新建一個類庫名為“WcfSecurityExampleServiceLibrary”的類庫項目,添加如代碼清單11-10所示的契約,其中將示例契約命名為HelloService。
代碼清單11-10 HelloService契約
using System;
using System.Collections.Generic;
using System.Linq;
using System.Runtime.Serialization;
using System.ServiceModel;
using System.Text;
namespace WcfSecurityExampleServiceLibrary
{
[ServiceContract]
public interface IHelloService
{
[OperationContract]
string GetHello();
}
}
代碼清單11-11是HelloService契約的實現。
using System;
using System.Collections.Generic;
using System.Linq;
using System.Runtime.Serialization;
using System.ServiceModel;
using System.Text;
namespace WcfSecurityExampleServiceLibrary
{
public class HelloService : IHelloService
{
public string GetHello()
{
if (ServiceSecurityContext.Current != null)
{
if (!ServiceSecurityContext.Current.IsAnonymous)
{
return "Hello:" + ServiceSecurityContext.Current.PrimaryIdentity.Name + ";type="
+ ServiceSecurityContext.Current.PrimaryIdentity.AuthenticationType;
}
return "";
}
else
{
return "hello";
} }
}
}
這裡采用控制台程序做自托管宿主,宿主代碼如代碼清單11-12所示。
代碼清單11-12 宿主代碼
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.ServiceModel;
using WcfSecurityExampleServiceLibrary;
namespace SimpleHost
{
class Program
{
static void Main(string[] args)
{
ServiceHost hostForHello = new ServiceHost(typeof(HelloService));
hostForHello.Open();
try
{
while (true)
{
}
}
catch
{
hostForHello.Abort();
}
}
}
}
宿主配置文件如代碼清單11-13所示。
代碼清單11-13 宿主配置文件
<?xml version="1.0"?>
<configuration>
<system.serviceModel>
<services>
<service name="WcfSecurityExampleServiceLibrary.HelloService" behaviorConfiguration="mex">
<host>
<baseAddresses>
<add baseAddress="net.tcp://127.0.0.1:64567/"/>
</baseAddresses>
</host>
<endpoint address="net.tcp://127.0.0.1:64567/HelloService" binding="netTcpBinding"
bindingConfiguration="tcpWindowsSecurity" name="helloEndPoint"
contract="WcfSecurityExampleServiceLibrary.IHelloService"/>
<endpoint address="mex" binding="mexTcpBinding" contract="IMetadataExchange" />
</service>
</services>
<bindings>
<netTcpBinding>
<binding name="tcpWindowsSecurity">
</binding>
</netTcpBinding>
</bindings>
<behaviors>
<serviceBehaviors>
<behavior name="mex">
<serviceMetadata />
</behavior>
</serviceBehaviors>
</behaviors>
</system.serviceModel>
<startup>
<supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.0"/>
</startup>
</configuration>
代碼清單11-13所示的配置文件並沒有對netTcpBinding做任何的安全配置,因此一切將采用默認設置。
客戶端實現如代碼清單11-14所示。
代碼清單11-14 客戶端實現
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.ServiceModel;
using WcfSecurityExampleServiceLibrary;
namespace WcfSecurityExampleConsoleClient
{
class Program
{
static void Main(string[] args)
{
using (ChannelFactory<IHelloService> channelFactory = new ChannelFactory<IHelloService>("helloEndPoint"))
{
IHelloService helloService = channelFactory.CreateChannel();
using (helloService as IDisposable)
{
Console.WriteLine(helloService.GetHello());
}
}
Console.Read();
}
}
}
查看本欄目
圖11-6的運行結果可以證明,在默認情況下,netTcpBinding采用的是Transport安全模式,憑據類型為Windows。
繼續修改客戶端的配置為代碼清單11-16所示的內容。然後啟動TcpTrace來監聽通信。
代碼清單11-16 客戶端的配置(為配合TcpTrace監聽修改)
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<system.serviceModel>
<behaviors >
<endpointBehaviors>
<behavior name="ForListen">
<clientVia viaUri="net.tcp://127.0.0.1:64590/HelloService"/>
</behavior>
</endpointBehaviors>
</behaviors>
<bindings>
<netTcpBinding>
<binding name="tcpWindowsSecurity">
<!--<security mode="None"></security> -->
</binding>
</netTcpBinding>
</bindings>
<client>
<endpoint name="helloEndPoint" address="net.tcp://127.0.0.1:64567/HelloService"
binding="netTcpBinding" bindingConfiguration="tcpWindowsSecurity"
contract="WcfSecurityExampleServiceLibrary.IHelloService" behaviorConfiguration="ForListen" />
</client>
</system.serviceModel>
</configuration>
以上代碼加粗的部分為新增的配置,配置了客戶端的轉向請求,轉向的端口“64590”為TcpTrace的監聽端口。再次運行程序,TcpTrace的監聽監聽結果如圖11-7所示。
圖11-7 監聽Transport安全模式下的默認配置
從圖11-7中可以看出,默認情況下無法看到結果的明文信息,說明對消息進行了加密。
為了更清晰的理解默認情況下NetTcpBinding的安全配置,這裡給出兩段代碼和兩個配置文件,它們實現的是相同的效果。
初始化NetTcpBinding類實例1:
NetTcpBinding netTcpBingding = new NetTcpBinding();
初始化NetTcpBinding類實例2:
NetTcpBinding netTcpBingding = new NetTcpBinding();
netTcpBingding.Security.Mode = SecurityMode.Transport;
netTcpBingding.Security.Transport.ClientCredentialType = TcpClientCredentialType.Windows;
netTcpBingding.Security.Transport.ProtectionLevel = System.Net.Security.ProtectionLevel.EncryptAndSign;
NetTcpBinding默認安全配置文件1:
<netTcpBinding>
<binding name="tcpWindowsSecurity">
<security>
</security>
</binding>
</netTcpBinding>
NetTcpBinding默認安全配置文件2:
<netTcpBinding>
<binding name="tcpWindowsSecurity">
<security mode="Transport" >
<transport
protectionLevel="EncryptAndSign"
clientCredentialType="Windows">
</transport>
</security>
</binding>
</netTcpBinding>
作者:玄魂
出處:http://www.cnblogs.com/xuanhun/
