从开发的角度比较 ASP.NET Web 服务与 WCFComparing ASP.NET Web Services to WCF Based on Development

Windows Communication Foundation (WCF)具有 ASP.NET 兼容模式选项,可对 WCF 应用程序进行编程和配置(如 ASP.NET Web 服务)并模拟它们的行为。Windows Communication Foundation (WCF) has an ASP.NET compatibility mode option to enable WCF applications to be programmed and configured like ASP.NET Web services, and mimic their behavior. 以下各节基于使用这两种技术开发应用程序所需的内容,对 ASP.NET Web 服务和 WCF 进行比较。The following sections compare ASP.NET Web services and WCF based on what is required to develop applications using both technologies.

数据表示形式Data Representation

一般情况下,使用 ASP.NET 开发 Web 服务首先要定义服务要使用的任意复杂数据类型。The development of a Web service with ASP.NET typically begins with defining any complex data types the service is to use. ASP.NET 依赖于 XmlSerializer 将由 .NET Framework 类型表示的数据转换为 XML,以便与服务进行相互传输并将以 XML 形式接收的数据转换为 .NET Framework 对象。ASP.NET relies on the XmlSerializer to translate data represented by .NET Framework types to XML for transmission to or from a service and to translate data received as XML into .NET Framework objects. 定义 ASP.NET 服务要使用的复杂数据类型需要使用 .NET Framework 类的定义,这些类可由 XmlSerializer 序列化为 XML 或从 XML 进行反序列化。Defining the complex data types that an ASP.NET service is to use requires the definition of .NET Framework classes that the XmlSerializer can serialize to and from XML. 这些类可以手动编写,或者使用命令行 XML 架构/数据类型支持实用工具 xsd.exe 从 XML 架构中的类型定义生成。Such classes can be written manually, or generated from definitions of the types in XML Schema using the command-line XML Schemas/Data Types Support Utility, xsd.exe.

下面是定义可由 XmlSerializer 序列化为 XML 或从 XML 序列化的 .NET Framework 类时需要了解的关键问题列表:The following is a list of key issues to know when defining .NET Framework classes that the XmlSerializer can serialize to and from XML:

  • 只有 .NET Framework 对象的公共字段和属性才能转换为 XML。Only the public fields and properties of .NET Framework objects are translated into XML.

  • 仅当集合类实现 IEnumerableICollection 接口时才能将集合类的实例序列化为 XML。Instances of collection classes can be serialized into XML only if the classes implement either the IEnumerable or ICollection interface.

  • 实现 IDictionary 接口的类,如 Hashtable,不能序列化为 XML。Classes that implement the IDictionary interface, such as Hashtable, cannot be serialized into XML.

  • System.Xml.Serialization 命名空间中的许多属性类型均可添加到 .NET Framework 类及其成员中,用于控制类实例的 XML 表示方式。The great many attribute types in the System.Xml.Serialization namespace can be added to a .NET Framework class and its members to control how instances of the class are represented in XML.

WCF 应用程序开发通常也以复杂类型的定义开始。WCF application development usually also begins with the definition of complex types. 可以使用 WCF 与 ASP.NET Web 服务使用相同的 .NET Framework 类型。WCF can be made to use the same .NET Framework types as ASP.NET Web services.

WCF DataContractAttributeDataMemberAttribute 可以添加到 .NET Framework 类型,以指示要将类型的实例序列化为 XML,并对类型的哪些特定字段或属性进行序列化,如下面的示例代码所示。The WCFDataContractAttribute and DataMemberAttribute can be added to .NET Framework types to indicate that instances of the type are to be serialized into XML, and which particular fields or properties of the type are to be serialized, as shown in the following sample code.

//Example One:
[DataContract]
public class LineItem
{
    [DataMember]
    public string ItemNumber;
    [DataMember]
    public decimal Quantity;
    [DataMember]
    public decimal UnitPrice;
}

//Example Two:
public class LineItem
{
    [DataMember]
    private string itemNumber;
    [DataMember]
    private decimal quantity;
    [DataMember]
    private decimal unitPrice;

    public string ItemNumber
    {
      get
      {
          return this.itemNumber;
      }

      set
      {
          this.itemNumber = value;
      }
    }

    public decimal Quantity
    {
        get
        {
            return this.quantity;
        }

        set
        {
            this.quantity = value;
        }
    }

    public decimal UnitPrice
    {
      get
      {
          return this.unitPrice;
      }

      set
      {
          this.unitPrice = value;
      }
    }
}

//Example Three:
public class LineItem
{
     private string itemNumber;
     private decimal quantity;
     private decimal unitPrice;

     [DataMember]
     public string ItemNumber
     {
       get
       {
          return this.itemNumber;
       }

       set
       {
           this.itemNumber = value;
       }
     }

     [DataMember]
     public decimal Quantity
     {
          get
          {
              return this.quantity;
          }

          set
          {
             this.quantity = value;
          }
     }

     [DataMember]
     public decimal UnitPrice
     {
          get
          {
              return this.unitPrice;
          }

          set
          {
              this.unitPrice = value;
          }
     }
}

DataContractAttribute 表示要对零个或多个类型字段或属性进行序列化,而 DataMemberAttribute 表示要对某个特定字段或属性进行序列化。The DataContractAttribute signifies that zero or more of a type’s fields or properties are to be serialized, while the DataMemberAttribute indicates that a particular field or property is to be serialized. DataContractAttribute 可应用于类或结构。The DataContractAttribute can be applied to a class or structure. DataMemberAttribute 可以应用于字段或属性 (Property),对其应用此属性 (Attribute) 的字段和属性 (Property) 既可以是公共的也可以是私有的。The DataMemberAttribute can be applied to a field or a property, and the fields and properties to which the attribute is applied can be either public or private. 应用了的类型的实例在 DataContractAttribute WCF 中称为数据协定。Instances of types that have the DataContractAttribute applied to them are referred to as data contracts in WCF. 它们通过 DataContractSerializer 序列化为 XML。They are serialized into XML using DataContractSerializer.

下面是使用 DataContractSerializer 和使用 XmlSerializer 以及 System.Xml.Serialization 命名空间的各种属性之间的重大差异列表。The following is a list of the important differences between using the DataContractSerializer and using the XmlSerializer and the various attributes of the System.Xml.Serialization namespace.

