Windows Communication Foundation 隱私權資訊Windows Communication Foundation Privacy Information

Microsoft 一向致力於保護使用者的隱私權。Microsoft is committed to protecting end-users' privacy. 當您使用 Windows Communication Foundation (WCF)3.0 版來建立應用程式時,您的應用程式可能會影響使用者的隱私權。When you build an application using Windows Communication Foundation (WCF), version 3.0, your application may impact your end-users' privacy. 例如,應用程式可能會明確收集使用者的連絡資訊,或者透過網際網路向您的網站要求資訊或傳送資訊至網站。For example, your application may explicitly collect user contact information, or it may request or send information over the Internet to your Web site. 如果您在應用程式中內嵌 Microsoft 技術,則該技術可能帶有會影響隱私權的行為。If you embed Microsoft technology in your application, that technology may have its own behavior that might affect privacy. WCF 不會從您的應用程式將任何資訊傳送至 Microsoft,除非您或使用者選擇將它傳送給我們。WCF does not send any information to Microsoft from your application unless you or the end-user choose to send it to us.

WCF 簡介WCF in Brief

WCF 是使用 Microsoft .NET Framework 的分散式訊息架構,可讓開發人員建立分散式應用程式。WCF is a distributed messaging framework using the Microsoft .NET Framework that allows developers to build distributed applications. 而在兩個應用程式之間通訊的訊息則包含標頭和本文資訊。Messages communicated between two applications contain header and body information.

根據應用程式使用的服務而定,標頭可能包含訊息路由、安全性資訊、異動及其他項目。Headers may contain message routing, security information, transactions, and more depending on the services used by the application. 根據預設,訊息通常會經過加密。Messages are typically encrypted by default. 唯一的例外為使用 BasicHttpBinding 時,此項原本就設計用於不受安全保護的舊式 Web 服務。The one exception is when using the BasicHttpBinding, which was designed for use with non-secured, legacy Web services. 身為應用程式設計師,您要負責做好最後的設計。As the application designer, you are responsible for the final design. SOAP 主體中的訊息包含應用程式特定的資料;不過,這項資料(例如應用程式定義的個人資訊)可以使用 WCF 加密或機密性功能來加以保護。Messages in the SOAP body contain application-specific data; however, this data, such as application-defined personal information, can be secured by using WCF encryption or confidentiality features. 下列章節將描述可能影響隱私權的功能。The following sections describe the features that potentially impact privacy.

訊息Messaging

每個 WCF 訊息都有一個位址標頭,指定訊息目的地和回復的位置。Each WCF message has an address header that specifies the message destination and where the reply should go.

端點位址的位址元件則是可識別端點的統一資源識別元 (URI)。The address component of an endpoint address is a Uniform Resource Identifier (URI) that identifies the endpoint. 此位址可以是網路位址或邏輯位址。The address can be a network address or a logical address. 位址也可能包含電腦名稱 (主機名稱,完整網域名稱) 和 IP 位址。The address may include machine name (hostname, fully qualified domain name) and an IP address. 端點位址也可能包含全域唯一識別元 (GUID),或者包含可用於分辨每個位址之暫存定址的 GUID 集合。The endpoint address may also contain a globally unique identifier (GUID), or a collection of GUIDs for temporary addressing used to discern each address. 每則訊息中都包含屬於 GUID 的訊息識別碼。Each message contains a message ID that is a GUID. 另外,此功能會遵循 WS-Addressing 參照標準。This feature follows the WS-Addressing reference standard.

WCF 訊息層不會將任何個人資訊寫入本機電腦。The WCF messaging layer does not write any personal information to the local machine. 不過,如果服務開發人員建立了會公開這類資訊的服務 (例如,在端點名稱中使用某個人的名稱,或者在端點的 Web 服務描述語言中加入個人資訊,可是沒有要求用戶端使用 https 來存取 WSDL),則該訊息層可能在網路層級中傳播個人資訊。However, it might propagate personal information at the network level if a service developer has created a service that exposes such information (for example, by using a person's name in an endpoint name, or including personal information in the endpoint's Web Services Description Language but not requiring clients to use https to access the WSDL). 此外,如果開發人員針對公開個人資訊的端點執行System.servicemodel 中繼資料公用程式工具(Svcutil)工具,則工具的輸出可能會包含該資訊,而輸出檔案則會寫入至本機硬碟。Also, if a developer runs the ServiceModel Metadata Utility Tool (Svcutil.exe) tool against an endpoint that exposes personal information, the tool's output could contain that information, and the output file is written to the local hard disk.

