WCF是.net框架中的一个部分,是面向服务编程的一种技术方式,和以往的webservice技术不同的是,它是microsoft希望的集大成者,希望也确实是综合了以往的webservice技术。
WCF的服务是.svc为后缀的文件,宿主既可以是IIS,控制台程序,也还有各种各种多样的。开发的时候一般是用控制台程序控制和开发.
寄宿在IIS7上的WCF服务,暴露在endpoint下的是有一个.svc服务,一个web.config配置文件
IIS全过程:
client------proxy class------(endpoint)------host(web.config+.svc)------service
WCF拥有两种配置服务的方法:
这些在MSDN上都有具体的说明
配置文件:
有endpoint+binding+serviceBehavior
endpoint:service暴露给client端得就叫endpoint
binding:client和service的连接通道的规则就叫binding
其中包含很多种binding,大概有20几种,有的按照传输方式分:HTTPbinding,TCPBinding,有的按照安全性分:WS2007Binding等等,还有一种是最常用的:customerBinding,就是客户自定义的binding
serviceBehavior:服务执行前所自动做的操作
在HTTPS的传输协议上,有一种securityToken的传输方式:
这种传输方式是一种比较复杂的方式,简而言之,client端先向STS请求Token,然后使用Token和Service进行通信
The prevIoUs diagram shows a claims-aware Web service (the relying party application) and a smart client that wants to use that service. The RP exposes a policy that describes its addresses,bindings,and contracts. But the policy also includes a list of claims that the RP needs,such as user name,e-mail address,and role memberships. The policy also tells the smart client the address of the STS from which it should retrieve these claims. After retrieving this policy (1),the client Now kNows where to go to authenticate: the STS. The user presents credentials (2) and the smart client makes a web service request (3) to the STS,requesting the claims that the RP asked for in its policy. The job of the STS is to authenticate the user and return a security token that gives the RP all of the claims it needs. The smart client then makes its request to the relying party (4),sending the security token along in the security SOAP header. The RP Now receives claims with each request,and simply rejects any requests that don’t include a security token from the issuing authority that it trusts.
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 [email protected] 举报,一经查实,本站将立刻删除。