  • XmlSerializerSystem.Xml.Serialization 命名空间的属性旨在让您可以将 .NET Framework 类型映射为在 XML 架构中定义的任意有效类型,因此它们对类型如何以 XML 方式表示提供了十分精确的控制。The XmlSerializer and the attributes of the System.Xml.Serialization namespace are designed to allow you to map .NET Framework types to any valid type defined in XML Schema, and so they provide for very precise control over how a type is represented in XML. DataContractSerializerDataContractAttributeDataMemberAttribute 则几乎不对类型如何以 XML 方式表示提供控制。The DataContractSerializer, DataContractAttribute and DataMemberAttribute provide very little control over how a type is represented in XML. 您只能指定用于在 XML 中表示类型及其字段或属性的命名空间和名称,以及字段和属性在 XML 中的显示顺序:You can only specify the namespaces and names used to represent the type and its fields or properties in the XML, and the sequence in which the fields and properties appear in the XML:

    [DataContract(
    Namespace="urn:Contoso:2006:January:29",
    Name="LineItem")]
    public class LineItem
    {
          [DataMember(Name="ItemNumber",IsRequired=true,Order=0)]
          public string itemNumber;
          [DataMember(Name="Quantity",IsRequired=false,Order = 1)]
          public decimal quantity;
          [DataMember(Name="Price",IsRequired=false,Order = 2)]
          public decimal unitPrice;
    }
    

    任何其他与用于表示 .NET 类型的 XML 结构相关的数据均由 DataContractSerializer 确定。Everything else about the structure of the XML used to represent the .NET type is determined by the DataContractSerializer.

  • 通过不允许过多地控制如何以 XML 方式表示类型,DataContractSerializer 序列化过程的可预知程度变得很高,因此,更容易实现优化。By not permitting much control over how a type is to be represented in XML, the serialization process becomes highly predictable for the DataContractSerializer, and, thereby, easier to optimize. DataContractSerializer 设计的一个实用优势是它具有更好的性能,大约提高了 10%。A practical benefit of the design of the DataContractSerializer is better performance, approximately ten percent better performance.

  • 用于 XmlSerializer 的属性 (Attribute) 并不指明此类型的哪些字段或属性 (Property) 将序列化为 XML,而用于 DataMemberAttributeDataContractSerializer 则显式指明将对哪些字段或属性 (Property) 执行序列化。The attributes for use with the XmlSerializer do not indicate which fields or properties of the type are serialized into XML, whereas the DataMemberAttribute for use with the DataContractSerializer shows explicitly which fields or properties are serialized. 因此,数据协定是与应用程序所要发送和接收的数据的结构有关的显式协定。Therefore, data contracts are explicit contracts about the structure of the data that an application is to send and receive.

  • XmlSerializer 只能将 .NET 对象的公共成员转换为 XML;而无论对象成员的访问修饰符如何,DataContractSerializer 都可以将这些成员转换为 XML。The XmlSerializer can only translate the public members of a .NET object into XML, the DataContractSerializer can translate the members of objects into XML regardless of the access modifiers of those members.

  • 由于可将各种类型的非公共成员序列化为 XML,因此,DataContractSerializer 对于可序列化为 XML 的 .NET 类型的多样性限制较少。As a consequence of being able to serialize the non-public members of types into XML, the DataContractSerializer has fewer restrictions on the variety of .NET types that it can serialize into XML. 尤其是,它可以转换为 XML 类型,如实现 Hashtable 接口的 IDictionaryIn particular, it can translate into XML types like Hashtable that implement the IDictionary interface. DataContractSerializer 更有可能会将任意预先存在的 .NET 类型序列化为 XML 而无需修改类型的定义或开发类型的包装。The DataContractSerializer is much more likely to be able to serialize the instances of any pre-existing .NET type into XML without having to either modify the definition of the type or develop a wrapper for it.

  • 由于 DataContractSerializer 可以访问类型的非公共成员,因此,它还要求完全信任,而 XmlSerializer 不要求。Another consequence of the DataContractSerializer being able to access the non-public members of a type is that it requires full trust, whereas the XmlSerializer does not. 完全信任代码访问权限提供对计算机上的所有资源的完全访问权限,可以使用执行代码的凭据访问该计算机上的所有资源。The Full Trust code access permission gives complete access to all resources on a machine that can be accessed using the credentials under which the code is executing. 当完全受信任的代码访问计算机上的所有资源时,应谨慎使用此选项。This option should be used with care as fully trusted code accesses all resources on your machine.

  • DataContractSerializer 中集成了一些对版本管理的支持:The DataContractSerializer incorporates some support for versioning:

    • DataMemberAttribute 具有一个 IsRequired 属性,将它赋予 False 值可指示早期版本中不存在将成员添加到的新版本数据协定,因此使得包含新版协定的应用程序可以处理早期的版本。The DataMemberAttribute has an IsRequired property that can be assigned a value of false for members that are added to new versions of a data contract that were not present in earlier versions, thereby allowing applications with the newer version of the contract to be able to process earlier versions.

    • 通过让某个数据协定实现 IExtensibleDataObject 接口,使得 DataContractSerializer 可通过包含早期版本协定的应用程序传递新版数据协定中定义的成员。By having a data contract implement the IExtensibleDataObject interface, one can allow the DataContractSerializer to pass members defined in newer versions of a data contract through applications with earlier versions of the contract.

不管存在何种差异,只要 XML 具有显式定义的命名空间,默认情况下,XmlSerializer 将类型序列化为的 XML 与 DataContractSerializer 将类型序列化为的 XML 语义相同。Despite all of the differences, the XML into which the XmlSerializer serializes a type by default is semantically identical to the XML into which the DataContractSerializer serializes a type, provided the namespace for the XML is explicitly defined. 下面的类具有与这两个序列化程序一起使用的特性,由和转换为语义上完全相同的 XML XmlSerializer DataContractAttributeThe following class, which has attributes for use with both of the serializers, is translated into semantically identical XML by the XmlSerializer and by the DataContractAttribute:

[Serializable]
[XmlRoot(Namespace="urn:Contoso:2006:January:29")]
[DataContract(Namespace="urn:Contoso:2006:January:29")]
public class LineItem
{
     [DataMember]
     public string ItemNumber;
     [DataMember]
     public decimal Quantity;
     [DataMember]
     public decimal UnitPrice;
}

Windows 软件开发工具包(SDK)包含一个名为 "Svcutil.exe" 的元数据实用工具()的命令行工具。The Windows software development kit (SDK) includes a command-line tool called the ServiceModel Metadata Utility Tool (Svcutil.exe). 与用于 ASP.NET Web 服务的 xsd.exe 工具一样,Svcutil.exe 可以从 XML 架构生成 .NET 数据类型的定义。Like the xsd.exe tool used with ASP.NET Web services, Svcutil.exe can generate definitions of .NET data types from XML Schema. 如果 DataContractSerializer 可发出由 XML 架构定义的格式的 XML,类型将为数据协定;否则,它们专用于通过 XmlSerializer 进行序列化。The types are data contracts if the DataContractSerializer can emit XML in the format defined by the XML Schema; otherwise, they are intended for serialization using the XmlSerializer. Svcutil.exe 还可以通过使用数据协定的开关从数据协定生成 XML 架构 dataContractOnlySvcutil.exe can also generate an XML schema from data contracts by using its dataContractOnly switch.