架設Hosting

WCF 中的裝載功能可讓應用程式視需要啟動,或在多個應用程式之間啟用埠共用。The hosting feature in WCF allows applications to start on demand or to enable port sharing between multiple applications. WCF 應用程式可以裝載在 Internet Information Services (IIS)中,類似于 ASP.NET。An WCF application can be hosted in Internet Information Services (IIS), similar to ASP.NET.

裝載時並不會在網路上公開任何特定資訊,而且也不會保存電腦上的資料。Hosting does not expose any specific information on the network and it does not keep data on the machine.

訊息安全性Message Security

WCF 安全性提供訊息應用程式的安全性功能。WCF security provides the security capabilities for messaging applications. 所提供的安全性功能包含驗證和授權。The security functions provided include authentication and authorization.

驗證的作法是在用戶端和服務之間傳遞認證。Authentication is performed by passing credentials between the clients and services. 您可以透過傳輸層級安全性或 SOAP 訊息層級安全性來進行驗證,如下所示:Authentication can be either through transport-level security or through SOAP message-level security, as follows:

  • 在 SOAP 訊息安全性中,可以透過使用者名稱/密碼、X.509 憑證、Kerberos 票證和 SAML 語彙基元這類認證來執行驗證,而視簽發者而定,這些認證中可能含有個人資訊。In SOAP message security, authentication is performed through credentials like username/passwords, X.509 certificates, Kerberos tickets, and SAML tokens, all of which might contain personal information, depending on the issuer.

  • 使用傳輸安全性時,則可藉由 HTTP 驗證配置 (Basic、Digest、Negotiate、Integrated Windows Authorization、NTLM、None 和 Anonymous) 這種傳統傳輸驗證機制和表單驗證,來處理驗證動作。Using transport security, authentication is done through traditional transport authentication mechanisms like HTTP authentication schemes (Basic, Digest, Negotiate, Integrated Windows Authorization, NTLM, None, and Anonymous), and form authentication.

執行驗證之後,會在進行通訊的端點之間建立安全工作階段。Authentication can result in a secure session established between the communicating endpoints. 這個工作階段是由會在安全性工作階段的存留期間持續活動的 GUID 所識別。The session is identified by a GUID that lasts the lifetime of the security session. 下表會顯示所保留的項目的位置。The following table shows what is kept and where.

資料Data 存放裝置Storage
展示認證,例如使用者名稱、X.509 憑證、Kerberos 語彙基元和認證的各種參照。Presentation credentials, such as username, X.509 certificates, Kerberos tokens, and references to credentials. 標準 Windows 認證管理機制,例如 Windows 憑證存放庫。Standard Windows credential management mechanisms such as the Windows certificate store.
使用者成員資格資訊,例如使用者名稱和密碼。User membership information, such as usernames and passwords. ASP.NET 成員資格提供者。ASP.NET membership providers.
身分識別服務的相關資訊,此服務是用來驗證用戶端的服務。Identity information about the service used to authenticate the service to clients. 服務的端點位址。Endpoint address of the service.
呼叫端資訊。Caller information. 稽核記錄。Auditing logs.

稽核Auditing

稽核會記錄驗證和授權事件的成功與失敗。Auditing records the success and failure of authentication and authorization events. 稽核記錄中則包含下列資料:服務 URI、動作 URI 和呼叫端的識別。Auditing records contain the following data: service URI, action URI, and the caller's identification.

稽核也會記錄系統管理員修改訊息記錄組態 (開啟或關閉) 的時間,這是因為訊息記錄可能會在標頭和本文中記錄應用程式特定的資料。Auditing also records when the administrator modifies the configuration of message logging (turning it on or off), because message logging may log application-specific data in headers and bodies. 若為 Windows XPWindows XP,則會在應用程式事件日誌中記載一筆記錄。For Windows XPWindows XP, a record is logged in the application event log. 若為 Windows VistaWindows VistaWindows Server 2003Windows Server 2003,則會在安全性事件日誌中記載一筆記錄。For Windows VistaWindows Vista and Windows Server 2003Windows Server 2003, a record is logged in the security event log.

異動Transactions

交易功能可為 WCF 應用程式提供交易服務。The transactions feature provides transactional services to a WCF application.

交易傳播中使用的交易標頭可能包含屬於 GUID 的交易識別碼或登記識別碼。Transaction headers used in transaction propagation may contain Transaction IDs or Enlistment IDs, which are GUIDs.

