使用 NetTcpBinding 在 WCF 中进行 Windows 身份验证/加密
我正在尝试了解 Windows 身份验证/加密如何与 WCF 中的 NetTcpBinding 配合使用.我需要确切地知道使用什么加密算法来加密通过线路传输的数据(以及一些证明它的文档).如果客户端和/或主机不在域中,Windows 身份验证/加密仍然有效吗?
I'm trying to understand how windows authentication / encryption works with the NetTcpBinding in WCF. I need to know exactly what encryption algorithm is used to encrypt the data going across the wire (and some documentation to prove it). Will windows authentication / encryption still work if the client and or host is not on a domain?
使用 Windows 凭据的 netTcpBinding 要求调用方和服务位于同一域中 - 或至少位于相互信任的域中.否则,服务器将无法验证 Windows 凭据并拒绝服务调用.
The netTcpBinding using Windows Credentials requires the caller and the service to be on the same domain - or at least on mutually trusting domains. Otherwise, the server won't be able to verify the Windows credentials and will refuse the service call.
至于加密:您甚至可以挑选您想要的!:-) TripleDES、AES - 随你命名,也有不同的密钥长度.
As for encryption : you can even pick and choose which one you'd like ! :-) TripleDES, AES - you name it, with varying key lengths, too.
请参阅 WCF 安全基础文章 -它讨论了安全和加密的所有方面;另请参阅 Securing Services 上的 MSDN 文档,其中有更详细的介绍;可以在此处找到一个很好的概述,其中显示了basicHttp 传输安全元素的属性.
See the Fundamentals of WCF Security article - it talks about all aspects of security and encryption; also see the MSDN Docs on Securing Services which goes into some more detail; a good overview can be found here showing the properties of the basicHttp transport security element.