备注

尽管 ASP.NET Web 服务使用 XmlSerializer ,并且 wcf ASP.NET 兼容模式使 wcf 服务能够模仿 ASP.NET Web 服务的行为,但 ASP.NET 兼容性选项不会限制一个使用 XmlSerializerAlthough ASP.NET Web services use the XmlSerializer, and WCF ASP.NET compatibility mode makes WCF services mimic the behavior of ASP.NET Web services, the ASP.NET compatibility option does not restrict one to using the XmlSerializer. 用户仍然可以将 DataContractSerializer 用于以 ASP.NET 兼容模式运行的服务。One can still use the DataContractSerializer with services running in the ASP.NET compatibility mode.

服务开发Service Development

要使用 ASP.NET 开发服务,通常会将 WebService 属性添加到类中,并将 WebMethodAttribute 添加到该类中将作为服务操作使用的任意方法上:To develop a service using ASP.NET, it has been customary to add the WebService attribute to a class, and the WebMethodAttribute to any of that class’ methods that are to be operations of the service:

[WebService]
public class Service : T:System.Web.Services.WebService
{
    [WebMethod]
    public string Echo(string input)
    {
       return input;
    }
}

ASP.NET 2.0 中引入了将属性 WebServiceWebMethodAttribute 添加到接口(而不是类)的选项,并编写了一个类实现此接口:ASP.NET 2.0 introduced the option of adding the attribute WebService and WebMethodAttribute to an interface rather than to a class, and writing a class to implement the interface:

[WebService]
public interface IEcho
{
    [WebMethod]
    string Echo(string input);
}

public class Service : IEcho
{

   public string Echo(string input)
   {
        return input;
    }
}

使用此选项是首选方法,因为具有 WebService 属性的接口包含服务所执行操作的协定,该服务可以在通过多种不同方式实现同一协定的各种类中重复使用。Using this option is to be preferred, because the interface with the WebService attribute constitutes a contract for the operations performed by the service that can be reused with various classes that might implement that same contract in different ways.

WCF 服务通过定义一个或多个 WCF 端点提供。A WCF service is provided by defining one or more WCF endpoints. 终结点由地址、绑定和服务协定定义。An endpoint is defined by an address, a binding and a service contract. 地址用于定义服务的位置。The address defines where the service is located. 绑定用于指定与服务的通信方式。The binding specifies how to communicate with the service. 服务协定用于定义服务可执行的操作。The service contract defines the operations that the service can perform.

通常最先定义服务协定,通过将 ServiceContractAttributeOperationContractAttribute 添加到接口中实现:The service contract is usually defined first, by adding ServiceContractAttribute and OperationContractAttribute to an interface:

[ServiceContract]
public interface IEcho
{
     [OperationContract]
     string Echo(string input);
}

ServiceContractAttribute指定接口定义 WCF 服务协定,并 OperationContractAttribute 指示接口的哪些方法(如果有)定义服务协定的操作。The ServiceContractAttribute specifies that the interface defines a WCF service contract, and the OperationContractAttribute indicates which, if any, of the methods of the interface define operations of the service contract.

定义服务协定后,它将在类中实现,方法是使类实现服务协定定义的接口:Once a service contract has been defined, it is implemented in a class, by having the class implement the interface by which the service contract is defined:

public class Service : IEcho
{
    public string Echo(string input)
    {
       return input;
    }
}

在 WCF 中,实现服务协定的类称为 "服务类型"。A class that implements a service contract is referred to as a service type in WCF.

下一步是将地址和绑定与服务类型关联。The next step is to associate an address and a binding with a service type. 通常通过直接编辑文件或使用 WCF 提供的配置编辑器在配置文件中完成此操作。That is typically done in a configuration file, either by editing the file directly, or by using a configuration editor provided with WCF. 下面是配置文件的示例。Here is an example of a configuration file.

<?xml version="1.0" encoding="utf-8" ?>
<configuration>
     <system.serviceModel>
      <services>
      <service name="Service ">
       <endpoint
        address="EchoService"
        binding="basicHttpBinding"
        contract="IEchoService "/>
      </service>
      </services>
     </system.serviceModel>
</configuration>

绑定指定用于与应用程序通信的协议集。The binding specifies the set of protocols for communicating with the application. 下表列出由系统提供的表示常用选项的绑定。The following table lists the system-provided bindings that represent common options.

名称Name 目的Purpose
BasicHttpBindingBasicHttpBinding 可以与支持 WS-BasicProfile 1.1 和 Basic Security Profile 1.0 的 Web 服务和客户端相互操作。Interoperability with Web services and clients supporting the WS-BasicProfile 1.1 and Basic Security Profile 1.0.
WSHttpBindingWSHttpBinding 可以与通过 HTTP 支持 WS* 协议的 Web 服务和客户端相互操作。Interoperability with Web services and clients that support the WS-* protocols over HTTP.
WSDualHttpBindingWSDualHttpBinding 双向 HTTP 通信,使用此绑定时初始消息的接收方不直接回复初始发送方,而是在一段时间内使用与 WS* 协议一致的 HTTP 传输任意数量的响应。Duplex HTTP communication, by which the receiver of an initial message does not reply directly to the initial sender, but may transmit any number of responses over a period of time by using HTTP in conformity with WS-* protocols.
WSFederationBindingWSFederationBinding 访问服务资源时所用的 HTTP 通信可根据由显式标识的凭据提供程序发出的凭据进行控制。HTTP communication, in which access to the resources of a service can be controlled based on credentials issued by an explicitly-identified credential provider.
NetTcpBindingNetTcpBinding 跨网络在 WCF 软件实体之间进行安全、可靠、高性能的通信。Secure, reliable, high-performance communication between WCF software entities across a network.
NetNamedPipeBindingNetNamedPipeBinding 同一台计算机上 WCF 软件实体之间的安全、可靠、高性能的通信。Secure, reliable, high-performance communication between WCF software entities on the same machine.
NetMsmqBindingNetMsmqBinding 使用 MSMQ 在 WCF 软件实体之间进行通信。Communication between WCF software entities by using MSMQ.
MsmqIntegrationBindingMsmqIntegrationBinding 使用 MSMQ 在 WCF 软件实体与其他软件实体之间进行通信。Communication between a WCF software entity and another software entity by using MSMQ.
NetPeerTcpBindingNetPeerTcpBinding 使用 Windows 对等网络建立 WCF 软件实体之间的通信。Communication between WCF software entities by using Windows Peer-to-Peer Networking.

系统提供的绑定 BasicHttpBinding 集成了 ASP.NET Web 服务支持的协议集。The system-provided binding, BasicHttpBinding, incorporates the set of protocols supported by ASP.NET Web services.

WCF 应用程序的自定义绑定可以轻松定义为 WCF 用于实现各个协议的绑定元素类的集合。Custom bindings for WCF applications are easily defined as collections of the binding element classes that WCF uses to implement individual protocols. 可以将新的绑定元素编写为表示其他协议。New binding elements can be written to represent additional protocols.

服务类型的内部行为可以使用一系列称为行为的类的属性对其进行调整。The internal behavior of service types can be adjusted using the properties of a family of classes called behaviors. 其中,ServiceBehaviorAttribute 类用于指定服务类型为多线程。Here, the ServiceBehaviorAttribute class is used to specify that the service type is to be multithreaded.

