Как я могу преобразовать эту конфигурацию клиента WCF app.config в код?

Мне предоставили следующую запись app.config, однако я хотел бы иметь ее в виде кода в своем приложении, чтобы лучше понять WCF.

Есть ли конвертер где-нибудь, или может кто-нибудь предоставить код. Спасибо.

 <system.serviceModel>
    <client>
      <endpoint name="QA" address="https://subdomain1.theirdomain.com/5067/Sample1"
      behaviorConfiguration="WSSecBehavior" binding="customBinding"
      bindingConfiguration="Soap11_Secure"
      contract="star.starTransportPortTypes" />
      <endpoint name="PROD" address="https://subdomain1.theirdomain.com/5067/Sample1"
      behaviorConfiguration="WSSecBehavior" binding="customBinding"
      bindingConfiguration="Soap11_Secure"
      contract="star.starTransportPortTypes" />
    </client>
    <bindings>
      <customBinding>
        <binding name="Soap11_Secure">
          <textMessageEncoding messageVersion="Soap11" />
          <security defaultAlgorithmSuite="Basic128Rsa15"
          allowSerializedSigningTokenOnReply="true"
          authenticationMode="MutualCertificate"
          messageProtectionOrder="SignBeforeEncrypt"
          messageSecurityVersion="WSSecurity10WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10">
          </security>
          <httpsTransport maxBufferSize="5000000"
          maxReceivedMessageSize="5000000" />
        </binding>
      </customBinding>
    </bindings>
    <behaviors>
      <endpointBehaviors>
        <behavior name="WSSecBehavior">
          <clientCredentials>
            <clientCertificate storeLocation="CurrentUser"
            storeName="My" x509FindType="FindBySubjectName"
            findValue="*.mydomain.org.uk" />
            <serviceCertificate>
              <!-- you my have to add this if your client cannot check revocations -->
              <authentication revocationMode="NoCheck" />
              <scopedCertificates>
                <add targetUri="https://subdomain1.theirdomain.com/Sample1"
                storeName="AddressBook"
                x509FindType="FindBySubjectName"
                findValue="subdomain1.theirdomain.com" />
              </scopedCertificates>
            </serviceCertificate>
          </clientCredentials>
        </behavior>
      </endpointBehaviors>
    </behaviors>
  </system.serviceModel>

Пока у меня это:

    Dim asbe As New Channels.AsymmetricSecurityBindingElement

    asbe.MessageSecurityVersion = MessageSecurityVersion.WSSecurity10WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10
    asbe.DefaultAlgorithmSuite = Security.SecurityAlgorithmSuite.Basic128Rsa15  'By default, AES-128 is used as the encryption algorithm.
    asbe.AllowSerializedSigningTokenOnReply = True
    asbe.InitiatorTokenParameters = New ServiceModel.Security.Tokens.X509SecurityTokenParameters
    asbe.RecipientTokenParameters = New ServiceModel.Security.Tokens.X509SecurityTokenParameters
    asbe.MessageProtectionOrder = Security.MessageProtectionOrder.SignBeforeEncrypt

    'Add the elements to the custom binding
    Dim myBinding As New CustomBinding

    'element order is important - see http://msdn.microsoft.com/en-us/library/ms733893(v=vs.90).aspx

    'Protocol Binding Elements (security)
    myBinding.Elements.Add(asbe)

    'Encoding Binding Element  
    myBinding.Elements.Add(New TextMessageEncodingBindingElement(MessageVersion.Soap11, System.Text.Encoding.UTF8))

    'Transport Binding Element
    Dim httpsBindingElement As New HttpsTransportBindingElement()
    httpsBindingElement.MaxBufferSize = 5000000
    httpsBindingElement.MaxReceivedMessageSize = 5000000

    myBinding.Elements.Add(httpsBindingElement)

    Dim epi As EndpointIdentity = EndpointIdentity.CreateDnsIdentity("subdomain.theirdomain.com")

    Dim epuri As Uri = New Uri("https://subsomain1.theirdomain.com/5067/ProcessRepairOrder")
    Dim ea As New EndpointAddress(epuri, epi, New AddressHeaderCollection)

    ' Create the client. 
    Dim starClientProxy As New wcfStarServiceProxy.starTransportPortTypesClient(myBinding, ea)

    ' Specify a certificate to use for authenticating the client.

    starClientProxy.ClientCredentials.ClientCertificate.SetCertificate(StoreLocation.CurrentUser, StoreName.My, X509FindType.FindBySubjectName, "*.mydomain.org.uk")
    starClientProxy.ClientCredentials.ServiceCertificate.SetDefaultCertificate(StoreLocation.CurrentUser, StoreName.AddressBook, X509FindType.FindBySubjectName, "subdomain.theirdomain.com")

    ' Begin using the client.

