → "" → "" → "mmc" Enter

4) , "" → "/ " → "" () "" - "" "- > " "- > → →
. node () / node. , . , . . " /" node.

5) 4) - , -,
, () , , . web.config(app.config) .

<security mode="Message">
    <message clientCredentialType="Certificate" />
</security>

node :

    <behaviors >
    <endpointBehaviors>
        <behavior name="your_binding_behavior">
            <clientCredentials>
                <clientCertificate findValue="[The name of the client certificate here]"
                                   storeLocation="LocalMachine"
                                   storeName="My"
                                   x509FindType="FindBySubjectName"/>
                <serviceCertificate>
                    <defaultCertificate findValue="[The name of the server certificate here]"
                                        storeLocation="LocalMachine"
                                        storeName="TrustedPeople"
                                        x509FindType="FindBySubjectName"/>
                    <authentication certificateValidationMode="PeerOrChainTrust"/>
                </serviceCertificate>
            </clientCredentials>
        </behavior>
    </endpointBehaviors>
</behaviors>

! ! . .

Calanus · Answer 2 · 2009-01-30T10:12:47+0000

- , , MessageClientCredentialType = "None" WCF. web.config

" ", . WCF, :

http://blog.functionalfun.net/2008/05/how-to-create-server-certificate-for.html

ashish jaiman · Answer 3 · 2009-01-29T15:14:19+0000

, - - , - http://msdn.microsoft.com/en-us/library/ms731172.aspx - MixedModesecurity - - http://blogs.msdn.com/govindr/archive/tags/WCF/default.aspx

http://blogs.msdn.com/jmeier/archive/2008/03/27/patterns-and-practices-wcf-security-guidance-now-available.aspx http://www.codeplex.com/WCFSecurity .

WCF Message Level Security

More articles: