wcf-security

问题 I'm developing WCF service with Transport Security hosted on IIS 7.5 under Windows 2008R2. I have a certificate, generated in IIS 7.5 which is stored in Local folder. When I use BasicHttpBinding or WSHttpBinding with Transport Security - everything works fine. But when I change it to NetTcp I get an exception : CryptographicException 'Keyset does not exist'. After a bit of googling I found out that the problem can be because my NETSERVICE IIS account doesn't have premission to the private key

问题 I'm developing WCF service with Transport Security hosted on IIS 7.5 under Windows 2008R2. I have a certificate, generated in IIS 7.5 which is stored in Local folder. When I use BasicHttpBinding or WSHttpBinding with Transport Security - everything works fine. But when I change it to NetTcp I get an exception : CryptographicException 'Keyset does not exist'. After a bit of googling I found out that the problem can be because my NETSERVICE IIS account doesn't have premission to the private key

问题 I've generated a WCF client service proxy from a WSDL file, which calls a third-party java web service. Now I need to configure the binding and proxy to call a web method. However, I only have the below SOAP information, a username and password, and a client certificate. How can I work out what I need to do? Are there any "reverse this to configuration" apps, or websites that teach the skills required? I think I am after, "this part of the message, translates to this configuration". Can

问题 I have followed numerous msdn articles and the codeplex guidance but cannot get WCF to work with Kerberos authentication and delegation and would appreciate a little help. Setup I have the WCF service in an IIS website on a remote machine IIS 6.0 on Windows 2003 R2 - SP 2 The SPN for the machine has been added (http/myserver && http/myserver:8080) An AD account has been created for the IIS app pool The AD account has the setting, allow delegation (for Kerberos), set to true I am using Brian

问题 I have a self-hosted WCF server running as a Windows service under the Local System account. I am trying to create a self-signed certificate programmatically in c# for use with a net.tcp endpoint using Message level security. I am using the following code which is very closely based on the accepted answer in How to create a self-signed certificate using C#? with some small changes trying to solve my problem. public static X509Certificate2 CreateSelfSignedCertificate(string subjectName,

问题 I've been given a web service written in Java that I'm not able to make any changes to. It requires the user authenticate with basic authentication to access any of the methods. The suggested way to interact with this service in .NET is by using Visual Studio 2005 with WSE 3.0 installed. This is an issue, since the project is already using Visual Studio 2008 (targeting .NET 2.0). I could do it in VS2005, however I do not want to tie the project to VS2005 or do it by creating an assembly in

问题 I have a web-service which I secured using certificates. Now, I want to identify the client by looking at the certificate thumbprint. This means that I have a list of thumbprints on my service somewhere that are linked to some user. Actually, my first question (a little off-topic) is: is this a good approach or should I still introduce some username password construction? Second question is: how can I get the certificate that the client used to connect to the web-service so I can read the

问题 I need to create a WCF service that is hosted in IIS, uses http transport and hold state in the server’s memory. While I’m aware that stateful services aren't a good idea, this last constrain is necessary to make the service work with a legacy client. My first thought was to asp.net’s session to store the values. I activated the asp.net compatibility mode in my service, which gave me access to the HttpContext, but values that were placed in the session object were not being persisted in

问题 I have an asp.NET WCF on .NET 4. This service is used to authenticate users. We are submitting a username and password and then an HTTP Header should be returned with the authentication cookie included. Using a locally hosted test page this is working correctly. I am now attempting to access the header information cross domain. I have installed my test page on a different machine and configured to call across to the WCF. The call is working and the 'data' reply in the call is correct. However

问题 i was reading about WCF security implementations and found out that there are 2 types of security: Transport Mode and Message Mode (or both) If i used HTTPS for Transport Mode, is it more secured if i used Message security also? i am asking this because what i understand is as follows: https uses SSL protocol which encrypts messages... so why should i add Message Security and encrypt the SSL encrypted message? or am i misunderstanding stuff? 回答1: Security in WCF actually consists of several