[ServiceBehavior(ConcurrencyMode=ConcurrencyMode.Multiple)]
public class DerivativesCalculatorServiceType: IDerivativesCalculator

某些行为是属性,如 ServiceBehaviorAttributeSome behaviors, like ServiceBehaviorAttribute, are attributes. 其他具有管理员希望设置的属性的行为可以在配置应用程序时修改。Others, the ones with properties that administrators would want to set, can be modified in the configuration of an application.

在编程服务类型中,通常使用 OperationContext 类。In programming service types, frequent use is made of the OperationContext class. 它的静态 Current 属性提供对有关运行操作上下文的信息的访问权限。Its static Current property provides access to information about the context in which an operation is running. OperationContext 类似于 HttpContextContextUtil 类。OperationContext is similar to both the HttpContext and ContextUtil classes.

HostingHosting

ASP.NET Web 服务编译为类库程序集。ASP.NET Web services are compiled into a class library assembly. 将提供一个称为服务文件且扩展名为 .asmx 的文件,该文件包含一条 @ WebService 指令,该指令标识的类包含表示服务和服务所在程序集的代码。A file called the service file is provided that has the extension .asmx and contains an @ WebService directive that identifies the class that contains the code for the service and the assembly in which it is located.

<%@ WebService Language="C#" Class="Service,ServiceAssembly" %>

在 Internet 信息服务 (IIS) 中,服务文件将复制到 ASP.NET 应用程序根目录下,程序集则复制到此应用程序根目录的 \bin 子目录下。The service file is copied into an ASP.NET application root in Internet Information Services (IIS), and the assembly is copied into the \bin subdirectory of that application root. 然后,您可以在应用程序根目录下使用服务文件的统一资源定位符 (URL) 访问此应用程序。The application is then accessible by using the uniform resource locator (URL) of the service file in the application root.

WCF 服务可随时在 IIS 5.1 或6.0 中托管,Windows 进程激活服务(WAS)作为 IIS 7.0 的一部分提供,并且在任何 .NET 应用程序中提供。WCF services can readily be hosted within IIS 5.1 or 6.0, the Windows Process Activation Service (WAS) that is provided as part of IIS 7.0, and within any .NET application. 若要在 IIS 5.1 或 6.0 中承载某项服务,此服务必须使用 HTTP 作为通信传输协议。To host a service in IIS 5.1 or 6.0, the service must use HTTP as the communications transport protocol.

若要在 IIS 5.1、6.0 或 WAS 中承载某项服务,请使用下列步骤:To host a service within IIS 5.1, 6.0 or within WAS, use the follows steps:

  1. 将此服务类型编译为类库程序集。Compile the service type into a class library assembly.

  2. 使用标识服务类型的 @ ServiceHost 指令创建一个扩展名为 .svc 的服务文件:Create a service file with a .svc extension with an @ ServiceHost directive to identify the service type:

    <%@ServiceHost language="c#" Service="MyService" %>

  3. 将服务文件复制到虚拟目录下,并将程序集复制到该虚拟目录的 \bin 子目录下。Copy the service file into a virtual directory, and the assembly into the \bin subdirectory of that virtual directory.

  4. 将配置文件复制到虚拟目录下,并将其命名为 Web.config。Copy the configuration file into the virtual directory, and name it Web.config.

然后,您可以在应用程序根目录下使用服务文件的 URL 访问此应用程序The application is then accessible by using the URL of the service file in the application root.

若要在 .NET 应用程序中托管 WCF 服务,请将服务类型编译为该应用程序引用的类库程序集,并对该应用程序进行编程以使用类承载服务 ServiceHostTo host a WCF service within a .NET application, compile the service type into a class library assembly referenced by the application, and program the application to host the service using the ServiceHost class. 下面是所需基本编程的示例:The following is an example of the basic programming required:

string httpBaseAddress = "http://www.contoso.com:8000/";
string tcpBaseAddress = "net.tcp://www.contoso.com:8080/";

Uri httpBaseAddressUri = new Uri(httpBaseAddress);
Uri tcpBaseAddressUri = new Uri(tcpBaseAddress);

Uri[] baseAddresses = new Uri[] {
 httpBaseAddressUri,
 tcpBaseAddressUri};

using(ServiceHost host = new ServiceHost(
typeof(Service), //"Service" is the name of the service type baseAddresses))
{
     host.Open();

     […] //Wait to receive messages
     host.Close();
}

此示例演示如何在构造 ServiceHost 时指定一个或多个传输协议的地址。This example shows how addresses for one or more transport protocols are specified in the construction of a ServiceHost. 这些地址称为基址。These addresses are referred to as base addresses.

为 WCF 服务的任何终结点提供的地址是相对于终结点主机的基址的地址。The address provided for any endpoint of a WCF service is an address relative to a base address of the endpoint’s host. 对于每个通信传输协议,宿主都可以有一个基址。The host can have one base address for each communication transport protocol. 在上面的配置文件配置示例中,为终结点选定的 BasicHttpBinding 将 HTTP 用作传输协议,因此终结点的地址 EchoService 与宿主的 HTTP 基址相关。In the sample configuration in the preceding configuration file, the BasicHttpBinding selected for the endpoint uses HTTP as the transport protocol, so the address of the endpoint, EchoService, is relative to the host’s HTTP base address. 对于前面的示例中的主机,HTTP 基址为 http://www.contoso.com:8000/In the case of the host in the preceding example, the HTTP base address is http://www.contoso.com:8000/. 对于在 IIS 或 WAS 中承载的服务,其基址为服务的服务文件的 URL。For a service hosted within IIS or WAS, the base address is the URL of the service’s service file.

只能使用在 IIS 或 WAS 中承载的服务,以及仅使用 HTTP 作为传输协议进行配置的服务,才能使用 WCF ASP.NET 兼容模式选项。Only services hosted in IIS or WAS, and which are configured with HTTP as the transport protocol exclusively, can be made to use WCF ASP.NET compatibility mode option. 启用此选项需要执行下列步骤。Turning that option on requires the following steps.

  1. 程序员必须将 AspNetCompatibilityRequirementsAttribute 属性添加到服务类型中,并指定是允许还是需要 ASP.NET 兼容模式。The programmer must add the AspNetCompatibilityRequirementsAttribute attribute to the service type and specify that ASP.NET compatibility mode is either allowed or required.

    [System.ServiceModel.Activation.AspNetCompatibilityRequirements(
          RequirementsMode=AspNetCompatibilityRequirementsMode.Require)]
    public class DerivativesCalculatorServiceType: IDerivativesCalculator
    
  2. 管理员必须将应用程序配置为使用 ASP.NET 兼容模式。The administrator must configure the application to use the ASP.NET compatibility mode.

    <configuration>
         <system.serviceModel>
          <services>
          […]
          </services>
          <serviceHostingEnvironment aspNetCompatibilityEnabled="true"/>
        </system.serviceModel>
    </configuration>
    

    WCF 应用程序也可以配置为使用 .asmx 作为其服务文件(而不是 .svc)的扩展。WCF applications can also be configured to use .asmx as the extension for their service files rather than .svc.

