问题描述
我花了很多时间弄清楚如何配置我的 WCF 服务,以便它们可以在生产环境中为 https 工作.
I spent a lot of time figuring out how to configure my WCF services so that they would work for https in the production environment.
基本上,我需要这样做:
Basically, I needed to do this:
<behaviors>
<serviceBehaviors>
<behavior name="MyServiceBehavior">
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
</behavior>
</serviceBehaviors>
</behaviors>
<serviceHostingEnvironment multipleSiteBindingsEnabled="true" aspNetCompatibilityEnabled="true" />
<services>
<service name="MyNamespace.MyService" behaviorConfiguration="MyServiceBehavior">
<endpoint address="" bindingNamespace="https://secure.mydomain.com" binding="basicHttpBinding" bindingConfiguration="HttpsBinding" contract="MyNamespace.IMyService"/>
</service>
</services>
<bindings>
<basicHttpBinding>
<binding name="HttpsBinding">
<security mode="Transport">
<transport clientCredentialType="None"></transport>
</security>
</binding>
</basicHttpBinding>
</bindings>
将 bindingNamespace 属性添加到端点是使其工作的最后一件事.
Adding the bindingNamespace attribute to the endpoint is the final thing that made it work.
但是这个配置在我在常规 http 下工作的本地开发环境中不起作用.所以我的配置是:
But this config doesn't work in my local dev environment where I'm working under regular http. So my config there is:
<behaviors>
<serviceBehaviors>
<behavior name="MyServiceBehavior">
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="false" />
<serviceDebug includeExceptionDetailInFaults="true" />
</behavior>
</serviceBehaviors>
</behaviors>
<serviceHostingEnvironment multipleSiteBindingsEnabled="true" aspNetCompatibilityEnabled="true" />
<services>
<service name="MyNamespace.MyService" behaviorConfiguration="MyServiceBehavior">
<endpoint address="" binding="basicHttpBinding" contract="MyNamespace.IMyService"/>
</service>
</services>
这里的不同之处在于我将 httpsGetEnabled 属性设置为 false,并删除了 bindingConfiguration 和 bindingNamespace.
The differences here are that I've set the httpsGetEnabled attribute to false, and I removed the bindingConfiguration and bindingNamespace.
问题是:如何创建一个可以同时处理这两种情况的配置块?
我真的很讨厌每次发布时都必须对配置进行大量特殊修改.是的,我知道我可以有一个自动更改值的构建后任务,但如果可能,我想合并配置.
I really hate having to make lots of special modifications to the config every time I do a release. Yes, I know I could have a post-build task that automatically changes the values, but I'd like to merge the configs if possible.
我尝试过这样的事情:
<behaviors>
<serviceBehaviors>
<behavior name="MyServiceBehavior">
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
</behavior>
</serviceBehaviors>
</behaviors>
<serviceHostingEnvironment multipleSiteBindingsEnabled="true" aspNetCompatibilityEnabled="true" />
<services>
<service name="MyNamespace.MyService" behaviorConfiguration="MyServiceBehavior">
<endpoint address="" binding="basicHttpBinding" contract="MyNamespace.IMyService"/>
<endpoint address="" bindingNamespace="https://secure.mydomain.com" binding="basicHttpBinding" bindingConfiguration="HttpsBinding" contract="MyNamespace.IMyService"/>
</service>
</services>
<bindings>
<basicHttpBinding>
<binding name="HttpsBinding">
<security mode="Transport">
<transport clientCredentialType="None"></transport>
</security>
</binding>
</basicHttpBinding>
</bindings>
我认为在激活服务时放置两个端点会给它两个选择.但是,这不起作用.我收到此错误:
I figured that putting both endpoints would give it two options to look for when activating the service. However, this doesn't work. I get this error:
无法找到与具有绑定 BasicHttpBinding 的端点的方案 https 匹配的基地址.注册的基地址方案是 [http].
环顾 SO 和互联网的其他部分,似乎其他人在杀死这条龙时遇到了问题.
From looking around SO and the rest of the internet, it appears that others have had problems slaying this dragon.
推荐答案
嗯,你的组合配置的一个问题是你的两个端点在同一个地址 - 这不起作用.
Well, one problem with your combined config is that your two endpoints are on the same address - that won't work.
如果您在 IIS 中托管,那么您的服务器、虚拟目录和所需的 *.svc 文件将确定您的基本地址 - 类似于:
If you're hosting in IIS, then your server, virtual directory and the *.svc file needed will determine your basic address - it'll be something like:
http://yourservername/VirtualDirectory/YourService.svc
如果你想有两个端点,至少其中一个需要定义一个相对地址:
If you want to have two endpoints, at least one of them needs to define a relative address:
<services>
<service name="MyNamespace.MyService"
behaviorConfiguration="MyServiceBehavior">
<endpoint
address="basic"
binding="basicHttpBinding"
contract="MyNamespace.IMyService"/>
<endpoint
address="secure"
binding="basicHttpBinding" bindingConfiguration="HttpsBinding"
contract="MyNamespace.IMyService"/>
</service>
</services>
在这种情况下,您将打开 HTTP 端点:
In this case, you'd have your HTTP endpoint on:
http://yourservername/VirtualDirectory/YourService.svc/basic
以及您的安全 HTTPS 端点:
and your secure HTTPS endpoint on:
https://yourservername/VirtualDirectory/YourService.svc/secure
此外:您的安全端点使用 HttpsBinding 配置 - 但您缺少这样的绑定配置 - 您所拥有的只是:
Furthermore: your secure endpoint uses a HttpsBinding configuration - but you're lacking such a binding configuration - all you have is:
<bindings>
<basicHttpBinding>
<binding name="HttpBinding">
<security mode="None">
<transport clientCredentialType="None"></transport>
</security>
</binding>
</basicHttpBinding>
</bindings>
需要添加HttpsBinding配置!!
<bindings>
<basicHttpBinding>
<binding name="HttpBinding">
<security mode="None">
<transport clientCredentialType="None"></transport>
</security>
</binding>
<binding name="HttpsBinding">
<security mode="Transport">
<transport clientCredentialType="Windows" />
</security>
</binding>
</basicHttpBinding>
</bindings>
这篇关于如何在一个 web.config 中结合 http 和 https 的 WCF 服务配置?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!