问题描述

我具有通过Internet进行netTCP绑定的发布者-订阅者类型的服务体系结构.

如何使服务与服务之间的通信安全?订阅的客户.目前，我正在验证用户名&的开发环境中的安全模式=邮件".使用自定义验证的密码.

I have publisher-subscriber kind of service architecture with netTCPbinding over the internet.

How can I make communication secure between service & subscribed client. currently I have security mode = "message" in development environment I am validating username & password using custom validation.

<netTcpBinding>
       <binding name="netTcpBindingConfiguration" receiveTimeout="00:10:00">
         <reliableSession enabled="true" ordered="true" inactivityTimeout="00:10:00" />
         <security mode="Message">
           <transport clientCredentialType="None" protectionLevel="None" />
           <message clientCredentialType="UserName"/>
         </security>
       </binding>
     </netTcpBinding>

这是示例用户名验证器类

Here is the sample username validator class

class UserNamePassValidator : System.IdentityModel.Selectors.UserNamePasswordValidator
   {
       public override void Validate(string userName, string password)
       {
           if(  userName==null ||  password==null)
           {
               throw new ArgumentNullException();
           }

           if (!(userName == "test" && password == "test") )
           {
               throw new FaultException("Incorrect Username or Password");
           }
       }
   }

-
我需要某种加密来加密消息通信吗? netTcpBinding是在Internet上的正确选择吗?实际上，我需要使用回调联系人从wcf客户端获取一些数据，因此绑定的选择有限.

--
Do I need some kind of encryption to encrypt the message communication. Does netTcpBinding is right choice over the internet? Actually I need to get some data back from wcf client using callback contact so I only have limited choice of bindings.

推荐答案

这篇关于安全的netTCP绑定的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！