    <system.web>
         <compilation>
          <compilation debug="true">
          <buildProviders>
           <remove extension=".asmx"/>
           <add extension=".asmx"
            type="System.ServiceModel.ServiceBuildProvider,
            System.ServiceModel,
            Version=3.0.0.0,
            Culture=neutral,
            PublicKeyToken=b77a5c561934e089" />
          </buildProviders>
          </compilation>
         </compilation>
    </system.web>
    

    使用此选项,你无需修改在将服务修改为使用 WCF 时配置为使用 .asmx 服务文件的 Url 的客户端。That option can save you from having to modify clients that are configured to use the URLs of .asmx service files when modifying a service to use WCF.

客户端开发Client Development

ASP.NET Web 服务的客户端通过使用命令行工具 WSDL.exe 生成,该工具可将 .asmx 文件的 URL 作为输入提供。Clients for ASP.NET Web services are generated using the command-line tool, WSDL.exe, which provides the URL of the .asmx file as input. WCF 提供的相应工具为 " Svcutil.exe 元数据实用工具()"。The corresponding tool provided by WCF is ServiceModel Metadata Utility Tool (Svcutil.exe). 它使用服务协定的定义和 WCF 客户端类的定义生成代码模块。It generates a code module with the definition of the service contract and the definition of a WCF client class. 它还使用服务的地址和绑定生成一个配置文件。It also generates a configuration file with the address and binding of the service.

通常,建议您基于异步模式对远程服务的客户端进行编程。In programming a client of a remote service it is generally advisable to program according to an asynchronous pattern. 默认情况下,不论是同步模式还是异步模式,始终都会提供由 WSDL.exe 工具生成的代码。The code generated by the WSDL.exe tool always provides for both a synchronous and an asynchronous pattern by default. 可为任一模式提供 " svcutil.exe" 元数据实用工具()生成的代码。The code generated by the ServiceModel Metadata Utility Tool (Svcutil.exe) can provide for either pattern. 默认为对同步模式提供。It provides for the synchronous pattern by default. 如果执行该工具时使用 /async 开关,则将为异步模式提供生成的代码。If the tool is executed with the /async switch, then the generated code provides for the asynchronous pattern.

不保证 ASP.NET 生成的 WCF 客户端类中的名称。默认情况下,NET 的 WSDL.EXE 工具与 Svcutil.exe 工具生成的 WCF 客户端类中的名称相匹配。There is no guarantee that names in the WCF client classes generated by ASP.NET’s WSDL.exe tool, by default, match the names in WCF client classes generated by the Svcutil.exe tool. 尤其是,在默认情况下,必须使用 XmlSerializer 序列化的类的属性名将在 Svcutil.exe 工具生成的代码中获得后缀 Property,这与 WSDL.exe 工具的情况并不一样。In particular, the names of the properties of classes that have to be serialized using the XmlSerializer are, by default, given the suffix Property in the code generated by the Svcutil.exe tool, which is not the case with the WSDL.exe tool.

消息表示形式Message Representation

可以对由 ASP.NET Web 服务发送和接收的 SOAP 消息头执行自定义操作。The headers of the SOAP messages sent and received by ASP.NET Web services can be customized. 将从 SoapHeader 派生一个类,用于定义消息头的结构,然后 SoapHeaderAttribute 用于指示存在消息头。A class is derived from SoapHeader to define the structure of the header, and then the SoapHeaderAttribute is used to indicate the presence of the header.

public class SomeProtocol : SoapHeader
{
     public long CurrentValue;
     public long Total;
}

[WebService]
public interface IEcho
{
     SomeProtocol ProtocolHeader
     {
      get;
     set;
     }

     [WebMethod]
     [SoapHeader("ProtocolHeader")]
     string PlaceOrders(PurchaseOrderType order);
}

public class Service: WebService, IEcho
{
     private SomeProtocol protocolHeader;

     public SomeProtocol ProtocolHeader
     {
         get
         {
              return this.protocolHeader;
         }

         set
         {
              this.protocolHeader = value;
         }
     }

     string PlaceOrders(PurchaseOrderType order)
     {
         long currentValue = this.protocolHeader.CurrentValue;
     }
}

WCF 提供属性、、 MessageContractAttribute 和, MessageHeaderAttribute MessageBodyMemberAttribute 以描述服务发送和接收的 SOAP 消息的结构。The WCF provides the attributes, MessageContractAttribute, MessageHeaderAttribute, and MessageBodyMemberAttribute to describe the structure of the SOAP messages sent and received by a service.

[DataContract]
public class SomeProtocol
{
     [DataMember]
     public long CurrentValue;
     [DataMember]
     public long Total;
}

[DataContract]
public class Item
{
     [DataMember]
     public string ItemNumber;
     [DataMember]
     public decimal Quantity;
     [DataMember]
     public decimal UnitPrice;
}

[MessageContract]
public class ItemMessage
{
     [MessageHeader]
     public SomeProtocol ProtocolHeader;
     [MessageBody]
     public Item Content;
}

[ServiceContract]
public interface IItemService
{
     [OperationContract]
     public void DeliverItem(ItemMessage itemMessage);
}

此语法将生成消息结构的显式表示形式,同时 ASP.NET Web 服务的代码也将暗示消息结构。This syntax yields an explicit representation of the structure of the messages, whereas the structure of messages is implied by the code of an ASP.NET Web service. 此外,在 ASP.NET 语法中,消息头表示为服务的属性,例如 ProtocolHeader 上一示例中的属性,而在 WCF 语法中,它们可以更准确地表示为消息的属性。Also, in the ASP.NET syntax, message headers are represented as properties of the service, such as the ProtocolHeader property in the previous example, whereas in WCF syntax, they are more accurately represented as properties of messages. 同时,WCF 还允许将消息标头添加到终结点的配置中。Also, WCF allows message headers to be added to the configuration of endpoints.

<service name="Service ">
     <endpoint
      address="EchoService"
      binding="basicHttpBinding"
      contract="IEchoService ">
      <headers>
      <dsig:X509Certificate
       xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
       ...
      </dsig:X509Certificate>
      </headers>
     </endpoint>
</service>

使用此选项,可以在客户端或服务的代码中避免任何对基础协议标头的引用:标头将根据终结点的配置方式添加到消息中。That option allows you to avoid any reference to infrastructural protocol headers in the code for a client or service: the headers are added to messages because of how the endpoint is configured.

服务说明Service Description

使用查询 WSDL 对 ASP.NET Web 服务的 .asmx 文件发出 HTTP GET 请求将使 ASP.NET 生成描述服务的 WSDL。Issuing an HTTP GET request for the .asmx file of an ASP.NET Web service with the query WSDL causes ASP.NET to generate WSDL to describe the service. ASP.NET 将返回该 WSDL 作为此请求的响应。It returns that WSDL as the response to the request.

