是TransportWithMessageCredential无证上岗足够安全的WCF服务?无证、安全、TransportWithMessageCredential、WCF
我已经开发了一个WCF自托管服务,对此我有两个基本的安全要求,因为它会通过互联网来访问:
I have developed a WCF self-hosted service, for which I have two basic security requirements as it will be accessed over the Internet:
传输层应该prevent篡改和窃听,身份验证凭据特别是检索。这是SSL做,但是从我所看到的设置SSL需要安装证书(可能除了通过this破解使用普通的证书文件),我preFER不是必须做的。
The transport layer should prevent tampering and sniffing, especially the retrieval of authentication credentials. This is what SSL does, but from what I have seen setting up SSL requires the installation of certificates (except maybe through this hack that uses plain certificate files), which I prefer not to have to do.
认证层应包括用户名/密码验证的。
The authentication layer should consist of a username/password validator.
我配置我的服务使用:
<security mode="TransportWithMessageCredential">
<message clientCredentialType="UserName" />
<transport clientCredentialType="Basic" />
</security>
即使在传输层为HTTP(HTTPS没有),这是否让WCF创建另一个安全层,等效于SSL?如果没有,什么是安全强度方面的区别?
Even if the transport layer is HTTP (not HTTPS), does this make WCF create another security layer that is equivalent to SSL? If not, what is the difference in terms of security strength?
此外,有没有什么办法可以保证元数据端点,而无需使用SSL证书(不是必需的,但将AP preciated)?
Also, is there any way to secure the meta data endpoint without using a SSL certificate (not essential but would be appreciated)?
下面是我的全部配置code为自托管服务:
Here is my full configuration code for the self-hosted service:
<?xml version="1.0"?>
<configuration>
<startup><supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.0"/></startup>
<system.serviceModel>
<services>
<service name="MyService">
<host>
<baseAddresses>
<add baseAddress = "http://localhost:8000/Services" />
</baseAddresses>
</host>
<endpoint address ="MyService" binding="wsHttpBinding" contract="IMyService">
<identity>
<dns value="localhost"/>
</identity>
</endpoint>
<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange"/>
</service>
</services>
<bindings>
<wsHttpBinding>
<binding name="Binding1" maxReceivedMessageSize="2147483647">
<security mode="TransportWithMessageCredential">
<message clientCredentialType="UserName" />
<transport clientCredentialType="Basic" />
</security>
</binding>
</wsHttpBinding>
</bindings>
<behaviors>
<serviceBehaviors>
<behavior>
<serviceMetadata httpGetEnabled="True"/>
<serviceCredentials>
<userNameAuthentication userNamePasswordValidationMode="Custom" customUserNamePasswordValidatorType="CR.Common.Services.CustomValidator, Common" />
</serviceCredentials>
</behavior>
</serviceBehaviors>
</behaviors>
</system.serviceModel>
</configuration>
感谢您!
推荐答案
在默认情况下,所有的安全 WCF绑定(像的wsHttpBinding)将加密和签名信息。
By default, all secure WCF bindings (like wsHttpBinding) will encrypt and sign messages.
SSL强制使用的证书,并在你给是黑客WCF,不SSL链接黑客。因为没有SSL WCF禁止使用basicHttpBinding的和UserNamePasswordValidator(在明确的发送XML),因为在这种情况下,任何人都截获的消息可以得到用户名/密码。
SSL mandatory use a certificate, and the hack in the link you give is hacking wcf, not SSL. Because without SSL WCF forbid the use of the basicHttpBinding (which send xml in clear) and UserNamePasswordValidator, because in this case anyone that intercept the message can get the username/password.
使用WsHttpBinding的,你可避免SSL,把安全的消息级别。
With WSHttpBinding you could avoid SSL and put the security on the message level.
我强烈建议您阅读这篇文章,特别是< STRONG>服务凭证和协商第一章:
I strongly advise you to read this article, especially the Service Credentials and Negotiation chapter:
要支持相互身份验证和消息保护,服务必须 提供凭据给调用者。当传输安全使用 (SSL),服务凭据是通过运输谈判 协议。邮件安全服务的凭证,也可 谈判时,Windows证书被使用;否则服务 证书必须指明
To support mutual authentication and message protection, services must provide credentials to the caller. When transport security is used (SSL), service credentials are negotiated through the transport protocol. Service credentials for message security can also be negotiated when Windows credentials are used; otherwise a service certificate must be specified
随着UserNamePasswordValidator,必须在服务器上配置的证书允许客户端的签名和加密每个信息(使用证书的公钥)。 如果你正在使用Windows身份验证,这将没有必要。
With the UserNamePasswordValidator, you must configure a certificate on the server to allow the client the sign and encrypt each message (using the certificate's public key). If you were using Windows authentication, it'll not be needed.
你为什么这么担心证书?
Why are you so worried about certificate ?
