如何在WCF中实现客户端和服务器之间的安全通信?
我需要实现一个模型,其中只有一组授权的客户端才能使用WCF服务器。我想到了在每个方法调用中将AUTH结构作为参数传递的东西。这是实现这种安全性的最佳方法,还是有更简单/更好的方法来实现这一点?
例如我开发并发布了如下服务:
http:// MyServer / MyService [ ^ ]
默认情况下,任何知道URL的人都可以使用该服务。
如何设置指定的客户端集可以使用URL。
另外我们如何确保没有人可以在通信之间更改数据。
例如:客户端发送请求平衡查询服务与响应500卢比,但有些人试图将其更改为500卢比。
I need to implement a model, where only an authorized set of clients can use a WCF server. I thought of something along passing an AUTH structure as a param inside each method call. Is this the best method to implement this kind of security, or is there an easier/better way of doing this?
for example i developed and publish the service like below:
http://MyServer/MyService[^]
By default any any one who know the URL can consume the service.
How i can set specified Set of client can consume the URL.
Also how can we assure no one can change the data between communication.
For eg: client send request for Balance Enquiry service with reponse 500 Rs but some one tried to change it to 500 Rs.
有安全的WCF服务的内置解决方案。
1.用户名/密码
2. SSL(HTTPS)连接
3.客户端证书
但是!首先阅读有关WCF安全性...使用Google ...
http://msdn.microsoft.com/en-us/library/dd728284(v = vs.110).aspx [ ^ ]
http://msdn.microsoft.com/en-us/library/ff650862.aspx [ ^ ]
http://msdn.microsoft.com/en-us/library/ms732362(v = vs.110 ).aspx [ ^ ]
还有更多...更多......
There is build-in solutions for secure WCF service.
1. Username/password
2. SSL (HTTPS) connection
3. Client-side certificate
But! First read about WCF security...Use Google...
http://msdn.microsoft.com/en-us/library/dd728284(v=vs.110).aspx[^]
http://msdn.microsoft.com/en-us/library/ff650862.aspx[^]
http://msdn.microsoft.com/en-us/library/ms732362(v=vs.110).aspx[^]
And there are more...much more...