duanmu2941 2011-02-16 20:01
浏览 63
已采纳

如何安全地在PHP和WCF之间进行通信

My system is based on .net. Their system is based on PHP. We want to exchange information for lookups and to add data to the respective databases. This has to be done securely and the two systems will be the only players in this game.

I've been doing some research but things related to security always throws me off. I have to admit that I'm having some trouble fully understanding what everything is in the config file (web.config in the WCF web service site).

Where do I start in ensuring that they transmit the data securely? Assuming I figure out the binding stuff, would they be sending a username and password that I will have to extract from their message? The client would be connecting to a https address.

  • 写回答

3条回答 默认 最新

  • douche3791 2011-02-16 21:07
    关注

    There are really a lot of ways to answer this...

    I assume their PHP app will be communicating to your WCF server with SOAP?

    So, WCF has 2 ways of securing things, at the Transport level or at the Message level. Basically if you turn on Transport level security, then it encrypts the entire connection. This means it would use HTTPS. This would in turn mean that the entire conversation is encrypted, just like if you were sending your credit card info to a web site in a web form. Its equally as secure. The alternative is Message level security. This means that instead of encrypting the entire connection, the communication will happen over plain unencrypted HTTP, but the actual message itself will be encrypted before being transmitted over the wire.

    If your service is hosted in IIS, then the easiest thing to do is just use the BasicHttpBinding and turn on Transport security. Then in IIS, have it use an SSL certificate and HTTPS.

    That would handle the message encryption. Past that, if you need to handle a 'login' as a username and password, WCF has a built in way to handle that. This might help: http://nirajrules.wordpress.com/2009/05/22/username-over-https-custombinding-with-wcf%E2%80%99s-channelfactory-interface/

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(2条)

报告相同问题?

悬赏问题

  • ¥15 素材场景中光线烘焙后灯光失效
  • ¥15 请教一下各位,为什么我这个没有实现模拟点击
  • ¥15 执行 virtuoso 命令后,界面没有,cadence 启动不起来
  • ¥50 comfyui下连接animatediff节点生成视频质量非常差的原因
  • ¥20 有关区间dp的问题求解
  • ¥15 多电路系统共用电源的串扰问题
  • ¥15 slam rangenet++配置
  • ¥15 有没有研究水声通信方面的帮我改俩matlab代码
  • ¥15 ubuntu子系统密码忘记
  • ¥15 保护模式-系统加载-段寄存器