<behaviors>

  <serviceBehaviors>

    <behavior name="MyServiceBehavior">

      <serviceMetadata httpsGetEnabled="true" policyVersion="Policy15" />

      <serviceDebug includeExceptionDetailInFaults="true" />

      <serviceCredentials>

        <clientCertificate>

          <authentication customCertificateValidatorType="MyWS.Security.MyServicesCertificateValidator, MyWS"

            certificateValidationMode="Custom" revocationMode="NoCheck" />

        </clientCertificate>

        <userNameAuthentication userNamePasswordValidationMode="Custom"

          customUserNamePasswordValidatorType="MyWS.Security.MyServicesUsernameValidator, MyWS" />

      </serviceCredentials>

    </behavior>

  </serviceBehaviors>

</behaviors>

<serviceHostingEnvironment multipleSiteBindingsEnabled="true"/>

<bindings>

  <basicHttpBinding>

    <binding name="MySoapBinding">

      <security mode="TransportWithMessageCredential">

        <transport clientCredentialType="Certificate" />

        <message clientCredentialType="UserName" />

      </security>

    </binding>

  </basicHttpBinding>

</bindings>

<services>

  <service behaviorConfiguration="MyServiceBehavior" name="MyWS.Services.TheService">

    <endpoint address="" binding="basicHttpBinding" bindingConfiguration="MySoapBinding" name="TheService" bindingNamespace="https://services.my/TheService" contract="MyWS.Interfaces.Service.ITheService" />

    <host>

      <baseAddresses>

        <add baseAddress="https://localhost:4434/MyWS/TheService"/>

      </baseAddresses>

    </host>

  </service>

</services>
private static Binding CreateMultiFactorAuthenticationBinding()

{

    var httpsTransport = new HttpsTransportBindingElement();

    // The message security binding element will be configured to require 2 tokens:

    // 1) A username-password encrypted with the service token

    // 2) A client certificate used to sign the message

    // Create symmetric security binding element with encrypted username-password token.

    // Symmetric key is encrypted with server certificate.

    var messageSecurity = SecurityBindingElement.CreateUserNameForCertificateBindingElement();

    messageSecurity.AllowInsecureTransport = false;

    // Require client certificate as endorsing supporting token for all requests from client to server

    var clientX509SupportingTokenParameters = new X509SecurityTokenParameters

                                                    {

                                                        InclusionMode =

                                                            SecurityTokenInclusionMode.AlwaysToRecipient

                                                    };

    messageSecurity.EndpointSupportingTokenParameters.Endorsing.Add(clientX509SupportingTokenParameters);

    return new CustomBinding(messageSecurity, httpsTransport);

}

//// Registering WCF-services

var returnFaults = new ServiceDebugBehavior {IncludeExceptionDetailInFaults = true};

var metaData = new ServiceMetadataBehavior {HttpsGetEnabled = true};

var serviceCredentials = new ServiceCredentials();

// Configure service sertificate

serviceCredentials.ServiceCertificate.SetCertificate(

    StoreLocation.LocalMachine,

    StoreName.My,

    X509FindType.FindBySubjectName,

    "ServerCertificate");

// Configure client certificate authentication mode

serviceCredentials.ClientCertificate.Authentication.CertificateValidationMode = X509CertificateValidationMode.ChainTrust;

// Add custom username-password validator

serviceCredentials.UserNameAuthentication.UserNamePasswordValidationMode =

    UserNamePasswordValidationMode.Custom;

serviceCredentials.UserNameAuthentication.CustomUserNamePasswordValidator =

    _container.Resolve<MyServicesUsernameValidator>();

// Add custom certificate validator

serviceCredentials.ClientCertificate.Authentication.CertificateValidationMode =

    X509CertificateValidationMode.Custom;

serviceCredentials.ClientCertificate.Authentication.CustomCertificateValidator =

    _container.Resolve<MyServicesCertificateValidator>();

var serviceModel = new DefaultServiceModel();

serviceModel.AddEndpoints(

    WcfEndpoint.ForContract<IMyContract>().BoundTo(CreateMultiFactorAuthenticationBinding()));

serviceModel.BaseAddresses.Add(new Uri("https://server.com/MyServiceImplementation.svc"));

serviceModel.AddExtensions(serviceCredentials);

serviceModel.AddExtensions(metaData);

_container.AddFacility<WcfFacility>(f => f.CloseTimeout = TimeSpan.Zero)

    .Register(Component.For<IMyContract>()

                    .ImplementedBy<MyServiceImplementation>()

                    .AsWcfService(serviceModel),

                Component.For<IServiceBehavior>().Instance(returnFaults));

wcf 配置与代码创建的更多相关文章

  1. C#操作IIS程序池及站点的创建配置实现代码

    首先要对Microsoft.Web.Administration进行引用,它主要是用来操作IIS7: using System.DirectoryServices;using Microsoft.We ...

