Enrutamiento WCF + SSL
https://stackoverflow.com//questions/9685375
-
13-12-2019 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianPregunta
Necesito crear un servicio de "enrutamiento". Estoy tratando de usar el sistema.servicemodel.routing.IrtingSestreplyRouter de .NET Puedo hacer que funcione solo en modo HTTP, no en HTTPS. El error es "No se puede establecer la conexión SSL / TLS segura" ... También probé un validador de certificado personalizado, ¡pero no se llama!(Se crea, pero el método de validación no se llama)
Publicar mi configuración aquí:
<?xml version="1.0"?>
<bindings>
<customBinding>
<!-- Security Off version-->
<binding name="customBindingNotSecure">
<textMessageEncoding messageVersion="Soap12WSAddressing10"/>
<httpTransport />
</binding>
<!-- Security On -->
<binding name="customBindingSecure">
<textMessageEncoding messageVersion="Soap12WSAddressing10">
</textMessageEncoding>
<security authenticationMode="UserNameOverTransport" />
<httpsTransport />
</binding>
<binding name="platoneBinding">
<textMessageEncoding messageVersion="Soap12WSAddressing10" />
<httpsTransport maxReceivedMessageSize="1000000" maxBufferPoolSize="1000000" maxBufferSize="1000000" />
</binding>
</customBinding>
</bindings>
<services>
<service behaviorConfiguration="routingService" name="System.ServiceModel.Routing.RoutingService">
<endpoint address=""
binding="customBinding"
name="reqReplyEndpoint"
contract="System.ServiceModel.Routing.IRequestReplyRouter" bindingConfiguration="customBindingSecure"/>
<endpoint address=""
binding="customBinding"
name="reqReplyEndpointHttp"
contract="System.ServiceModel.Routing.IRequestReplyRouter"
bindingConfiguration="customBindingNotSecure"/>
</service>
</services>
<behaviors>
<endpointBehaviors>
<behavior name="CustomClientBehavior">
<clientCredentials>
<serviceCertificate>
<defaultCertificate findValue="serverx509v1" storeLocation="LocalMachine" storeName="My" x509FindType="FindBySubjectName"/>
<authentication customCertificateValidatorType="com.abodata.plat1.WCFProxy.PlatoneCertificateValidator, PlatoneWSRelay"
certificateValidationMode="Custom" revocationMode="NoCheck" />
</serviceCertificate>
</clientCredentials>
</behavior>
</endpointBehaviors>
<serviceBehaviors>
<behavior name="routingService">
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
<routing routeOnHeadersOnly="true" filterTableName="routingTable1" />
<serviceCredentials>
<clientCertificate>
<authentication customCertificateValidatorType="com.abodata.plat1.WCFProxy.PlatoneCertificateValidator, PlatoneWSRelay"
certificateValidationMode="Custom" revocationMode="NoCheck" />
</clientCertificate>
<userNameAuthentication userNamePasswordValidationMode="Custom"
customUserNamePasswordValidatorType="com.abodata.plat1.WCFProxy.UsernameValidator, PlatoneWSRelay" />
</serviceCredentials>
</behavior>
<behavior name="">
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
</behavior>
</serviceBehaviors>
</behaviors>
<routing>
<filters>
<filter name="MatchAllFilter1" filterType="MatchAll" />
</filters>
<filterTables>
<filterTable name="routingTable1">
<add filterName="MatchAllFilter1" endpointName="PlatoneWSService" />
</filterTable>
</filterTables>
</routing>
<client>
<endpoint address="https://10.0.2.243:9006/Persistence"
binding="customBinding" bindingConfiguration="platoneBinding"
contract="*" name="PlatoneWSService">
<identity>
<dns value="serverx509v1" />
</identity>
</endpoint>
</client>
<serviceHostingEnvironment multipleSiteBindingsEnabled="true" />
</system.serviceModel>
<system.webServer>
<modules runAllManagedModulesForAllRequests="true"/>
</system.webServer>
Editar: I Logrificé establecer la conexión TLS agregando a mi configuración
<system.net>
<settings>
<servicePointManager checkCertificateName="false" checkCertificateRevocationList="false"/>
</settings>
</system.net>
Pero ... ahora tengo problemas con el encabezado de seguridad de mi envoltura de jabón.El cliente envía el mensaje correctamente a mi enrutador, pero elimina el encabezado de seguridad, por lo que obtengo una excepción ...
Solución
OK ... Solucioné también el segundo problema.
MI ENTONAJE DE ENTONCES NO DEBE ESPECIFICAR LA ETIQUETA DE SEGURIDAD, De lo contrario, procesó el sobre. Esta es mi configuración de trabajo
<?xml version="1.0"?>
<configuration>
<system.serviceModel>
<bindings>
<!-- Must use custom binding: silverlight only support basicHttpBinding that is not
SOAP 1.2. So.. I create a custom binding-->
<customBinding>
<!-- Security Off version-->
<binding name="customBindingNotSecure">
<textMessageEncoding messageVersion="Soap12WSAddressing10"/>
<httpTransport />
</binding>
<!-- Security On -->
<binding name="customBindingSecure">
<textMessageEncoding messageVersion="Soap12WSAddressing10">
<readerQuotas maxDepth="2147483647" maxStringContentLength="2147483647"
maxArrayLength="2147483647" maxBytesPerRead="2147483647"
maxNameTableCharCount="2147483647" />
</textMessageEncoding>
<httpsTransport maxBufferPoolSize="2000000" maxBufferSize="2000000" maxReceivedMessageSize="2000000" />
</binding>
<binding name="platoneBinding">
<textMessageEncoding messageVersion="Soap12WSAddressing10" />
<httpsTransport maxReceivedMessageSize="1000000000" maxBufferPoolSize="1000000000" maxBufferSize="1000000000" />
</binding>
</customBinding>
</bindings>
<services>
<service behaviorConfiguration="routingService" name="System.ServiceModel.Routing.RoutingService">
<endpoint address=""
binding="customBinding"
name="reqReplyEndpoint"
contract="System.ServiceModel.Routing.IRequestReplyRouter" bindingConfiguration="customBindingSecure"/>
<endpoint address=""
binding="customBinding"
name="reqReplyEndpointHttp"
contract="System.ServiceModel.Routing.IRequestReplyRouter"
bindingConfiguration="customBindingNotSecure"/>
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="routingService">
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
<routing routeOnHeadersOnly="true" filterTableName="routingTable1" />
</behavior>
<behavior name="">
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
</behavior>
</serviceBehaviors>
</behaviors>
<routing>
<filters>
<filter name="MatchAllFilter1" filterType="MatchAll" />
</filters>
<filterTables>
<filterTable name="routingTable1">
<add filterName="MatchAllFilter1" endpointName="PlatoneWSService" />
</filterTable>
</filterTables>
</routing>
<client>
<!-- https://10.0.2.243:9006/Persistence -->
<endpoint address="https://10.0.2.243:9006/Persistence"
binding="customBinding" bindingConfiguration="platoneBinding"
contract="*" name="PlatoneWSService">
</endpoint>
</client>
<serviceHostingEnvironment multipleSiteBindingsEnabled="true" />
</system.serviceModel>
<system.webServer>
<modules runAllManagedModulesForAllRequests="true"/>
</system.webServer>
<system.net>
<settings>
<servicePointManager checkCertificateName="false" checkCertificateRevocationList="false"/>
</settings>
</system.net>
</configuration>
Las dimensiones para el búfer y el mensaje deben ser "probados" (eso es ... elegí un gran número para hacerlo funciona ...)
Licenciado bajo: CC-BY-SA con atribución
No afiliado a StackOverflow