異動功能會使用 Microsoft Distributed Transaction Coordinator (MSDTC) 的異動管理員 (一種 Windows 元件) 來管理異動狀態。The Transactions feature uses the Microsoft Distributed Transaction Coordinator (MSDTC) Transaction Manager (a Windows component) to manage transaction state. 根據預設,系統會加密異動管理員之間的通訊。By default, communications between Transactions Managers are encrypted. 交易管理員可能會記錄端點參照、交易識別碼和登記識別碼,作為其長期狀態的一部分。Transaction Managers may log endpoint references, Transaction IDs, and Enlistment IDs as part of their durable state. 這個狀態的存留期則是由異動管理員的記錄檔存留期所決定。The lifetime of this state is determined by the lifetime of the Transaction Manager’s log file. MSDTC 服務則擁有並維護此記錄。The MSDTC service owns and maintains this log.

異動功能會實作 WS-Coordination 和 WS-Atomic 異動標準。The Transactions feature implements the WS-Coordination and WS-Atomic Transaction standards.

可靠工作階段Reliable Sessions

WCF 中的可靠會話會在發生傳輸或媒介失敗時,提供訊息的傳輸。Reliable sessions in WCF provide the transfer of messages when transport or intermediary failures occur. 即使中斷基礎傳輸 (例如,無線網路上的 TCP 連線) 或遺失訊息 (HTTP Proxy 捨棄了傳出或傳入的訊息),這些可靠的工作階段仍可確實傳送一次訊息。They provide an exactly-once transfer of messages even when the underlying transport disconnects (for example, a TCP connection on a wireless network) or loses a message (an HTTP proxy dropping an outgoing or incoming message). 可靠的工作階段也會復原重新排列順序後的訊息 (在多路徑路由時可能會發生),保留訊息傳送的順序。Reliable sessions also recover message reordering (as may happen in the case of multipath routing), preserving the order in which the messages were sent.

您可以使用 WS-ReliableMessaging (WS-RM) 通訊協定來實作可靠的工作階段。Reliable sessions are implemented using the WS-ReliableMessaging (WS-RM) protocol. 這些工作階段會新增其中包含工作階段資訊的 WS-RM 標頭,而您可以使用此資訊來識別與特定可靠的工作階段相關聯的所有訊息。They add WS-RM headers that contain session information, which is used to identify all messages associated with a particular reliable session. 每個 WS-RM 工作階段都有識別碼,也就是 GUID。Each WS-RM session has an identifier, which is a GUID.

使用者電腦上不會保留任何個人資訊。No personal information is retained on the end-user's machine.

佇列通道Queued Channels

佇列可代表接收應用程式,存放來自傳送應用程式的訊息,並在稍後將這些訊息轉寄至接收應用程式。Queues store messages from a sending application on behalf of a receiving application and later forward these messages to the receiving application. 例如,接收應用程式為暫時性時,使用佇列將協助確保訊息的傳輸,從傳送應用程式至接收應用程式。They help ensure the transfer of messages from sending applications to receiving applications when, for example, the receiving application is transient. WCF 藉由使用 Microsoft Message Queuing (MSMQ)做為傳輸,提供佇列的支援。WCF provides support for queuing by using Microsoft Message Queuing (MSMQ) as a transport.

佇列通道功能不會將標頭新增至訊息。The queued channels feature does not add headers to a message. 該功能會以適當的 [訊息佇列] 訊息屬性設定,來建立 [訊息佇列] 的訊息,並叫用 [訊息佇列] 方法以將訊息放置在 [訊息佇列] 的佇列中。Instead it creates a Message Queuing message with appropriate Message Queuing message properties set, and invokes Message Queuing methods to put the message in the Message Queuing queue. [訊息佇列] 是隨附於 Windows 的選用元件。Message Queuing is an optional component that ships with Windows.

佇列通道功能並不會在終端使用者電腦上保留任何資訊,而這都歸功於使用 [訊息佇列] 做為佇列基礎結構。No information is retained on the end-user's machine by the queued channels feature, because it uses Message Queuing as the queuing infrastructure.

COM+ 整合COM+ Integration

這項功能會包裝現有的 COM 和 COM + 功能,以建立與 WCF 服務相容的服務。This feature wraps existing COM and COM+ functionality to create services that are compatible with WCF services. 這項功能不會使用特定標頭,也不會在終端使用者的電腦上保留任何資料。This feature does not use specific headers and it does not retain data on the end-user's machine.

COM 服務 MonikerCOM Service Moniker

這會提供標準 WCF 用戶端的非受控包裝函式。This provides an unmanaged wrapper to a standard WCF client. 這項功能在網路上沒有特定的標頭,也不會在電腦上保留任何資料。This feature does not have specific headers on the wire nor does it persist data on the machine.