通过 ASP.NET 2.0,用户可以验证服务是否与 Web 服务互操作性组织 (WS-I) 的基本配置文件 1.1 兼容,还可以插入一个声明表明服务与其 WSDL 兼容。ASP.NET 2.0 made it possible to validate that a service is compliant with the Basic Profile 1.1 of the Web Services-Interoperability Organization (WS-I), and to insert a claim that the service is compliant into its WSDL. 这可以通过使用 ConformsTo 属性的 EmitConformanceClaimsWebServiceBindingAttribute 参数实现。That is done using the ConformsTo and EmitConformanceClaims parameters of the WebServiceBindingAttribute attribute.

[WebService(Namespace = "http://tempuri.org/")]
[WebServiceBinding(
     ConformsTo = WsiProfiles.BasicProfile1_1,
     EmitConformanceClaims=true)]
public interface IEcho

可以自定义 ASP.NET 为服务生成的 WSDL。The WSDL that ASP.NET generates for a service can be customized. 通过创建 ServiceDescriptionFormatExtension 的派生类以将项目添加到 WSDL 中可实现自定义。Customizations are made by creating a derived class of ServiceDescriptionFormatExtension to add items to the WSDL.

使用在 IIS 51、6.0 或中承载的 HTTP 终结点的 WCF 服务的 .svc 文件的查询 WSDL 发出 HTTP GET 请求会导致 WCF 使用 WSDL 进行响应,以描述该服务。Issuing an HTTP GET request with the query WSDL for the .svc file of a WCF service with an HTTP endpoint hosted within IIS 51, 6.0 or WAS causes WCF to respond with WSDL to describe the service. 如果 httpGetEnabled 设置为 true,则使用查询 WSDL 对 .NET 应用程序所承载服务的 HTTP 基址发出 HTTP GET 请求具有相同的效果。Issuing an HTTP GET request with the query WSDL to the HTTP base address of a service hosted within a .NET application has the same effect if httpGetEnabled is set to true.

但是,WCF 还会使用其生成的用于描述服务的 WSDL 响应 Ws-metadataexchange 请求。However, WCF also responds to WS-MetadataExchange requests with WSDL that it generates to describe a service. ASP.NET Web 服务没有对 WS-MetadataExchange 请求的内置支持。ASP.NET Web services do not have built-in support for WS-MetadataExchange requests.

WCF 生成的 WSDL 可以广泛地自定义。The WSDL that WCF generates can be extensively customized. ServiceMetadataBehavior 类提供了一些用于自定义 WSDL 的功能。The ServiceMetadataBehavior class provides some facilities for customizing the WSDL. 也可以将 WCF 配置为不生成 WSDL,而是使用给定 URL 处的静态 WSDL 文件。The WCF can also be configured to not generate WSDL, but rather to use a static WSDL file at a given URL.

<behaviors>
     <behavior name="DescriptionBehavior">
     <metadataPublishing
      enableMetadataExchange="true"
      enableGetWsdl="true"
      enableHelpPage="true"
      metadataLocation=
      "http://localhost/DerivativesCalculatorService/Service.WSDL"/>
     </behavior>
</behaviors>

异常处理Exception Handling

在 ASP.NET Web 服务中,未处理的异常将作为 SOAP 错误返回客户端。In ASP.NET Web services, unhandled exceptions are returned to clients as SOAP faults. 您还可以显式抛出 SoapException 类的实例并对传输到客户端的 SOAP 错误内容加大控制力度。You can also explicitly throw instances of the SoapException class and have more control over the content of the SOAP fault that gets transmitted to the client.

在 WCF 服务中,未处理的异常不会作为 SOAP 错误返回到客户端,以防止无意中通过异常公开敏感信息。In WCF services, unhandled exceptions are not returned to clients as SOAP faults to prevent sensitive information being inadvertently exposed through the exceptions. 为了进行调试,系统将提供一个配置设置以将未处理的异常返回客户端。A configuration setting is provided to have unhandled exceptions returned to clients for the purpose of debugging.

若要将 SOAP 错误返回客户端,您可以使用数据协定类型作为泛型类型抛出泛型类型的实例 FaultException<TDetail>To return SOAP faults to clients, you can throw instances of the generic type, FaultException<TDetail>, using the data contract type as the generic type. 您还可以将 FaultContractAttribute 属性添加到操作中以指定操作可能会生成的错误。You can also add FaultContractAttribute attributes to operations to specify the faults that an operation might yield.

[DataContract]
public class MathFault
{
     [DataMember]
     public string operation;
     [DataMember]
     public string problemType;
}

[ServiceContract]
public interface ICalculator
{
     [OperationContract]
     [FaultContract(typeof(MathFault))]
     int Divide(int n1, int n2);
}

这样做会导致在服务的 WSDL 中显示对可能错误的建议,从而使客户端程序员可以预计操作可能会导致哪些错误,并编写相应的 Catch 语句。Doing so results in the possible faults being advertised in the WSDL for the service, allowing client programmers to anticipate which faults can result from an operation, and write the appropriate catch statements.

try
{
     result = client.Divide(value1, value2);
}
catch (FaultException<MathFault> e)
{
 Console.WriteLine("FaultException<MathFault>: Math fault while doing "
  + e.Detail.operation
  + ". Problem: "
  + e.Detail.problemType);
}

状态管理State Management

用于实现 ASP.NET Web 服务的类可以从 WebService 派生。The class used to implement an ASP.NET Web service may be derived from WebService.

public class Service : WebService, IEcho
{

 public string Echo(string input)
 {
  return input;
 }
}

在此情况下,可以将此类编程为使用 WebService 基类的“上下文”属性访问 HttpContext 对象。In that case, the class can be programmed to use the WebService base class’ Context property to access a HttpContext object. 通过使用 HttpContext 对象的 Application 属性,该对象可用于更新和检索应用程序状态信息,而且通过使用其 Session 属性,该对象可用于更新和检索会话状态信息。The HttpContext object can be used to update and retrieve application state information by using its Application property, and can be used to update and retrieve session state information by using its Session property.

ASP.NET 通过使用实际存储着 HttpContext 的 Session 属性对会话状态信息的访问位置提供高度控制。ASP.NET provides considerable control over where the session state information accessed by using the Session property of the HttpContext is actually stored. 它可以存储在 Cookie、数据库、当前服务器的内存或指定服务器的内存中。It may be stored in cookies, in a database, in the memory of the current server, or in the memory of a designated server. 在服务的配置文件中做出此项选择。The choice is made in the service’s configuration file.

WCF 为状态管理提供可扩展对象。The WCF provides extensible objects for state management. 可扩展对象就是实现 IExtensibleObject<T> 的对象。Extensible objects are objects that implement IExtensibleObject<T>. 最重要的可扩展对象为 ServiceHostBaseInstanceContextThe most important extensible objects are ServiceHostBase and InstanceContext. ServiceHostBase 允许你保持同一个主机上所有服务类型的所有实例都可访问的状态,而 InstanceContext 允许你保持可以被某个服务类型的同一个实例中运行的任意代码访问的状态。ServiceHostBase allows you to maintain state that all of the instances of all of the service types on the same host can access, while InstanceContext allows you to maintain state that can be accessed by any code running within the same instance of a service type.

