1. 首页
  2. 问答
  3. 指定签名时加密WCF消息(net.msmq)

指定签名时加密WCF消息(net.msmq)

2011-03-29 25 views
0

我正在使用WCF通过MSMQ(net.msmq协议)发送消息。 BizTalk服务器收到消息并处理它,一切进展顺利。但是,当我查看SVCLOG时,当我将MsmqProtectionLevel专门设置为Sign时,我看到该消息已加密。指定签名时加密WCF消息(net.msmq)

是否有其他人看到过这种行为?是否有可能停止加密?我的一些消息超过1MB,加密使事情变得非常缓慢。

在此先感谢!

ChannelFactory<OnRampEntry> Factory 
    { 
    get 
    { 
     if (factory == null) 
     { 
      lock (this) 
      { 
       if (factory == null) 
       { 
       var uri = ResolveQueueName(new Uri(Url)); 
       var identity = EndpointIdentity.CreateDnsIdentity(BizTalkIdentity); 
       var binding = new NetMsmqBinding(NetMsmqSecurityMode.Both) 
       { 
        DeadLetterQueue = DeadLetterQueue.System, 
        ExactlyOnce = true 
       }; 
       binding.Security.Message.ClientCredentialType = MessageCredentialType.Certificate; 
       binding.Security.Transport.MsmqProtectionLevel = System.Net.Security.ProtectionLevel.Sign; 
       binding.Security.Transport.MsmqAuthenticationMode = MsmqAuthenticationMode.WindowsDomain; 
       binding.Security.Transport.MsmqSecureHashAlgorithm = MsmqSecureHashAlgorithm.Sha1; 
       factory = new ChannelFactory<OnRampEntry>(binding, new EndpointAddress(uri, identity, (AddressHeaderCollection) null)); 
       factory.Endpoint.Behaviors.Add(new LogonCertificateBehavior()); 
       factory.Credentials.ServiceCertificate.SetDefaultCertificate(StoreLocation.LocalMachine, StoreName.TrustedPeople, X509FindType.FindBySubjectName, BizTalkIdentity); 
       factory.Open(); 
       } 
      } 
     } 
     return factory; 
    } 
    } 

    /// <summary> 
    /// MSMQ does not allow a DNS alias to be used in a queue name, e.g. "net.msmq://alias/private$/queue". 
    /// <b>ResolveQueueName</b> will tranlsate an alias to its actual machine name. 
    /// </summary> 
    /// <param name="uri"></param> 
    /// <returns></returns> 
    Uri ResolveQueueName(Uri uri) 
    { 
    var hostName = uri.DnsSafeHost; 

    try 
    { 
     var hostEntry = Dns.GetHostEntry(hostName); 
     var resolved = new Uri(uri.ToString().Replace(hostName, hostEntry.HostName)); 

     if (log.IsDebugEnabled) 
      log.Debug(string.Format("Resolved '{0}' to '{1}'.", uri, resolved)); 
     return resolved; 
    } 
    catch (SocketException e) 
    { 
     if (e.SocketErrorCode == SocketError.HostNotFound) 
      return uri; 
     throw e; 
    } 
    }

来源

2011-03-29 Richard Schneider

回答

1

消息被加密的原因是使用NetMsmqSecurityMode.Both - 传输和消息安全。

var binding = new NetMsmqBinding(NetMsmqSecurityMode.Both)

在传输层,在配置上面采用

binding.Security.Transport.MsmqProtectionLevel = System.Net.Security.ProtectionLevel.Sign;

展望WCF记录它是不可能的,看看有什么被设置在传输层,如消息级加密到位。

不幸的是,这并没有回答如何在不使用证书来加密邮件正文的情况下签署邮件(使用X.509证书)的问题。

来源

2011-04-04 02:57:27 Kevin

相关问题

 相关问题