對等通道Peer Channel

對等通道可讓您使用 WCF 開發多方應用程式。A peer channel enables development of multiparty applications using WCF. 多方通訊會以網狀結構的脈絡發生。Multiparty messaging occurs in the context of a mesh. [網狀結構] 是依照各節點可加入的名稱所識別。Meshes are identified by a name that nodes can join. 對等通道中的每個節點都會在使用者指定的連接埠上建立 TCP 接聽項,並與網狀結構中的其他節點建立連線以確保擁有回復性。Each node in the peer channel creates a TCP listener at a user-specified port and establishes connections with other nodes in the mesh to ensure resiliency. 若要連線至網狀結構中的其他節點,節點也必須與網狀結構中的其他節點交換資料,包括接聽項位址和電腦的 IP 位址。To connect to other nodes in the mesh, nodes also exchange some data, including the listener address and the machine's IP addresses, with other nodes in the mesh. 在網狀結構中來回傳送的訊息會包含專屬於傳送者的安全性資訊,因此可防止發生訊息詐騙和竄改。Messages sent around in the mesh can contain security information that pertains to the sender to prevent message spoofing and tampering.

使用者電腦上不會存放任何個人資訊。No personal information is stored on the end-user's machine.

IT 專業人員的體驗IT Professional Experience

追蹤Tracing

WCF 基礎結構的診斷功能會記錄透過傳輸和服務模型層所傳遞的訊息,以及與這些訊息相關聯的活動和事件。The diagnostics feature of the WCF infrastructure logs messages that pass through the transport and service model layers, and the activities and events associated with these messages. 根據預設,這個功能是關閉的。This feature is turned off by default. 它是使用應用程式的設定檔來啟用,而且追蹤行為可能會在執行時間使用 WCF WMI 提供者來修改。It is enabled using the application’s configuration file and the tracing behavior may be modified using the WCF WMI provider at run time. 啟用此功能時,追蹤基礎結構會將包含訊息、活動和處理事件的診斷追蹤,發送至已設定的接聽項。When enabled, the tracing infrastructure emits a diagnostic trace that contains messages, activities, and processing events to configured listeners. 輸出的格式和位置是由系統管理員的接聽程式組態選項來決定,不過通常會是 XML 格式的檔案。The format and location of the output are determined by the administrator’s listener configuration choices, but is typically an XML formatted file. 系統管理員要負責設定追蹤檔上的存取控制清單 (ACL)。The administrator is responsible for setting the access control list (ACL) on the trace files. 由 Windows Activation System (WAS) 裝載時,系統管理員更應該確定在非必須的情況下,不是從公開的虛擬根目錄使用檔案。In particular, when hosted by Windows Activation System (WAS), the administrator should make sure the files are not served from the public virtual root directory if that is not desired.

追蹤的類型有兩種:訊息記錄和服務模型診斷追蹤,分別會在下節中描述。There are two types of tracing: Message logging and Service Model diagnostic tracing, described in the following section. 這兩個類型的追蹤也可透過本身的追蹤來源進行設定:MessageLoggingSystem.ServiceModelEach type is configured through its own trace source: MessageLogging and System.ServiceModel. 這些記錄追蹤來源都會擷取對應用程式而言為本機的資料。Both of these logging trace sources capture data that is local to the application.

訊息記錄Message Logging

訊息記錄追蹤來源 (MessageLogging) 可讓系統管理員記錄在系統來回傳送的訊息。The message logging trace source (MessageLogging) allows an administrator to log the messages that flow through the system. 透過組態,使用者可以決定要記錄整個訊息或僅記錄訊息標頭、是否要在傳輸層及 (或) 服務模型層記錄,以及是否包含格式不正確的訊息。Through configuration, the user may decide to log entire messages or message headers only, whether to log at the transport and/or service model layers, and whether to include malformed messages. 此外,使用者也可以設定篩選以限制要記錄的訊息。Also, the user may configure filtering to restrict which messages are logged.

根據預設,訊息記錄呈停用狀態。By default, message logging is disabled. 而本機電腦的系統管理員可以防止應用程式層級的管理員開啟訊息記錄功能。The local machine administrator can prevent the application-level administrator from turning message logging on.

加密和解密的訊息記錄Encrypted and Decrypted Message Logging

系統會對訊息進行記錄、加密或解密,如下列詞彙所述。Messages are logged, encrypted, or decrypted, as described in the following terms.

傳輸記錄Transport Logging
記錄在傳輸層級接收和傳送的訊息。Logs messages received and sent at the transport level. 這些訊息包含所有標頭,而且可能會在網路上傳送前和收到訊息時加密。These messages contain all headers, and may be encrypted before being sent on the wire and when being received.