    Dim response As wcfStarServiceProxy.AcknowledgeRepairOrderPayload = starClientProxy.ProcessMessage(payload)

Я не уверен, что еще мне нужно сделать. Я не могу найти, как установить authenticationMode="MutualCertificate" в элементе AsymmetricSecurityBindingElement.

Кроме того, есть ли какие-либо инструменты для преобразования между кодом и конфигурацией и обратно?


.net wcf-client soap app-config ws-security
person Mr Shoubs    schedule 01.06.2012    source источник

Ответы (2)


arrow_upward
1
arrow_downward

не создавайте AsymmetricSecurityBindingElement напрямую. вместо этого используйте что-то вроде этого:

SecurityBindingElement.CreateMutualCertificateBindingElement
person Yaron Naveh    schedule 01.06.2012
comment
В чем разница? - Я получил это с помощью метода выше. Если я использую предложенный вами метод, я не могу установить AllowSerializedSigningTokenOnReply. InitiatorTokenParameters, RecipientTokenParameters, MessageProtectionOrder. - person Mr Shoubs; 01.06.2012

arrow_upward
1
arrow_downward

Это сработало:

Dim asbe As New Channels.AsymmetricSecurityBindingElement

asbe.MessageSecurityVersion = MessageSecurityVersion.WSSecurity10WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10

asbe.DefaultAlgorithmSuite = Security.SecurityAlgorithmSuite.Basic128Rsa15  'By default, AES-128 is used as the encryption algorithm.

asbe.AllowSerializedSigningTokenOnReply = True

asbe.InitiatorTokenParameters = New ServiceModel.Security.Tokens.X509SecurityTokenParameters
asbe.RecipientTokenParameters = New ServiceModel.Security.Tokens.X509SecurityTokenParameters

asbe.MessageProtectionOrder = Security.MessageProtectionOrder.SignBeforeEncrypt

asbe.SetKeyDerivation(False)

'Add the elements to the custom binding
Dim myBinding As New CustomBinding

'element order is important - see http://msdn.microsoft.com/en-us/library/ms733893(v=vs.90).aspx

'Protocol Binding Elements (security)
myBinding.Elements.Add(asbe)

'Encoding Binding Element  
myBinding.Elements.Add(New TextMessageEncodingBindingElement(MessageVersion.Soap11, System.Text.Encoding.UTF8))

'Transport Binding Element
Dim httpsBindingElement As New HttpsTransportBindingElement()
'httpsBindingElement.RequireClientCertificate = True
httpsBindingElement.MaxBufferSize = 5000000
httpsBindingElement.MaxReceivedMessageSize = 5000000

myBinding.Elements.Add(httpsBindingElement)

Dim ea As New EndpointAddress("https://subdomain.theirdomain.com/5067/ProcessRepairOrder")

' Create the client. 
Dim starClientProxy As New VHC.Server.FordWarehouse2.ServiceReference1.starTransportPortTypesClient(myBinding, ea)

' Specify a certificate to use for authenticating the client.

starClientProxy.ClientCredentials.ClientCertificate.SetCertificate(StoreLocation.CurrentUser, StoreName.My, X509FindType.FindBySubjectName, "*.mydomain.org.uk")

starClientProxy.ClientCredentials.ServiceCertificate.SetDefaultCertificate(StoreLocation.CurrentUser, StoreName.AddressBook, X509FindType.FindBySubjectName, "subdomain.theirdomain.com")

' Begin using the client.
Dim response As VHC.Server.FordWarehouse2.ServiceReference1.AcknowledgeRepairOrderPayload = starClientProxy.ProcessMessage(payload)
person Mr Shoubs    schedule 01.06.2012