TimeStampHasCreationTimeInFuture in WCF Security 2

 

<system.serviceModel>
    <services>     
      <service name="WCFTestServices.Service1" behaviorConfiguration="MyServiceBehavior">

        <endpoint contract="WCFTestServices.IService1" address="" binding="customBinding" bindingConfiguration="MyCustomBinding" />
        <endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" />

      </service>
    </services>

    
    <bindings>     
      <!--
      <wsHttpBinding>
        <binding receiveTimeout="00:10:00">            
          <security mode="Message">
            <message clientCredentialType="UserName" negotiateServiceCredential="true" />
          </security>
          <readerQuotas maxArrayLength="5242880" maxStringContentLength="10485760" maxBytesPerRead="20971520" />
        </binding>
      </wsHttpBinding>
      -->
      <customBinding>
        <binding name="MyCustomBinding">
          <textMessageEncoding />
          <security authenticationMode="UserNameForCertificate">
            <localClientSettings maxClockSkew="01:00:00" />
            <localServiceSettings maxClockSkew="01:00:00" />
            <secureConversationBootstrap>
              <localClientSettings maxClockSkew="01:00:00" />
              <localServiceSettings maxClockSkew="01:00:00" />
            </secureConversationBootstrap>
          </security>
          <httpTransport />
        </binding>
      </customBinding>

    </bindings>    

    <behaviors>
      <serviceBehaviors>
        <behavior name="MyServiceBehavior">          
          <serviceMetadata httpGetEnabled="True" httpsGetEnabled="True" />
          <serviceDebug includeExceptionDetailInFaults="False" />         
          <serviceSecurityAudit auditLogLocation="Application" serviceAuthorizationAuditLevel="Failure" messageAuthenticationAuditLevel="Failure" />
          <serviceCredentials>
            <userNameAuthentication userNamePasswordValidationMode="Custom" customUserNamePasswordValidatorType="WCFTestServices.CustomUserNameValidator, WCFTestServices" />           
            <serviceCertificate findValue="CN=wcftest.webzen.com"  storeLocation="LocalMachine" storeName="My" />
          </serviceCredentials>
        </behavior>
      </serviceBehaviors>     
    </behaviors>

  </system.serviceModel>

 

 

참고로 클라이언트에서 서버 인증서 루트 인증 기관 체인 유효성 체크 안하게 할려면 아래와 같이...

<behaviors>
        <endpointBehaviors>
          <behavior name="MyEndpointBehavior">
            <clientCredentials>
              <serviceCertificate>
                <authentication certificateValidationMode="None" />
              </serviceCertificate>
            </clientCredentials>          
          </behavior>
        </endpointBehaviors>
      </behaviors>