如果訊息是在網路上傳送之前以及收到時進行加密,那麼這些訊息也會以加密記錄。If messages are encrypted before being sent on the wire and when they are received, they are logged encrypted as well. 使用安全性通訊協定 (https) 則為例外:即使在網路上加密這些訊息,仍會在傳送之前和接收之後,以解密記錄。An exception is when a security protocol is used (https): they are then logged decrypted before being sent and after being received even if they are encrypted on the wire.

服務記錄Service Logging
記錄在服務模型層級、發生通道標頭處理之後以及輸入使用者程式碼之前與之後所接收或傳送的訊息。Logs messages received or sent at the service model level, after channel header processing has occurred, just before and after entering user code.

在此層級記錄的訊息即使已安全保護並且在網路上加密,仍會進行解密。Messages logged at this level are decrypted even if they were secured and encrypted on the wire.

格式不正確的訊息記錄Malformed Message Logging
記錄 WCF 基礎結構無法瞭解或處理的訊息。Logs messages that the WCF infrastructure cannot understand or process.

會以現狀記錄訊息,也就是加密或未加密的狀態。Messages are logged as-is, that is, encrypted or not

以解密或未加密的形式記錄訊息時,根據預設,WCF 會先從訊息移除安全性金鑰和可能的個人資訊,再進行記錄。When messages are logged in decrypted or unencrypted form, by default WCF removes security keys and potentially personal information from the messages before logging them. 下面章節會描述要移除的資訊以及移除的時機。The next sections describe what information is removed, and when. 電腦的系統管理員和應用程式開發人員都必須採取特定的組態動作,才能變更行為以記錄金鑰和可能的個人資訊。The machine administrator and application deployer must both take certain configuration actions to change the default behavior to log keys and potentially personal information.

記錄解密/未加密訊息時,從訊息標頭中移除的資訊Information Removed from Message Headers When Logging Decrypted/Unencrypted Messages

以解密/未加密形式記錄訊息時,在記錄訊息之前,預設會從訊息標頭和訊息本文中移除安全性金鑰和可能會有的個人資訊。When messages are logged in decrypted/unencrypted form, security keys and potentially personal information are removed by default from message headers and message bodies before they are logged. 下列清單顯示 WCF 會考慮哪些金鑰和可能的個人資訊。The following list shows what WCF considers keys and potentially personal information.

移除的金鑰:Keys that are removed:

xmlns: wst = "http://schemas.xmlsoap.org/ws/2004/04/trust" 和 xmlns: wst = "http://schemas.xmlsoap.org/ws/2005/02/trust" 的 -- For xmlns:wst="http://schemas.xmlsoap.org/ws/2004/04/trust" and xmlns:wst="http://schemas.xmlsoap.org/ws/2005/02/trust"

wst:BinarySecretwst:BinarySecret

wst:Entropywst:Entropy

xmlns: wsse = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.1.xsd" 和 xmlns: wsse = "http://docs.oasis-open.org/wss/2005/xx/oasis-2005xx-wss-wssecurity-secext-1.1.xsd" 的 -- For xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.1.xsd" and xmlns:wsse="http://docs.oasis-open.org/wss/2005/xx/oasis-2005xx-wss-wssecurity-secext-1.1.xsd"

wsse:Passwordwsse:Password

wsse:Noncewsse:Nonce

移除的可能個人資訊:Potentially personal information that is removed:

xmlns: wsse = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.1.xsd" 和 xmlns: wsse = "http://docs.oasis-open.org/wss/2005/xx/oasis-2005xx-wss-wssecurity-secext-1.1.xsd" 的 -- For xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.1.xsd" and xmlns:wsse="http://docs.oasis-open.org/wss/2005/xx/oasis-2005xx-wss-wssecurity-secext-1.1.xsd"

wsse:Usernamewsse:Username

wsse:BinarySecurityTokenwsse:BinarySecurityToken

- For xmlns: saml = "urn: oasis: names: tc: SAML:1.0:判斷提示」會移除以粗體顯示的專案(如下所示):- For xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" the items in bold (below) are removed:

<Assertion<Assertion

MajorVersion="1"MajorVersion="1"

MinorVersion="1"MinorVersion="1"

AssertionId="[ID]"AssertionId="[ID]"

Issuer="[string]"Issuer="[string]"

IssueInstant="[dateTime]"IssueInstant="[dateTime]"

<Conditions NotBefore = "[dateTime]" NotOnOrAfter = "[dateTime]" ><Conditions NotBefore="[dateTime]" NotOnOrAfter="[dateTime]">

<AudienceRestrictionCondition ><AudienceRestrictionCondition>

<Audience > [uri] </Audience > +<Audience>[uri]</Audience>+

</AudienceRestrictionCondition > *</AudienceRestrictionCondition>*

<DoNotCacheCondition/> *<DoNotCacheCondition />*

< !--抽象基底類型<!-- abstract base type

<Condition/> *<Condition />*

-->

</Conditions >?</Conditions>?

