WCF MTOM basicHttpBinding 允许哪些安全模式

Question

我在basicHttpBinding 中使用MTOM 消息编码创建了新的wcf 服务。 现在我对 security 部分有疑问，WCF service -MTOM - basicHttpBinding

允许哪些安全模式

<basicHttpBinding>
    <binding name="DefaultBinding_Mtom" messageEncoding="Mtom" transferMode="Streamed" maxReceivedMessageSize="700000">
     <readerQuotas maxArrayLength="2147483647" maxBytesPerRead="2147483647" />
     <security mode="None">
       <transport clientCredentialType="None" proxyCredentialType="None" realm="" />
       <message clientCredentialType="UserName" algorithmSuite="Default" />
     </security>          
   </binding>
</basicHttpBinding>

在上面的代码<security mode="None"> 中，我的服务在客户端按预期工作。但是当我修改了安全模式 NTLM <security mode="TransportCredentialOnly"> 然后我在调用服务时遇到了问题。

<security mode="TransportCredentialOnly">
  <transport clientCredentialType="Ntlm" proxyCredentialType="Windows" realm=""/>
  <message clientCredentialType="UserName" algorithmSuite="Default"/>
</security>

如果我的服务是messageEncoding="Text"，那么工作正常，即使安全模式是 NTLM。那么，Mtom 服务允许使用哪种安全模式，请您指导我如何设置安全模式。

感谢和问候，

Answer 1

Text 编码和 MTOM 编码都不会影响远程服务的调用。以下两种安全模式可以使用Windows Authentication。在我这边，它工作正常。请告诉我错误的详细信息。

Uri uri = new Uri("http://localhost:21011");
            BasicHttpBinding binding = new BasicHttpBinding();
            binding.MessageEncoding = WSMessageEncoding.Mtom;
            binding.Security.Mode = BasicHttpSecurityMode.TransportCredentialOnly;
            binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Windows;

或者，

Uri uri = new Uri("https://localhost:21011");
            BasicHttpBinding binding = new BasicHttpBinding();
            binding.MessageEncoding = WSMessageEncoding.Mtom;
            binding.Security.Mode = BasicHttpSecurityMode.Transport;
            binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Windows;

这是我的例子。
Server-side.

class Program
{
    static void Main(string[] args)
    {
        Uri uri = new Uri("http://localhost:21011");
        BasicHttpBinding binding = new BasicHttpBinding();
        binding.MessageEncoding = WSMessageEncoding.Mtom;
        binding.Security.Mode = BasicHttpSecurityMode.TransportCredentialOnly;
        binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Windows;
        using (ServiceHost sh = new ServiceHost(typeof(MyService), uri))
        {
            sh.AddServiceEndpoint(typeof(IService), binding,"");
            ServiceMetadataBehavior smb;
            smb = sh.Description.Behaviors.Find<ServiceMetadataBehavior>();
            if (smb == null)
            {
                smb = new ServiceMetadataBehavior()
                {
                    HttpGetEnabled = true
                };
                sh.Description.Behaviors.Add(smb);
            }
            Binding mexbinding = MetadataExchangeBindings.CreateMexHttpBinding();
            sh.AddServiceEndpoint(typeof(IMetadataExchange), mexbinding, "mex");


            sh.Opened += delegate
            {
                Console.WriteLine("Service is ready");
            };
            sh.Closed += delegate
            {
                Console.WriteLine("Service is clsoed");
            };
            sh.Open();
            Console.ReadLine();
            //pause
            sh.Close();
            Console.ReadLine();
        }
    }
}
[ServiceContract]
public interface IService
{
    [OperationContract]
    string Test();

}
public class MyService : IService
{
    public string Test()
    {
        return DateTime.Now.ToLongTimeString();
    }
}

Client-side.(使用客户端代理调用远程服务)

static void Main(string[] args)
        {
            ServiceReference1.ServiceClient client = new ServiceClient();
            client.ClientCredentials.Windows.ClientCredential.UserName = "administrator";
            client.ClientCredentials.Windows.ClientCredential.Password = "abcd1234!";
            var result = client.Test();
            Console.WriteLine(result);

        }

Appconfig 客户端配置。

<system.serviceModel>
    <bindings>
      <basicHttpBinding>
        <binding name="BasicHttpBinding_IService" messageEncoding="Mtom">
          <security mode="TransportCredentialOnly">
            <transport clientCredentialType="Windows" />
          </security>
        </binding>
      </basicHttpBinding>
    </bindings>
    <client>
      <endpoint address="http://10.157.13.69:21011/" binding="basicHttpBinding"
        bindingConfiguration="BasicHttpBinding_IService" contract="ServiceReference1.IService"
        name="BasicHttpBinding_IService" />
    </client>
  </system.serviceModel>

如果有什么我可以帮忙的，请随时告诉我。