TimeStampHasCreationTimeInFuture in WCF Security 2
Posted in .NET Framework // Posted at 2013. 5. 23. 16:03
<system.serviceModel>
<services>
<service name="WCFTestServices.Service1" behaviorConfiguration="MyServiceBehavior">
<endpoint contract="WCFTestServices.IService1" address="" binding="customBinding" bindingConfiguration="MyCustomBinding" />
<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" />
</service>
</services>
<bindings>
<!--
<wsHttpBinding>
<binding receiveTimeout="00:10:00">
<security mode="Message">
<message clientCredentialType="UserName" negotiateServiceCredential="true" />
</security>
<readerQuotas maxArrayLength="5242880" maxStringContentLength="10485760" maxBytesPerRead="20971520" />
</binding>
</wsHttpBinding>
-->
<customBinding>
<binding name="MyCustomBinding">
<textMessageEncoding />
<security authenticationMode="UserNameForCertificate">
<localClientSettings maxClockSkew="01:00:00" />
<localServiceSettings maxClockSkew="01:00:00" />
<secureConversationBootstrap>
<localClientSettings maxClockSkew="01:00:00" />
<localServiceSettings maxClockSkew="01:00:00" />
</secureConversationBootstrap>
</security>
<httpTransport />
</binding>
</customBinding>
</bindings>
<behaviors>
<serviceBehaviors>
<behavior name="MyServiceBehavior">
<serviceMetadata httpGetEnabled="True" httpsGetEnabled="True" />
<serviceDebug includeExceptionDetailInFaults="False" />
<serviceSecurityAudit auditLogLocation="Application" serviceAuthorizationAuditLevel="Failure" messageAuthenticationAuditLevel="Failure" />
<serviceCredentials>
<userNameAuthentication userNamePasswordValidationMode="Custom" customUserNamePasswordValidatorType="WCFTestServices.CustomUserNameValidator, WCFTestServices" />
<serviceCertificate findValue="CN=wcftest.webzen.com" storeLocation="LocalMachine" storeName="My" />
</serviceCredentials>
</behavior>
</serviceBehaviors>
</behaviors>
</system.serviceModel>
참고로 클라이언트에서 서버 인증서 루트 인증 기관 체인 유효성 체크 안하게 할려면 아래와 같이...
<behaviors>
<endpointBehaviors>
<behavior name="MyEndpointBehavior">
<clientCredentials>
<serviceCertificate>
<authentication certificateValidationMode="None" />
</serviceCertificate>
</clientCredentials>
</behavior>
</endpointBehaviors>
</behaviors>
'.NET Framework' 카테고리의 다른 글
Security in OAuth (4) | 2013.05.29 |
---|---|
Bit Flag of Enum (4) | 2013.05.28 |
TimeStampHasCreationTimeInFuture in WCF Security (4) | 2013.05.14 |
serviceThrottling in WCF (4) | 2013.05.13 |
Stored Procedure return value in Entity Framework (4) | 2013.05.09 |