<Advice ><Advice>

<AssertionIDReference > [識別碼] </AssertionIDReference > *<AssertionIDReference>[ID]</AssertionIDReference>*

<Assertion > [判斷提示] </Assertion > *<Assertion>[assertion]</Assertion>*

[any]*[any]*

</Advice >?</Advice>?

< !--抽象基底類型<!-- Abstract base types

<Statement/> *<Statement />*

<SubjectStatement ><SubjectStatement>

<Subject ><Subject>

<NameIdentifier

NameQualifier="[string]"?

Format="[uri]"?

>

[string]

</NameIdentifier>?

<SubjectConfirmation ><SubjectConfirmation>

<ConfirmationMethod > [anyUri] </ConfirmationMethod > +<ConfirmationMethod>[anyUri]</ConfirmationMethod>+

<SubjectConfirmationData > [any] </SubjectConfirmationData >?<SubjectConfirmationData>[any]</SubjectConfirmationData>?

<ds: KeyInfo > ... </ds: KeyInfo >?<ds:KeyInfo>...</ds:KeyInfo>?

</SubjectConfirmation >?</SubjectConfirmation>?

</Subject ></Subject>

</SubjectStatement > *</SubjectStatement>*

-->

<AuthenticationStatement<AuthenticationStatement

AuthenticationMethod="[uri]"AuthenticationMethod="[uri]"

AuthenticationInstant="[dateTime]"AuthenticationInstant="[dateTime]"

[主旨][Subject]

<SubjectLocality

IPAddress="[string]"?

DNSAddress="[string]"?

/>?

< AuthorityBinding<AuthorityBinding

AuthorityKind="[QName]"AuthorityKind="[QName]"

Location="[uri]"Location="[uri]"

Binding="[uri]"Binding="[uri]"

/>*

</AuthenticationStatement > *</AuthenticationStatement>*

<AttributeStatement ><AttributeStatement>

[主旨][Subject]

<Attribute<Attribute

AttributeName="[string]"AttributeName="[string]"

AttributeNamespace="[uri]"AttributeNamespace="[uri]"

<AttributeValue>[any]</AttributeValue>+

</Attribute > +</Attribute>+

</AttributeStatement > *</AttributeStatement>*

<AuthorizationDecisionStatement<AuthorizationDecisionStatement

Resource="[uri]"Resource="[uri]"

決策 = "[允許|拒絕|未定]"Decision="[Permit|Deny|Indeterminate]"

[主旨][Subject]

<Action 命名空間 = "[uri]" > [string] </Action > +<Action Namespace="[uri]">[string]</Action>+

<Evidence ><Evidence>

<AssertionIDReference > [識別碼] </AssertionIDReference > +<AssertionIDReference>[ID]</AssertionIDReference>+

<Assertion > [判斷提示] </Assertion > +<Assertion>[assertion]</Assertion>+

</Evidence >?</Evidence>?

</AuthorizationDecisionStatement > *</AuthorizationDecisionStatement>*

</Assertion ></Assertion>

記錄解密/未加密訊息時,從訊息本文中移除的資訊Information Removed from Message Bodies When Logging Decrypted/Unencrypted Messages

如先前所述,WCF 會從訊息標頭中移除已記錄解密/未加密訊息的金鑰和已知的可能個人資訊。As previously described, WCF removes keys and known potentially personal information from message headers for logged decrypted/unencrypted messages. 此外,WCF 會從下列清單中的內文元素和動作的訊息內文中移除金鑰和已知的可能個人資訊,其中描述與金鑰交換相關的安全性訊息。In addition, WCF removes keys and known potentially personal information from message bodies for the body elements and actions in the following list, which describe security messages involved in key exchange.

