发表新帖
发表新帖

How to enable HTTPS on WCF RESTful Service?

后端 未结
关注
3 1240
佛祖请我去吃肉
佛祖请我去吃肉 2020-12-25 15:00

How to make wcf to work over https. I want to use this wcf over https i have searched many articles i didn\'t get the answer please help iam new to wcf concepts. I want to c

相关标签:
3条回答
  • 旧时难觅i
    2020-12-25 15:11

    You need to set security mode="Transport" in the binding

      <basicHttpBinding>
    <binding name="secureHttpBinding">
      <security mode="Transport">
        <transport clientCredentialType="None"/>
      </security>
    </binding>
  </basicHttpBinding>

    Read more on MSDN

    0 讨论(0)
  • 失恋的感觉
    2020-12-25 15:17

    I had the same problem, but wanted to test HTTP get requests, as my services are internal.

    Remember to also make the HTTPS Get Enabled. httpsGetEnabled="true"

    My config is below as an example:

       <bindings >
      <basicHttpBinding>
        <binding name="secureHttpBinding" >
          <security mode="Transport" />
        </binding>
   </bindings>
    .....
    <behaviors>
      <serviceBehaviors>
        <behavior >
          <serviceMetadata httpGetEnabled="true" httpsGetEnabled="true"/>
          <serviceDebug includeExceptionDetailInFaults="false"/>
        </behavior>
       </serviceBehaviors>
     </behaviors>
    0 讨论(0)
  • 醉话见心
    2020-12-25 15:30

    It appears you are building a RESTful Service with WCF and you are really close to securing it.

    Here is what you need to do to secure it:

    1. Add a new WebHttpBinding configuration that has security mode set to Transport.
    2. Assign that new WebHttpBinding configuration to the your Service Endpoint binding.
    3. Make sure that your RESTful service can only be accessed via HTTPS by setting httpGetEnabled="false".
    4. Set up the metadata publishing endpoint to use HTTPS.

    These changes are all summed up below in the revised configuration file (see comments for points that changed). Also note that your Service Endpoint must be using the HTTPS scheme and not HTTP.

    <system.serviceModel >
  <services>
     <service name="WcfRestfulService.HttpService"
              behaviorConfiguration="ServiceBehaviour" >
         <endpoint address="" 
                   binding="webHttpBinding"
                   <!-- Add reference to secure WebHttpBinding config -->
                   bindingConfiguration="webHttpTransportSecurity"
                   behaviorConfiguration="web"
                   contract="WcfRestfulService.IHttpService" />
         <!-- Need to make sure that our metadata 
              publishing endpoint is using HTTPS as well -->
         <endpoint address="mex"
                   binding="mexHttpsBinding"
                   contract="IMetadataExchange" />
     </service>
  </services>
  <!-- Add secure WebHttpBinding config -->
  <bindings>
     <webHttpBinding>
        <binding name="webHttpTransportSecurity">
           <security mode="Transport" />
         </binding>
      </webHttpBinding>
  </bindings>
  <behaviors>
      <serviceBehaviors>
         <behavior name="ServiceBehaviour">
             <serviceMetadata httpsGetEnabled="true"
                              <!-- Make sure the service can 
                                 be accessed only via HTTPS -->
                              httpGetEnabled="false"/>
             <serviceDebug includeExceptionDetailInFaults="false"/>
         </behavior>
      </serviceBehaviors>
      <endpointBehaviors>
         <behavior name="web">
             <webHttp/>
         </behavior>
      </endpointBehaviors>
  </behaviors>
  <serviceHostingEnvironment multipleSiteBindingsEnabled="true"/>
</system.serviceModel>
    0 讨论(0)
 看不清?
提交回复
热议问题