Web Services Enhancements 3.0 Quick Start(一)

Web Services Enhancement的目的
      1、基于基本的Web Services
      2、满足企业级应用的需求Secure、reliable and transacted Web services
      3、保留Web Services得以成功的优点 Interoperability Ability to be implemented Add no more complexity than needed
这篇主要介绍WSE通过安全证书（Policy File）构建安全Web Service
     一、先定义安全证书（Policy File） 
     二、使用专有的Web service安全证书特性
具体步骤
     1、在vs2005中开一个Web Service项目
     2、运行WSE Settings 3.0 Tool
     3、通过WSE Settings 3.0 Tool打开Web Service项目的web.config
     4、选中Enable this project for web Service Enhancements

        5、选择Policy并Add，填写你证书的名字，我现在是使用ServicePolicy名称然后下一步
        6、然后的的向导界面就要重点讲述下在第一个选择项是标注你选择的服务还是客户，在第二个选择项中有四个选项

选项	说明
Anonymous	匿名访问
Username	需要包含用户名和密码的Usernametoken的安全令牌
Certificate	需要发送含有X509SecurityToken的安全令牌的X.509证书
Windows	需要发送含有KerberosToken的windows身份认证

    7、选择SOAP头的类型

选项	说明
None	SOAP消息应当在传输层（SSL协议）提供保护，WSE在传输层（SSL协议）不提供保护。
Sign-Only	SOAP消息必须签名
Sign and Encrypt	SOAP消息必须签名和SOAP消息体加密
Sign, Encrypt, Encrypt Signature	SOAP消息必须签名、消息体签名加密

8、完成
就能根据您的配置生成以下配置文件

< policies >
   < extensions >
     < extension name = " kerberosSecurity "
               type = " Microsoft.Web.Services3.Design.KerberosAssertion, Microsoft.Web.Services3, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35 "   />
     < extension name = " kerberos "
               type = " Microsoft.Web.Services3.Design.KerberosTokenProvider, Microsoft.Web.Services3, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35 "   />
     < extension name = " requireActionHeader "
               type = " Microsoft.Web.Services3.Design.RequireActionHeaderAssertion, Microsoft.Web.Services3, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35 "   />
   </ extensions >
   < policy name = " ServicePolicy " >
     < kerberosSecurity establishSecurityContext = " false "  signatureConfirmation = " false "  protectionOrder = " SignBeforeEncrypting "  deriveKeys = " false " >
       < protection >
         < request signatureOptions = " IncludeAddressing, IncludeTimestamp, IncludeSoapBody "  
                 encryptBody = " true "   />
         < response signatureOptions = " IncludeAddressing, IncludeTimestamp, IncludeSoapBody "  
                 encryptBody = " true "   />
         < fault signatureOptions = " IncludeAddressing, IncludeTimestamp, IncludeSoapBody "  
                 encryptBody = " false "   />
       </ protection >
     </ kerberosSecurity >
     < requireActionHeader  />
   </ policy >
</ policies >

9、应用在Web Service

using  System;
using  System.Web;
using  System.Web.Services;
using  System.Web.Services.Protocols;
using  Microsoft.Web.Services3;
using  Microsoft.Web.Services3.Design;

[WebService(Namespace  =   " http://www.contoso.com/ " )]
[WebServiceBinding(ConformsTo  =  WsiProfiles.BasicProfile1_1)]
[Policy( " ServicePolicy " )] 
public   class  Service : System.Web.Services.WebService
{
    public Service () {

    }

    [WebMethod]
    public string SayHello() {
        return "Hello World";
    }
    
}

小结
现在主要是建立服务器端的Policy File,以及使用，下次就介绍关于客户端建立Policy File以及使用

转载于:https://www.cnblogs.com/jiekeng/archive/2006/10/25/539962.html