若為下列命名空間:For the following namespaces:

xmlns: wst = "http://schemas.xmlsoap.org/ws/2004/04/trust" 和 xmlns: wst = "http://schemas.xmlsoap.org/ws/2005/02/trust" (例如,如果沒有可用的動作)xmlns:wst="http://schemas.xmlsoap.org/ws/2004/04/trust" and xmlns:wst="http://schemas.xmlsoap.org/ws/2005/02/trust" (for example, if no action available)

將移除這些本文項目的資訊,而這些本文項目牽涉到金鑰交換:Information is removed for these body elements, which involve key exchange:

wst:RequestSecurityTokenwst:RequestSecurityToken

wst:RequestSecurityTokenResponsewst:RequestSecurityTokenResponse

wst:RequestSecurityTokenResponseCollectionwst:RequestSecurityTokenResponseCollection

也會移除下列每個動作的資訊:Information is also removed for each of the following Actions:

  • http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue

  • http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/Issue

  • http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Renew

  • http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/Renew

  • http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Cancel

  • http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/Cancel

  • http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Validate

  • http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/Validate

  • http://schemas.xmlsoap.org/ws/2005/02/trust/RST/SCT

  • http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/SCT

  • http://schemas.xmlsoap.org/ws/2005/02/trust/RST/SCT/Amend

  • http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/SCT/Amend

  • http://schemas.xmlsoap.org/ws/2005/02/trust/RST/SCT/Renew

  • http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/SCT/Renew

  • http://schemas.xmlsoap.org/ws/2005/02/trust/RST/SCT/Cancel

  • http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/SCT/Cancel

  • http://schemas.xmlsoap.org/ws/2004/04/security/trust/RST/SCT

  • http://schemas.xmlsoap.org/ws/2004/04/security/trust/RSTR/SCT

  • http://schemas.xmlsoap.org/ws/2004/04/security/trust/RST/SCT-Amend

  • http://schemas.xmlsoap.org/ws/2004/04/security/trust/RSTR/SCT-Amend

不會從應用程式特定標頭和本文資料中移除資訊No Information Is Removed from Application-specific Headers and Body Data

WCF 不會追蹤應用程式特定標頭中的個人資訊(例如,查詢字串)或主體資料(例如信用卡號碼)。WCF does not track personal information in application-specific headers (for example, query strings) or body data (for example, credit card number).

訊息記錄啟用時,也許可以在記錄中看見應用程式特定標頭和本文資訊中的個人資訊。When message logging is on, personal information in application-specific headers and body information may be visible in the logs. 因此,應用程式部署者應負責設定組態和記錄檔的 ACL。Again, the application deployer is responsible for setting the ACLs on the configuration and log files. 如果不希望可以看見此資訊,則部署者也可以關閉記錄功能,或者可以在記錄之後從記錄檔中篩選掉此資訊。He also can turn off logging if he does not want this information to be visible, or he may filter out this information from the log files after it is logged.

服務模型追蹤Service Model Tracing

服務模型追蹤來源 (System.ServiceModel) 會啟用與訊息處理相關的活動和事件追蹤。The Service Model trace source (System.ServiceModel) enables tracing of activities and events related to message processing. 這個功能會從 System.Diagnostics 使用 .NET Framework 的診斷功能。This feature uses the .NET Framework diagnostic functionality from System.Diagnostics. 在搭配 MessageLogging 屬性時,使用者可以使用 .NET Framework 應用程式組態檔來設定位置和 ACL。As with the MessageLogging property, the location and its ACL are user-configurable using .NET Framework application configuration files. 使用訊息記錄時,只要系統管理員啟用追蹤就一定會設定檔案位置,這表示系統管理員控制了 ACL。As with message logging, the file location is always configured when the administrator enables tracing; thus, the administrator controls the ACL.

當訊息在範圍內時,追蹤就包含訊息標頭。Traces contain message headers when a message is in scope. 有關上一節所提及之隱藏訊息標頭中的潛在個人資訊,其對應的相同規則也適用:預設會從追蹤中的標頭移除先前所識別的個人資訊。The same rules for hiding potentially personal information in message headers in the previous section apply: the personal information previously identified is removed by default from the headers in traces. 電腦系統管理員和應用程式部署者都必須修改組態,才能記錄可能的個人資訊。Both the machine administrator and the application deployer must modify the configuration in order to log potentially personal information. 不過,應用程式特定標頭所含的個人資訊則會記錄在追蹤中。However, personal information contained in application-specific headers is logged in traces. 應用程式部署者應負責設定組態和追蹤檔的 ACL。The application deployer is responsible for setting the ACLs on the configuration and trace files. 如果不希望可以看見此資訊,則部署者也可以關閉追蹤功能,或者可以在記錄之後從追蹤檔中篩選掉此資訊。He also can turn off tracing if he does not want this information to be visible, or he can filter out this information from the trace files after it is logged.

在進行 ServiceModel 追蹤時,當訊息在基礎結構的不同部分傳遞時,唯一識別碼 (又稱為活動識別碼,而且通常為 GUID) 就會將不同的活動連結起來。As part of ServiceModel Tracing, Unique IDs (called Activity IDs, and typically a GUID) link different activities together as a message flows through different parts of the infrastructure.

