wcf-security

问题 I'm working on a WCF Service that is called by our other softwars to send bug information to our database. The problem is that, since it is an online service, it isn't safe, so I was wondering if it's possible to the service to request a password (i.e. when we call the service, we have to configure the password or something like that). I googled about it, but it all seemed so complex for such a simple thing ... can you guys help me out? Edit: The idea is to authenticate through my software,

问题 I have a simple WCF service configured for with transport security and Certificate client credentials. I plug a custom certificate validator to it, and throws a FaultException. My probkemn is the esception message does not reach the client : i only receive a MessageSecurityException without any Fault... If i turn my service in net.tcp (self-hosted), i the receive a CommunicationExcetion, with no Fault either. Here is a part of my web.config : <system.serviceModel> <bindings> <wsHttpBinding>

问题 I am attempting to secure a new .Net 4.5 WCF service using HTTPS / SSL, Basic client credentials and the WebHttpBinding. From reading up online I found a good series of Blog Posts from Allen Conway which I have used as a template. WCF configuration <system.serviceModel> <bindings> <webHttpBinding> <binding name="webInteropSecureBinding" allowCookies="false" maxBufferPoolSize="2097152" maxBufferSize="2097152" maxReceivedMessageSize="2097152"> <security mode="Transport"> <transport

问题 I have created WCF and I have used wsHttpBinding and MTOM as message transport with authentcation as "Windows". Now my service is not current SECURE, its plain HTTP, running on custom port. Is Windows Authentication of WCF's wsHttpBinding secure? can anyone see the password or guess through network trace? Environment Information: Hosted on Internet No Active Directory, its single server Connecting from my office with server's admin username and password On the client side, Password is not

问题 Details about my service: A file upload service Transfermode is set to stream Service is hosted in IIS 7. I need to provide secuirty to my service. I have tried with ntlm and windows secuirty.I was getting the following error when i am trying to secure my service "HTTP request streaming cannot be used in conjunction with HTTP authentication. Either disable request streaming or specify anonymous HTTP authentication." I have found a description stating that: Description: You can't do transport

问题 We have got a normal WCF service which has a binding that looks like this: <wsHttpBinding> <binding name="ServiceBinding" receiveTimeout="00:10:00" sendTimeout="00:10:00" bypassProxyOnLocal="false" transactionFlow="false" hostNameComparisonMode="StrongWildcard" maxReceivedMessageSize="20971520" messageEncoding="Mtom" textEncoding="utf-8" useDefaultWebProxy="true" allowCookies="false"> <security mode="Message"> <message clientCredentialType="Windows" negotiateServiceCredential="true"

问题 I have a WCF service which needs to be called from client side(ajax call). I want to use ScriptManager on ASPX page to add a ServiceReference to the WCF service (or) JQuery ajax call to the WCF service. I want to deny anonymous users accessing the WCF service. Is there any way to do user authentication before calling a service method from JavaScript? how to secure my WCF service calls from client side? 回答1: There are a number of things you can do to secure your WCF services. Probably the

问题 I am making a SOAP request using WCF to a third party service. The service requires that I sign the request, which I think I am doing but I get the error: Could not create SSL/TLS secure channel So I am wondering if there is a way to see the raw xml that is being sent so I can see where the problem is? 回答1: You can see the contents of a message by enabling message tracing and using the Service Trace Viewer to view the message logs. Having said that, the message Could not create SSL/TLS secure

问题 Our application consumes a web service in C# (.Net framework 3.5). Getting the correct response from the server most of the time, but it is intermittently throwing an error: The request was aborted: Could not create SSL/TLS secure channel. Having enabled the traces it shows: System.Net Error: 0 : [3688] Decrypt returned SEC_I_RENEGOTIATE. Has anyone faced this issue before? What is a fix to this problem. please let me know. Any help would be highly appreciated. Thanks in advance! -Jemo 来源：

问题 I'm trying to consume Java Web Service using C# in desktop application. My first attempt was using WebServicesClientProtocol, but I'm not able to add necessary attribute that is required by WSSE Username and Token Security Spec 1.1 I need to create request that has this structure: <soap:Envelope xmlns:dz="http://dom.query.api.com" xmlns:soap="http://www.w3.org/2003/05/soap-envelope" xmlns:xsd="http://dz.api.swd.zbp.pl/xsd"> <soap:Header> <wsse:Security xmlns:wsse="http://docs.oasis-open.org