在 WCF 中使用自定义绑定并使用用户名客户端凭据保持消息安全模式？

我知道这不是您寻找的答案，但这是我的配置。 我使用带有

UserNameOverTransport

它可能会为您提供有关需要更改哪些内容才能启动和运行的线索。

<customBinding>
    <binding name="MyCustomHttpBinding" receiveTimeout="00:20:00" sendTimeout="00:20:00">
        <security authenticationMode="UserNameOverTransport">
            <localServiceSettings maxClockSkew="Infinite" />
        </security>
        <mtomMessageEncoding maxBufferSize="2097152" messageVersion="Soap12" >
            <readerQuotas maxStringContentLength="2097152"/>
        </mtomMessageEncoding>
        <httpsTransport maxBufferSize="2097152" maxReceivedMessageSize="1073741824" transferMode="Streamed" />
    </binding>
</customBinding>

请记住，我使用 MTOM 编码，就我而言，它更适合我的场景。

将 secureConversationBootstrap 设置为 UserNameForSslNegotiated。尝试类似于下面的绑定的操作。

<bindings>
<customBinding>
  <binding name="wss-username-binary">
    <transactionFlow/>

    <security 
authenticationMode="SecureConversation" 
messageSecurityVersion="WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10">

      <secureConversationBootstrap 
authenticationMode="UserNameForSslNegotiated" 
messageSecurityVersion="WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10" />
    </security>

      <binaryMessageEncoding />
    <httpTransport/>
  </binding>
</customBinding>
</bindings>

试试这个，它可能会对你有更多帮助——它有自定义绑定、自定义安全性和证书。

            <endpoint address="mex"
                      binding="mexHttpBinding"
                      contract="IMetadataExchange" />

        </service>

    </services>
    <bindings>
        <wsHttpBinding>

            <binding name="CommonBinding" maxReceivedMessageSize ="2147483647">
                <readerQuotas maxDepth="2147483647" maxStringContentLength="2147483647"
                              maxArrayLength="2147483647" maxBytesPerRead="2147483647"
                              maxNameTableCharCount="2147483647" />

                <security mode="Message">
                    <message clientCredentialType="UserName"  />
                </security>
            </binding>

        </wsHttpBinding>
    </bindings>
    <behaviors>
        <serviceBehaviors>
            <behavior name="myServiceBehavior">

                <serviceCredentials>

                    <userNameAuthentication userNamePasswordValidationMode="Custom" customUserNamePasswordValidatorType="Custom.Security.CustomUserNameValidator, Custom.Security" />
                    <clientCertificate>
                        <authentication certificateValidationMode= "PeerOrChainTrust"  />
                    </clientCertificate>
                    <serviceCertificate findValue="CertName" storeLocation="LocalMachine" storeName="My" x509FindType="FindBySubjectName" />
                </serviceCredentials>

                <serviceMetadata httpGetEnabled="True"/>
                <serviceAuthorization principalPermissionMode="Custom">
                    <authorizationPolicies>
                        <add policyType="Custom.Security.AuthorizationPolicy, Custom.Security" />
                    </authorizationPolicies>
                </serviceAuthorization>
            </behavior>
        </serviceBehaviors>
    </behaviors>
</system.serviceModel>