如何配置WCF以接受SSL和非SSL连接。

Question

如何配置WCF以接受SSL和非SSL连接。

5

我需要一些帮助来配置WCF以支持多个环境。其中一个环境允许在标准HTTP上进行匿名身份验证，另一个环境则使用SSL上的Windows身份验证。

我可以配置WCF来支持任意一个环境，但无法在同一个web.config文件中同时支持两个环境。

以下是允许在http上进行匿名身份验证的配置：

<behaviors>
    <serviceBehaviors>
        <behavior name="MexBehavior" >
            <serviceMetadata httpGetEnabled="true" />
        </behavior>
    </serviceBehaviors>
    <endpointBehaviors>
        <behavior name="DLAspNetAjaxBehavior">
            <enableWebScript/>
        </behavior>
        <behavior name="Service1AspNetAjaxBehavior">
            <webHttp/>
        </behavior>
    </endpointBehaviors>
</behaviors>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true"/>
<services>
    <service name="DL" behaviorConfiguration="MexBehavior">
        <endpoint address="" behaviorConfiguration="DLAspNetAjaxBehavior" binding="webHttpBinding" contract="DLService"/>
        <endpoint name="MEXEndpoint" contract="IMetadataExchange" binding="mexHttpBinding" address="mex" />
    </service>
    <service name="Service1" behaviorConfiguration="MexBehavior">
        <endpoint address="" behaviorConfiguration="Service1AspNetAjaxBehavior" binding="webHttpBinding" contract="Service1"/>
        <endpoint name="MEXEndpoint" contract="IMetadataExchange" binding="mexHttpBinding" address="mex" />
    </service>          
</services>

以下是Windows身份验证在SSL上的有效方法：

<behaviors>
    <serviceBehaviors>
        <behavior name="MexBehavior" >
            <serviceMetadata httpGetEnabled="true" />
        </behavior>
    </serviceBehaviors>
    <endpointBehaviors>
        <behavior name="DLAspNetAjaxBehavior">
            <enableWebScript/>
        </behavior>
        <behavior name="Service1AspNetAjaxBehavior">
            <webHttp/>
        </behavior>
    </endpointBehaviors>
</behaviors>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true"/>
<services>
    <service name="DL" behaviorConfiguration="MexBehavior">
        <endpoint address="" behaviorConfiguration="DynamicLoaderAspNetAjaxBehavior" binding="webHttpBinding" bindingConfiguration="webWinBinding" contract="DLService"/>
        <endpoint name="MEXEndpoint" contract="IMetadataExchange" binding="mexHttpBinding" address="mex" />
    </service>
    <service name="Service1" behaviorConfiguration="MexBehavior">
        <endpoint address="" behaviorConfiguration="ValidValuesServiceAspNetAjaxBehavior" binding="webHttpBinding" bindingConfiguration="webWinBinding" contract="Service1"/>
        <endpoint name="MEXEndpoint" contract="IMetadataExchange" binding="mexHttpBinding" address="mex" />
    </service>          
</services>     
<bindings>
    <webHttpBinding>
        <binding name="webWinBinding">
            <security mode="Transport">
                <transport clientCredentialType="Windows" />
            </security>
        </binding>
    </webHttpBinding>           
</bindings>

当我将SSL配置中的端点添加到非SSL配置中时，匿名服务会出现问题。

以下是无法正常工作但尝试将两个设置结合在一起的配置文件：

<behaviors>
    <serviceBehaviors>
        <behavior name="MexBehavior" >
            <serviceMetadata httpGetEnabled="true" />
        </behavior>
    </serviceBehaviors>
    <endpointBehaviors>
        <behavior name="DLAspNetAjaxBehavior">
            <enableWebScript/>
        </behavior>
        <behavior name="Service1AspNetAjaxBehavior">
            <webHttp/>
        </behavior>
    </endpointBehaviors>
</behaviors>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true"/>
<services>
    <service name="DynamicLoader" behaviorConfiguration="MexBehavior">
        <endpoint name="basic" address="" behaviorConfiguration="DLAspNetAjaxBehavior" binding="webHttpBinding" bindingConfiguration="webAnonymousBinding" contract="DLService"/>
        <endpoint name="secure" address="" behaviorConfiguration="DLAspNetAjaxBehavior" binding="webHttpBinding" bindingConfiguration="webWinBinding" contract="DLService"/>
        <endpoint name="MEXEndpoint" contract="IMetadataExchange" binding="mexHttpBinding" address="mex" />
    </service>
    <service name="ValidValuesService" behaviorConfiguration="MexBehavior">
        <endpoint name="basic" address="" behaviorConfiguration="Service1AspNetAjaxBehavior" binding="webHttpBinding" bindingConfiguration="webAnonymousBinding" contract="Service1"/>
        <endpoint name="secure" address="" behaviorConfiguration="Service1AspNetAjaxBehavior" binding="webHttpBinding" bindingConfiguration="webWinBinding" contract="Service1"/>
        <endpoint name="MEXEndpoint" contract="IMetadataExchange" binding="mexHttpBinding" address="mex" />
    </service>
</services>
<bindings>
    <webHttpBinding>
        <binding name="webWinBinding">
            <security mode="Transport">
                <transport clientCredentialType="Windows" />
            </security>
        </binding>
        <binding name="webAnonymousBinding">
            <security mode="None">
            </security>
        </binding>
    </webHttpBinding>
</bindings>

有没有一种方法可以将这些端点合并到一个web.config文件中，以支持这两个环境？

- Chris Conway

你需要同时支持这两个环境吗？还是一个环境是DEV（非SSL），另一个是QA或PROD（SSL）？ - David Hoerster

并发。同一个应用程序有内部和外部接口，其中一个使用SSL与Windows身份验证，另一个则是非SSL的，使用匿名的表单身份验证。 - Chris Conway

1个回答

网页内容由stack overflow 提供, 点击上面的

可以查看英文原文，
原文链接

- David Hoerster · Answer 1

这个之前的Stack Overflow的问题/回答是否有帮助呢？使用WCF通过Http和Https调用Web服务（看第一个回答。）