在此,服务类型 TradingSystem 具有一个, ServiceBehaviorAttribute 它指定从同一 WCF 客户端实例进行的所有调用都路由到服务类型的同一个实例。Here, the service type, TradingSystem, has a ServiceBehaviorAttribute that specifies that all calls from the same WCF client instance are routed to the same instance of the service type.

[ServiceBehavior(InstanceContextMode = InstanceContextMode.PerSession)]
public class TradingSystem: ITradingService

DealData 类用于定义可以由某个服务类型的相同实例中运行的任意代码访问的状态。The class, DealData, defines state that can be accessed by any code running in the same instance of a service type.

internal class DealData: IExtension<InstanceContext>
{
 public string DealIdentifier = null;
 public Trade[] Trades = null;
}

在实现服务协定中任一操作的服务类型的代码中,将 DealData 状态对象添加到当前服务类型实例的状态中。In the code of the service type that implements one of the operations of the service contract, a DealData state object is added to the state of the current instance of the service type.

string ITradingService.BeginDeal()
{
 string dealIdentifier = Guid.NewGuid().ToString();
 DealData state = new DealData(dealIdentifier);
 OperationContext.Current.InstanceContext.Extensions.Add(state);
 return dealIdentifier;
}

随后,可以使用实现另一个服务协定操作的代码检索和修改此状态对象。That state object can then be retrieved and modified by the code that implements another of the service contract’s operations.

void ITradingService.AddTrade(Trade trade)
{
 DealData dealData =  OperationContext.Current.InstanceContext.Extensions.Find<DealData>();
 dealData.AddTrade(trade);
}

尽管 ASP.NET 提供了对类中状态信息的 HttpContext 实际存储位置的控制,但 WCF 至少在其初始版本中不提供对存储可扩展对象的位置的控制。Whereas ASP.NET provides control over where state information in the HttpContext class is actually stored, WCF, at least in its initial version, provides no control over where extensible objects are stored. 这构成了为 WCF 服务选择 ASP.NET 兼容模式的最佳理由。That constitutes the very best reason for selecting the ASP.NET compatibility mode for a WCF service. 如果必须管理可配置状态,则选择 ASP.NET 兼容模式使您可以按照它们在 ASP.NET 中的使用方式使用 HttpContext 类的功能,而且还可以通过使用存储的 HttpContext 类配置状态信息的管理位置。If configurable state management is imperative, then opting for the ASP.NET compatibility mode allows you to use the facilities of the HttpContext class exactly as they are used in ASP.NET, and also to configure where state information managed by using the HttpContext class is stored.

安全性Security

用于保证 ASP.NET Web 服务安全的选项就是那些用于保证任意 IIS 应用程序安全的选项。The options for securing ASP.NET Web services are those for securing any IIS application. 因为 WCF 应用程序不仅可以在 IIS 中托管,也可以在任何 .NET 可执行文件中托管,所以用于保护 WCF 应用程序的选项必须与 IIS 的功能无关。Because WCF applications can be hosted not only within IIS but also within any .NET executable, the options for securing WCF applications must be made independent from the facilities of IIS. 但是,为 ASP.NET Web 服务提供的功能也可用于在 ASP.NET 兼容模式下运行的 WCF 服务。However, the facilities provided for ASP.NET Web services are also available for WCF services running in ASP.NET compatibility mode.

安全性:身份验证Security: Authentication

IIS 可提供对应用程序的访问进行控制的功能,您可以使用此功能选择匿名访问或各种身份验证模式:Windows 身份验证、摘要式身份验证、基本身份验证和 .NET Passport 身份验证。IIS provides facilities for controlling access to applications by which you can select either anonymous access or a variety of modes of authentication: Windows Authentication, Digest Authentication, Basic Authentication, and .NET Passport Authentication. Windows 身份验证选项可以用于控制对 ASP.NET Web 服务的访问。The Windows Authentication option can be used to control access to ASP.NET Web services. 但是,当 WCF 应用程序承载于 IIS 中时,必须将 IIS 配置为允许对应用程序进行匿名访问,以便 WCF 本身可以管理身份验证,这在不同的选项之间支持 Windows 身份验证。However, when WCF applications are hosted within IIS, IIS must be configured to permit anonymous access to the application, so that authentication can be managed by WCF itself, which does support Windows authentication among various other options. 其他内置选项包括用户名令牌、X.509 证书、SAML 令牌和 CardSpace 卡,但是也可以定义自定义身份验证机制。The other options that are built-in include username tokens, X.509 certificates, SAML tokens, and CardSpace card, but custom authentication mechanisms can also be defined.

安全性:模拟Security: Impersonation

ASP.NET 提供一个标识元素,ASP.NET Web 服务可通过使用该元素模拟当前请求提供了某个特定用户或任何用户的凭据。ASP.NET provides an identity element by which an ASP.NET Web service can be made to impersonate a particular user or whichever user’s credentials are provided with the current request. 该元素可用于在 ASP.NET 兼容模式下运行的 WCF 应用程序中配置模拟。That element can be used to configure impersonation in WCF applications running in ASP.NET compatibility mode.

WCF 配置系统提供自己的标识元素,用于指定要模拟的特定用户。The WCF configuration system provides its own identity element for designating a particular user to impersonate. 另外,WCF 客户端和服务可以单独配置为进行模拟。Also, WCF clients and services can be independently configured for impersonation. 当客户端发送请求时,可将它们配置为模拟当前用户。Clients can be configured to impersonate the current user when they transmit requests.

<behaviors>
     <behavior name="DerivativesCalculatorClientBehavior">
      <clientCredentials>
      <windows allowedImpersonationLevel="Impersonation"/>
      </clientCredentials>
     </behavior>
</behaviors>

可将服务操作配置为模拟当前请求提供了任意用户的凭据。Service operations can be configured to impersonate whichever user’s credentials are provided with the current request.

[OperationBehavior(Impersonation = ImpersonationOption.Required)]
public void Receive(Message input)

安全性:使用访问控制列表进行授权Security: Authorization using Access Control Lists

访问控制列表 (ACL) 可用于限制对 .asmx 文件的访问。Access Control Lists (ACLs) can be used to restrict access to .asmx files. 但在 ASP.NET 兼容模式下,将忽略 WCF .svc 文件上的 Acl。However, ACLs on WCF .svc files are ignored except in ASP.NET compatibility mode.

安全性:基于角色的授权Security: Role-based Authorization

IIS Windows 身份验证选项可与由 ASP.NET 配置语言提供的授权元素一起使用,以便根据将用户指定到的 Windows 组简化对 ASP.NET Web 服务的基于角色的授权。The IIS Windows Authentication option can be used in conjunction with the authorization element provided by the ASP.NET configuration language to facilitate role-based authorization for ASP.NET Web services based on the Windows groups to which users are assigned. ASP.NET 2.0 引入了一种更常用的基于角色的授权机制:角色提供程序。ASP.NET 2.0 introduced a more general role-based authorization mechanism: role providers.