  2. WCF服务二:创建一个简单的WCF服务程序

    在本例中,我们将实现一个简单的计算服务,提供基本的加.减.乘.除运算,通过客户端和服务端运行在同一台机器上的不同进程实现. 一.新建WCF服务 1.新建一个空白解决方案,解决方案名称为"WC ...

  3. WCF 配置服务 (02)

    配置服务概述 • 在设计和实现服务协定后,即可配置服务. 在其中可以定义和自定义如何向客户端公开服务,包括指定可以找到服务的地址.服务用于发送和接收消息的传输和消息编码,以及服务需要的安全类型. • ...

  4. WCF学习第二篇:WCF 配置架构。这有助于对wcf配置的理解和记忆

    使用 Windows Communication Foundation (WCF) 配置元素,您可以配置 WCF 服务和客户端应用程序. 可以使用配置编辑器工具 (SvcConfigEditor.ex ...

  5. WCF配置详解

    前面一篇文章<WCF 学习总结1 -- 简单实例> 一股脑儿展示了几种WCF部署方式,其中配置文件(App.config/Web.config)都是IDE自动生成,省去了我们不少功夫.现在 ...

  6. 编写WCF服务时右击配置文件无“Edit WCF Configuration”(编辑 WCF 配置)远程的解决办法

    原文:编写WCF服务时右击配置文件无“Edit WCF Configuration”远程的解决办法 今天在看<WCF揭秘>书中看到作者提出可以在一个WCF Host应用程序的App.Con ...

  7. iOS UICollectionView(转一) XIB+纯代码创建:cell,头脚视图 cell间距

    之前用CollectionViewController只是皮毛,一些iOS从入门到精通的书上也是泛泛而谈.这几天好好的搞了搞苹果的开发文档上CollectionViewController的内容,亲身 ...

  8. Spring Boot 使用Java代码创建Bean并注册到Spring中

    版权声明:本文为博主原创文章,未经博主允许不得转载. https://blog.csdn.net/catoop/article/details/50558333 声明同一个类下的多个实例: packa ...

  9. WCF 4.0 如何编程修改wcf配置,不使用web.config静态配置

    How to programmatically modify WCF without web.config setting WCF 4.0 如何编程修改wcf配置,不使用web.config静态配置 ...

随机推荐

  1. GridView控件详解

    一.介绍 GridView控件一表格形式显示数据源中的数据.提供对列进行排序.分页以及编辑.删除单个记录的功能. 二.绑定数据源 第一种使用DataSourceID属性.可以直接把GridView控件 ...

  2. 012-MD5Utils工具类模板

    package ${enclosing_package}; import java.math.BigInteger; import java.security.MessageDigest; impor ...

  3. 10个重要的算法C语言实现源代码

    包括拉格朗日,牛顿插值,高斯,龙贝格,牛顿迭代,牛顿-科特斯,雅克比,秦九昭,幂法,高斯塞德尔 .都是经典的数学算法,希望能开托您的思路.转自kunli.info 1.拉格朗日插值多项式 ,用于离散数 ...

  4. 改修jquery支持cmd规范的seajs

    手动包装jquery1.10.2,firebug说$没有定义 define(function (require, exports, module) {//jquery源码module.exports= ...

  5. dll和so文件区别与构成

    http://www.cnblogs.com/likwo/archive/2012/05/09/2492225.html 动态链接,在可执行文件装载时或运行时,由操作系统的装载程序加载库.大多数操作系 ...

  6. React.js 小书 Lesson27 - 实战分析:评论功能(六)

    作者:胡子大哈 原文链接:http://huziketang.com/books/react/lesson27 转载请注明出处,保留原文链接和作者信息. (本文未审核) 删除评论 现在发布评论,评论不 ...

  7. liunx下查看日志最实用命令和方法

      1.业务系统访问量不是很大的时候,使用这个,有bug的地方操作下,直接看最后操作的日志,就是你刚才操作的地方,好好查bug吧 tail  -fn100  catalina.log   查询日志尾部 ...

  8. MYSQL常用函数以及分组操作

    SELECT CONVERT(",SIGNED); SELECT CAST(" AS SIGNED); SELECT ; SELECT LENGTH("姜浩真帅!&quo ...

  9. Splunk大数据分析经验分享

    转自:http://www.freebuf.com/articles/database/123006.html Splunk大数据分析经验分享:从入门到夺门而逃 Porsche 2016-12-19 ...

  10. .Net高阶异常处理第二篇~~ dump进阶之MiniDumpWriter

    dump文件相信有些朋友已经很熟悉了,dump文件的作用在于保存进程运行时的堆栈信息,方便日后排查软件故障,提升软件质量.关于dump分析工具windbg.adplus的文章更多了,如果您还不知道怎么 ...