自訂追蹤接聽項Custom Trace Listeners

您可以對訊息記錄和追蹤設定自訂追蹤接聽項,這樣就可在網路上傳送追蹤和訊息 (例如,傳送至遠端資料庫)。For both message logging and tracing, a custom trace listener can be configured, which can send traces and messages on the wire (for example, to a remote database). 應用程式部署者負責設定自訂接聽項或讓使用者進行自訂。The application deployer is responsible for configuring custom listeners or enabling users to do so. 部署者也負責遠端位置公開的個人資訊,以及適當套用 ACL 至此位置。He is also responsible for any personal information exposed at the remote location, and for properly applying ACLs to this location.

IT 專業人員可用的其他功能Other features for IT Professionals

WCF 有一個 WMI 提供者,可透過 WMI (隨附于 Windows)公開 WCF 基礎結構設定資訊。WCF has a WMI provider that exposes the WCF infrastructure configuration information through WMI (shipped with Windows). 根據預設,系統管理員將可使用 WMI 介面。By default, the WMI interface is available to administrators.

WCF 設定會使用 .NET Framework 設定機制。WCF configuration uses the .NET Framework configuration mechanism. 而這些組態檔會存放在電腦上。The configuration files are stored on the machine. 應用程式開發人員和系統管理員會針對每項應用程式需求而建立組態檔和 ACL。The application developer and the administrator create the configuration files and ACL for each of the application's requirements. 組態檔中包含了一些端點位址和連結,可連接到憑證存放區的憑證。A configuration file can contain endpoint addresses and links to certificates in the certificate store. 您可以使用憑證來提供應用程式資料,進而可設定應用程式所使用的各種功能屬性。The certificates can be used to provide application data to configure various properties of the features used by the application.

WCF 也會藉由呼叫 FailFast 方法,來使用 .NET Framework 進程傾印功能。WCF also uses the .NET Framework process dump functionality by calling the FailFast method.

IT 專業人員工具IT Pro Tools

WCF 也提供下列的 IT 專業人員工具,其隨附于 Windows SDK。WCF also provides the following IT professional tools, which ship in the Windows SDK.

SvcTraceViewer.exeSvcTraceViewer.exe

檢視器會顯示 WCF 追蹤檔案。The viewer displays WCF trace files. 也會顯示追蹤內所含的任何資訊。The viewer shows whatever information is contained in the traces.

SvcConfigEditor.exeSvcConfigEditor.exe

編輯器可讓使用者建立和編輯 WCF 設定檔。The editor allows the user to create and edit WCF configuration files. 這個編輯器還會顯示組態檔中所含的任何資訊。The editor shows whatever information is contained in the configuration files. 使用文字編輯器也可完成同樣的工作。The same task can be accomplished with a text editor.

ServiceModel_RegServiceModel_Reg

這個工具可讓使用者管理電腦上的 ServiceModel 安裝。This tool allows the user to manage ServiceModel installs on a machine. 此工具會在執行時于主控台視窗中顯示狀態訊息,而在進程中,可能會顯示 WCF 安裝設定的相關資訊。The tool displays status messages in a console window when it runs and, in the process, may display information about the configuration of the WCF installation.

WSATConfig.exe 和 WSATUI.dllWSATConfig.exe and WSATUI.dll

這些工具可讓 IT 專業人員在 WCF 中設定互通的 WS-ATOMICTRANSACTION 網路支援。These tools allow IT Professionals to configure interoperable WS-AtomicTransaction network support in WCF. 這些工具會顯示存放在登錄的最常用 WS-AtomicTransaction 設定值,也可讓使用者變更這些值。The tools display and allow the user to change the values of the most commonly used WS-AtomicTransaction settings stored in the registry.

跨領域功能Cross-cutting Features

下列功能為跨領域功能。The following features are cross-cutting. 也就是說,可以使用前面提及的任何功能來組成不同的功能。That is, they can be composed with any of the preceding features.

服務架構Service Framework

標頭中可含執行個體識別碼,這是會使訊息與 CLR 類別的執行個體產生關聯的 GUID。Headers can contain an instance ID, which is a GUID that associates a message with an instance of a CLR class.

Web 服務描述語言 (WSDL) 中包含了連接埠定義。The Web Services Description Language (WSDL) contains a definition of the port. 每個連接埠都有端點位址,以及表示應用程式所使用服務的繫結。Each port has an endpoint address and a binding that represents the services used by the application. 您可以透過組態決定是否公開 WSDL。Exposing WSDL can be turned off using configuration. 在電腦上不會保留任何資訊。No information is retained on the machine.

請參閱See also