Wcf WSHttpBinding，客户端身份验证_Wcf_Wshttpbinding_Wcf Authentication

Wcf WSHttpBinding，客户端身份验证

wcf

Wcf WSHttpBinding，客户端身份验证,wcf,wshttpbinding,wcf-authentication,Wcf,Wshttpbinding,Wcf Authentication,我不熟悉wcf并使用wshttpbinding，但我想从服务客户端删除用户名和密码（我必须通过），我的客户代码是 RServiceClient serviceClient = new RServiceClient(); serviceClient.ClientCredentials.Windows.ClientCredential.UserName = "UserName"; serviceClient.ClientCredentials.Windows.ClientCredential.Pa

我不熟悉wcf并使用wshttpbinding，但我想从服务客户端删除用户名和密码（我必须通过），我的客户代码是

RServiceClient serviceClient = new RServiceClient();
serviceClient.ClientCredentials.Windows.ClientCredential.UserName = "UserName";
serviceClient.ClientCredentials.Windows.ClientCredential.Password = "Password";

我不想传递这个用户名和密码

我的客户端app.config是：

     <binding name="WSHttpBinding_IRService" 
              closeTimeout="00:01:00"
              openTimeout="00:01:00" 
              receiveTimeout="00:10:00" 
              sendTimeout="00:01:00"
              bypassProxyOnLocal="false" 
              transactionFlow="false"    
              hostNameComparisonMode="StrongWildcard"
              maxBufferPoolSize="524288" 
              maxReceivedMessageSize="65536"
              messageEncoding="Text" 
              textEncoding="utf-8" 
              useDefaultWebProxy="true"
              allowCookies="false">
              <readerQuotas maxDepth="32" 
                            maxStringContentLength="8192" 
                            maxArrayLength="16384"
                            maxBytesPerRead="4096" 
                            maxNameTableCharCount="16384" />
              <reliableSession ordered="true" 
                               inactivityTimeout="00:10:00"
                               enabled="false" />
              <security mode="Message">
               <transport clientCredentialType="Windows" 
                          proxyCredentialType="None"
                          realm="" />
               <message clientCredentialType="Windows"                    
                        negotiateServiceCredential="true"
                        algorithmSuite="Default" />
              </security>
            </binding>

rite now服务托管在web中。 service.config或客户端app.config是否有任何更改。谷歌搜索后，我的弱知识是，改变应该是客户端，但我无法做到这一点-(

注意：我的合同也需要会话。

thanx提前。

您需要在服务器端更改web.config，在刷新web引用后，您的客户端web.config将自动更新。如果您不想使用登录/密码，我可以建议您设置相互证书身份验证

这种方法是安全的，并且可以与其他WS-Stack（eq.JavaCXF，…）进行互操作

对于相互认证：您将需要一个X.509证书，以允许客户端确保服务器确实是假装的服务器，并在客户端使用另一个X.509证书

以下是web.config的示例，更多信息请访问：

这就是我要问的，service.config中有什么变化？这是我的配置。

   <?xml version="1.0" encoding="utf-8"?>
<configuration>
  <system.serviceModel>
    <behaviors>
      <serviceBehaviors>
        <behavior name="serviceCredentialBehavior">
          <serviceCredentials>
            <serviceCertificate findValue="Contoso.com" 
                                storeLocation="LocalMachine"
                                storeName="My" 
                                x509FindType="FindBySubjectName" />
          </serviceCredentials>
        </behavior>
      </serviceBehaviors>
    </behaviors>
    <services>
      <service behaviorConfiguration="serviceCredentialBehavior" 
               name="ServiceModel.Calculator">
        <endpoint address="http://localhost/Calculator" 
                  binding="wsHttpBinding"
                  bindingConfiguration="InteropCertificateBinding"
                  name="WSHttpBinding_ICalculator"
                  contract="ServiceModel.ICalculator" />
      </service>
    </services>
    <bindings>
      <wsHttpBinding>
        <binding name="InteropCertificateBinding">
          <security mode="Message">
            <message clientCredentialType="Certificate"
                     negotiateServiceCredential="false"
                     establishSecurityContext="false" />
          </security>
        </binding>
      </wsHttpBinding>
    </bindings>
    <client />
  </system.serviceModel>
</configuration>