【发布时间】:2012-01-23 02:41:53
【问题描述】:
我正在尝试通过将 ClientCredentialType 设置为“无”来实现具有压缩和消息安全性的自定义 WS 绑定。该服务已配置并成功运行。我还设法配置客户端并成功运行它。但是,我需要以编程方式设置客户端,因此当我尝试将客户端配置转换为代码时,我收到错误“没有为目标“xxx”提供服务证书。在 ClientCredentials 中指定服务证书。' 我正在使用自动生成的代理客户端,并且我已按照建议覆盖客户端构造函数并直接在 ClientCredentials 或客户端端点行为中指定服务证书 CertificateValidationMode,但仍然没有运气.
对于解决此问题的任何帮助,我将不胜感激。作为参考,我在下面包含了配置及其代码翻译。
客户端配置:
<system.serviceModel>
<bindings>
<customBinding>
<binding name="customWSBinding" sendTimeout="00:15:00">
<security authenticationMode="SecureConversation" messageSecurityVersion="WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10">
<secureConversationBootstrap authenticationMode="AnonymousForSslNegotiated" messageSecurityVersion="WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10" />
</security>
<gzipMessageEncoding innerMessageEncoding="textMessageEncoding"/>
<httpTransport hostNameComparisonMode="StrongWildcard" manualAddressing="False"
maxReceivedMessageSize="2147483647" maxBufferSize="2147483647" maxBufferPoolSize="2147483647"
authenticationScheme="Anonymous" bypassProxyOnLocal="False" realm="" useDefaultWebProxy="True"/>
</binding>
</customBinding>
</bindings>
<client>
<endpoint address=""
binding="customBinding"
bindingConfiguration="customWSBinding"
behaviorConfiguration="ClientBehavior"
contract="IService"
name="ServiceEndpoint">
<identity>
<dns value="contoso.com"/>
</identity>
</endpoint>
</client>
<behaviors>
<endpointBehaviors>
<behavior name="ClientBehavior">
<clientCredentials>
<serviceCertificate>
<authentication certificateValidationMode="None"/>
</serviceCertificate>
</clientCredentials>
</behavior>
</endpointBehaviors>
</behaviors>
</system.serviceModel>
等效代码:
SecurityBindingElement securityElement = SecurityBindingElement.CreateSecureConversationBindingElement(SecurityBindingElement.CreateAnonymousForCertificateBindingElement());
securityElement.MessageSecurityVersion = MessageSecurityVersion.WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10;
GZipMessageEncodingBindingElement encodingElement = new GZipMessageEncodingBindingElement();
TextMessageEncodingBindingElement txtMsgBE = new TextMessageEncodingBindingElement();
encodingElement.InnerMessageEncodingBindingElement = txtMsgBE;
HttpTransportBindingElement httpTransportElement = new HttpTransportBindingElement();
httpTransportElement.HostNameComparisonMode = HostNameComparisonMode.StrongWildcard;
httpTransportElement.ManualAddressing = false;
httpTransportElement.MaxReceivedMessageSize = Int32.MaxValue;
httpTransportElement.MaxBufferSize = Int32.MaxValue;
httpTransportElement.MaxBufferPoolSize = Int32.MaxValue;
httpTransportElement.AuthenticationScheme = AuthenticationSchemes.Anonymous;
httpTransportElement.BypassProxyOnLocal = false;
httpTransportElement.UseDefaultWebProxy = true;
System.ServiceModel.Channels.Binding binding = new CustomBinding(securityElement, encodingElement, httpTransportElement);
binding.SendTimeout = TimeSpan.FromMinutes(15);
EndpointAddress address = new EndpointAddress(new Uri(svcURL), EndpointIdentity.CreateDnsIdentity("contoso.com"));
ServiceClient svcClient = new ServiceClient(binding, address);
被覆盖的代理客户端:
public ServiceClient(System.ServiceModel.Channels.Binding binding, System.ServiceModel.EndpointAddress remoteAddress)
:base (binding, remoteAddress)
{
System.ServiceModel.Description.ClientCredentials cc = new System.ServiceModel.Description.ClientCredentials();
cc.ServiceCertificate.Authentication.CertificateValidationMode = System.ServiceModel.Security.X509CertificateValidationMode.None;
base.Endpoint.Behaviors.RemoveAt(1);
base.Endpoint.Behaviors.Add(cc);
}
【问题讨论】:
标签: wcf custom-binding