角色提供程序就是所有实现基本接口以查询对用户分配哪些角色的类,但每个角色提供程序都知道如何从其他来源检索此信息。Role providers are classes that all implement a basic interface for enquiring about the roles to which a user is assigned, but each role provider knows how to retrieve that information from a different source. ASP.NET 2.0 提供一个可从 Microsoft SQL Server 数据库检索角色分配的角色提供程序,同时还提供另一个可从 Windows Server 2003 授权管理器检索角色分配的角色提供程序。ASP.NET 2.0 provides a role provider that can retrieve role assignments from a Microsoft SQL Server database, and another that can retrieve role assignments from the Windows Server 2003 Authorization Manager.

在任何 .NET 应用程序(包括 WCF 应用程序)中,实际上可以独立于 ASP.NET 使用角色提供程序机制。The role provider mechanism can actually be used independently of ASP.NET in any .NET application, including a WCF application. 以下 WCF 应用程序示例配置演示了如何使用 ASP.NET 角色提供程序,这是一个通过的方法选择的选项 ServiceAuthorizationBehaviorThe following sample configuration for a WCF application shows how the use of an ASP.NET role provider is an option selected by means of the ServiceAuthorizationBehavior.

<system.serviceModel>
     <services>
         <service name="Service.ResourceAccessServiceType"
             behaviorConfiguration="ServiceBehavior">
             <endpoint
              address="ResourceAccessService"
              binding="wsHttpBinding"
              contract="Service.IResourceAccessContract"/>
         </service>
     </services>
     <behaviors>
       <behavior name="ServiceBehavior">
       <serviceAuthorization principalPermissionMode="UseAspNetRoles"/>
      </behavior>
     </behaviors>
</system.serviceModel>

安全性:基于声明的授权Security: Claims-based Authorization

WCF 的最重要的一项创新是,它完全支持基于声明对受保护资源的访问权限。One of the most important innovations of WCF is its thorough support for authorizing access to protected resources based on claims. 声明包含类型、权限和值等,例如驾驶执照。Claims consist of a type, a right and a value, a drivers’ license, for example. 它提出一组有关持有人的声明,其中一个是持有人的出生日期。It makes a set of claims about the bearer, one of which is the bearer’s date of birth. 此声明的类型为出生日期,而声明的值为司机的出生日期。The type of that claim is date of birth, while the value of the claim is the driver’s birth date. 声明授予持有人的权限指定持有人可对声明的值执行的操作。The right that a claim confers on the bearer specifies what the bearer can do with the claim’s value. 如果是要声明司机的出生日期,权限为拥有:司机拥有该出生日期但是不能更改它。In the case of the claim of the driver’s date of birth, the right is possession: the driver possesses that date of birth but cannot, for example, alter it. 基于声明的授权包含基于角色的授权,因为角色也是一种声明类型。Claims-based authorization encloses role-based authorization, because roles are a type of claim.

基于声明的授权可通过将一组声明与操作的访问要求进行比较实现,根据比较的结果,可获得操作的访问权或遭到拒绝。Authorization based on claims is accomplished by comparing a set of claims to the access requirements of the operation and, depending on the outcome of that comparison, granting or denying access to the operation. 在 WCF 中,可以指定一个用于运行基于声明的授权的类,也可以通过为的属性赋值来指定一个值 ServiceAuthorizationManager ServiceAuthorizationBehaviorIn WCF, you can specify a class to use to run claims-based authorization, once again by assigning a value to the ServiceAuthorizationManager property of ServiceAuthorizationBehavior.

<behaviors>
     <behavior name='ServiceBehavior'>
     <serviceAuthorization
     serviceAuthorizationManagerType=
                   'Service.AccessChecker, Service' />
     </behavior>
</behaviors>

用于运行基于声明的授权的类必须派生自只有一种重写方法(即 ServiceAuthorizationManager)的 AccessCheck()Classes used to run claims-based authorization must derive from ServiceAuthorizationManager, which has just one method to override, AccessCheck(). 每当调用服务的操作并提供对象时,WCF 都将调用该方法 OperationContext ,该对象在其属性中具有用户的声明 ServiceSecurityContext.AuthorizationContextWCF calls that method whenever an operation of the service is invoked and provides a OperationContext object, which has the claims for the user in its ServiceSecurityContext.AuthorizationContext property. WCF 从用户提供的用于身份验证的任何安全令牌收集有关用户的声明的工作,这会使评估这些声明是否足以满足相关操作的任务。WCF does the work of assembling claims about the user from whatever security token the user provided for authentication, which leaves the of task of evaluating whether those claims suffice for the operation in question.

WCF 自动将来自任何类型的安全令牌的声明组合在一起,这是一种高度重要的创新,因为它会根据声明完全独立于身份验证机制来授权代码。That WCF automatically assembles claims from any kind of security token is a highly significant innovation, because it makes the code for authorization based on the claims entirely independent of the authentication mechanism. 与此相反,使用 ACL 或 ASP.NET 中的角色进行授权则与 Windows 身份验证息息相关。By contrast, authorization using ACLs or roles in ASP.NET is closely tied to Windows authentication.

安全性:机密性Security: Confidentiality

通过将 IIS 中的应用程序配置为使用安全超文本传输协议 (HTTPS),可以在传输级别确保与 ASP.NET Web 服务交换的消息的机密性。The confidentiality of messages exchanged with ASP.NET Web services can be ensured at the transport level by configuring the application within IIS to use the Secure Hypertext Transfer Protocol (HTTPS). 对于在 IIS 中承载的 WCF 应用程序也是如此。The same can be done for WCF applications hosted within IIS. 但是,托管在 IIS 之外的 WCF 应用程序也可以配置为使用安全传输协议。However, WCF applications hosted outside of IIS can also be configured to use a secure transport protocol. 更重要的是,还可以使用 WS 安全协议将 WCF 应用程序配置为在传输消息之前对其进行保护。More important, WCF applications can also be configured to secure the messages before they are transported, using the WS-Security protocol. 如果使用 WS-Security 协议保护消息正文的安全,则消息正文到达最终目的地之前在中介中加密传输。Securing just the body of a message using WS-Security allows it to be transmitted confidentially across intermediaries before reaching its final destination.

全球化Globalization

通过 ASP.NET 配置语言,您可以为这些服务单独指定区域性。The ASP.NET configuration language allows you to specify the culture for individual services. WCF 不支持 ASP.NET 兼容模式下的该配置设置。The WCF does not support that configuration setting except in ASP.NET compatibility mode. 若要本地化不使用 ASP.NET 兼容模式的 WCF 服务,请将服务类型编译为区域性特定的程序集,并为每个区域性特定的程序集提供单独的区域性特定的终结点。To localize a WCF service that does not use ASP.NET compatibility mode, compile the service type into culture-specific assemblies, and have separate culture-specific endpoints for each culture-specific assembly.

另请参阅See also