Вопрос
Мне нужно создать услуги «маршрутизации». Я пытаюсь использовать System.Servicemodel.Routing.irequestreplyrouter of .Net Я могу сделать это работать только в HTTP Mode, а не в HTTPS. Ошибка «не может устанавливать безопасную связь SSL / TLS» ... Я также попробовал настраиваемый сертификат Validator, но он не вызывается!(это создано, но метод проверки не вызывается)
Я публикую свою конфигурацию здесь:
<?xml version="1.0"?>
.
<bindings>
<customBinding>
<!-- Security Off version-->
<binding name="customBindingNotSecure">
<textMessageEncoding messageVersion="Soap12WSAddressing10"/>
<httpTransport />
</binding>
<!-- Security On -->
<binding name="customBindingSecure">
<textMessageEncoding messageVersion="Soap12WSAddressing10">
</textMessageEncoding>
<security authenticationMode="UserNameOverTransport" />
<httpsTransport />
</binding>
<binding name="platoneBinding">
<textMessageEncoding messageVersion="Soap12WSAddressing10" />
<httpsTransport maxReceivedMessageSize="1000000" maxBufferPoolSize="1000000" maxBufferSize="1000000" />
</binding>
</customBinding>
</bindings>
<services>
<service behaviorConfiguration="routingService" name="System.ServiceModel.Routing.RoutingService">
<endpoint address=""
binding="customBinding"
name="reqReplyEndpoint"
contract="System.ServiceModel.Routing.IRequestReplyRouter" bindingConfiguration="customBindingSecure"/>
<endpoint address=""
binding="customBinding"
name="reqReplyEndpointHttp"
contract="System.ServiceModel.Routing.IRequestReplyRouter"
bindingConfiguration="customBindingNotSecure"/>
</service>
</services>
<behaviors>
<endpointBehaviors>
<behavior name="CustomClientBehavior">
<clientCredentials>
<serviceCertificate>
<defaultCertificate findValue="serverx509v1" storeLocation="LocalMachine" storeName="My" x509FindType="FindBySubjectName"/>
<authentication customCertificateValidatorType="com.abodata.plat1.WCFProxy.PlatoneCertificateValidator, PlatoneWSRelay"
certificateValidationMode="Custom" revocationMode="NoCheck" />
</serviceCertificate>
</clientCredentials>
</behavior>
</endpointBehaviors>
<serviceBehaviors>
<behavior name="routingService">
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
<routing routeOnHeadersOnly="true" filterTableName="routingTable1" />
<serviceCredentials>
<clientCertificate>
<authentication customCertificateValidatorType="com.abodata.plat1.WCFProxy.PlatoneCertificateValidator, PlatoneWSRelay"
certificateValidationMode="Custom" revocationMode="NoCheck" />
</clientCertificate>
<userNameAuthentication userNamePasswordValidationMode="Custom"
customUserNamePasswordValidatorType="com.abodata.plat1.WCFProxy.UsernameValidator, PlatoneWSRelay" />
</serviceCredentials>
</behavior>
<behavior name="">
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
</behavior>
</serviceBehaviors>
</behaviors>
<routing>
<filters>
<filter name="MatchAllFilter1" filterType="MatchAll" />
</filters>
<filterTables>
<filterTable name="routingTable1">
<add filterName="MatchAllFilter1" endpointName="PlatoneWSService" />
</filterTable>
</filterTables>
</routing>
<client>
<endpoint address="https://10.0.2.243:9006/Persistence"
binding="customBinding" bindingConfiguration="platoneBinding"
contract="*" name="PlatoneWSService">
<identity>
<dns value="serverx509v1" />
</identity>
</endpoint>
</client>
<serviceHostingEnvironment multipleSiteBindingsEnabled="true" />
</system.serviceModel>
<system.webServer>
<modules runAllManagedModulesForAllRequests="true"/>
</system.webServer>
.
Редактировать: мне удалось установить соединение TLS, добавив к моей конфигурации
<system.net>
<settings>
<servicePointManager checkCertificateName="false" checkCertificateRevocationList="false"/>
</settings>
</system.net>
.
Но ... Теперь у меня проблемы с заголовком безопасности моего мыла.Клиент правильно отправляет сообщение моему маршрутизатору, но он удаляет заголовок безопасности, поэтому я получаю исключение ...
Решение
Хорошо ... я решил также вторую проблему.
Мой привязка маршрутизатора не должна указывать тег безопасности, в противном случае он обрабатывает конверт. Это моя рабочая конфигурация
<?xml version="1.0"?>
<configuration>
<system.serviceModel>
<bindings>
<!-- Must use custom binding: silverlight only support basicHttpBinding that is not
SOAP 1.2. So.. I create a custom binding-->
<customBinding>
<!-- Security Off version-->
<binding name="customBindingNotSecure">
<textMessageEncoding messageVersion="Soap12WSAddressing10"/>
<httpTransport />
</binding>
<!-- Security On -->
<binding name="customBindingSecure">
<textMessageEncoding messageVersion="Soap12WSAddressing10">
<readerQuotas maxDepth="2147483647" maxStringContentLength="2147483647"
maxArrayLength="2147483647" maxBytesPerRead="2147483647"
maxNameTableCharCount="2147483647" />
</textMessageEncoding>
<httpsTransport maxBufferPoolSize="2000000" maxBufferSize="2000000" maxReceivedMessageSize="2000000" />
</binding>
<binding name="platoneBinding">
<textMessageEncoding messageVersion="Soap12WSAddressing10" />
<httpsTransport maxReceivedMessageSize="1000000000" maxBufferPoolSize="1000000000" maxBufferSize="1000000000" />
</binding>
</customBinding>
</bindings>
<services>
<service behaviorConfiguration="routingService" name="System.ServiceModel.Routing.RoutingService">
<endpoint address=""
binding="customBinding"
name="reqReplyEndpoint"
contract="System.ServiceModel.Routing.IRequestReplyRouter" bindingConfiguration="customBindingSecure"/>
<endpoint address=""
binding="customBinding"
name="reqReplyEndpointHttp"
contract="System.ServiceModel.Routing.IRequestReplyRouter"
bindingConfiguration="customBindingNotSecure"/>
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="routingService">
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
<routing routeOnHeadersOnly="true" filterTableName="routingTable1" />
</behavior>
<behavior name="">
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
</behavior>
</serviceBehaviors>
</behaviors>
<routing>
<filters>
<filter name="MatchAllFilter1" filterType="MatchAll" />
</filters>
<filterTables>
<filterTable name="routingTable1">
<add filterName="MatchAllFilter1" endpointName="PlatoneWSService" />
</filterTable>
</filterTables>
</routing>
<client>
<!-- https://10.0.2.243:9006/Persistence -->
<endpoint address="https://10.0.2.243:9006/Persistence"
binding="customBinding" bindingConfiguration="platoneBinding"
contract="*" name="PlatoneWSService">
</endpoint>
</client>
<serviceHostingEnvironment multipleSiteBindingsEnabled="true" />
</system.serviceModel>
<system.webServer>
<modules runAllManagedModulesForAllRequests="true"/>
</system.webServer>
<system.net>
<settings>
<servicePointManager checkCertificateName="false" checkCertificateRevocationList="false"/>
</settings>
</system.net>
</configuration>
.
Размеры для буфера и сообщения должны быть «проверены» (то есть .. Я выбрал большое количество, чтобы он работает ...)