HOW TO:搭配 WCF Exchange Server Mail Transport 使用訊息安全性
更新:2007 年 11 月
本範例示範如何搭配 Windows Communication Foundation (WCF) Exchange Server Mail Transport 使用 SOAP 訊息安全性。
範例
下列範例是在桌面上執行,顯示如何使用訊息安全性傳送和接收訊息。
這個範例假設憑證存放區有來自受信任來源的憑證,而且程式碼中對該憑證的參考也經過適當更新。
當您建立訊息時,必須以額外參數傳入自訂序列化程式,來序列化 CreateMessage 呼叫中的訊息。在桌面上,您可以使用自訂序列化程式或屬性來建立序列化資料。不過,建議您在裝置和桌面上使用同一個序列化程式。
自訂序列化程式並非專屬於 WCF Exchange Server Mail Transport,而且未包含在此範例中。如需自訂序列化程式的範例,請參閱 HOW TO:序列化 WCF 應用程式中的訊息。
Class Program
Private Shared ChannelName As String = "Channel1"
Private Shared ServiceEmailAddress As String = "service@fabrikam.com"
Private Shared serializer As New CFMessagingSerializer(GetType(String))
Shared Sub Main(ByVal args() As String)
Dim factory As IChannelFactory(Of IOutputChannel)
Dim output As IOutputChannel
Dim bpc As BindingParameterCollection
Dim message As Message
Dim binding As ExchangeWebServiceMailBinding
Dim clientEmailServer As New Uri("http://mail.example.com")
Dim clientEmailAddress As String = "client@example.com"
Dim password As String = "password"
binding = New ExchangeWebServiceMailBinding(clientEmailServer, New NetworkCredential(clientEmailAddress, password))
binding.Security.Mode = MailSecurityMode.Message
bpc = New BindingParameterCollection()
Dim cc As New ClientCredentials()
cc.ClientCertificate.SetCertificate(System.Security.Cryptography.X509Certificates.StoreLocation.CurrentUser, System.Security.Cryptography.X509Certificates.StoreName.My, System.Security.Cryptography.X509Certificates.X509FindType.FindBySubjectName, "example.com")
cc.ServiceCertificate.Authentication.CertificateValidationMode = System.ServiceModel.Security.X509CertificateValidationMode.ChainTrust
cc.ServiceCertificate.SetDefaultCertificate(System.Security.Cryptography.X509Certificates.StoreLocation.CurrentUser, System.Security.Cryptography.X509Certificates.StoreName.My, System.Security.Cryptography.X509Certificates.X509FindType.FindBySubjectName, "fabrikam.com")
Dim cpr As New ChannelProtectionRequirements()
' Sign and encrypt body for *all* messages
cpr.OutgoingSignatureParts.AddParts(New MessagePartSpecification(True), "*")
cpr.IncomingSignatureParts.AddParts(New MessagePartSpecification(True), "*")
cpr.OutgoingEncryptionParts.AddParts(New MessagePartSpecification(True), "*")
cpr.IncomingEncryptionParts.AddParts(New MessagePartSpecification(True), "*")
bpc.Add(cc)
bpc.Add(cpr)
factory = binding.BuildChannelFactory(Of IOutputChannel)(bpc)
factory.Open()
Dim sendAddress As New EndpointAddress(MailUriHelper.CreateUri(ChannelName, ServiceEmailAddress), EndpointIdentity.CreateX509CertificateIdentity(cc.ServiceCertificate.DefaultCertificate))
output = factory.CreateChannel(sendAddress)
message = System.ServiceModel.Channels.Message.CreateMessage(MessageVersion.Default, "urn:Test", "Hello, World!", serializer)
output.Open()
output.Send(message)
output.Close()
factory.Close()
binding.Close()
' Receiving message on the server side
'
Dim listener As IChannelListener(Of IInputChannel)
Dim input As IInputChannel
Dim serviceEmailServer As New Uri("http://mail.fabrikam.com")
binding = New ExchangeWebServiceMailBinding(serviceEmailServer, New NetworkCredential(ServiceEmailAddress, password), MailSecurityMode.Message)
' Create credential for the listening side
Dim sc As New ServiceCredentials()
sc.ServiceCertificate.SetCertificate(System.Security.Cryptography.X509Certificates.StoreLocation.CurrentUser, System.Security.Cryptography.X509Certificates.StoreName.My, System.Security.Cryptography.X509Certificates.X509FindType.FindBySubjectName, "fabrikam.com")
sc.ClientCertificate.Authentication.CertificateValidationMode = X509CertificateValidationMode.None
bpc = New BindingParameterCollection()
bpc.Add(sc)
bpc.Add(cpr)
listener = binding.BuildChannelListener(Of IInputChannel)(MailUriHelper.CreateUri(ChannelName, ""))
listener.Open()
input = listener.AcceptChannel()
input.Open()
message = input.Receive()
Dim data As String = message.GetBody(Of String)(serializer)
input.Close()
listener.Close()
binding.Close()
End Sub
End Class
class Program
{
private static string ChannelName = "Channel1";
private static string ServiceEmailAddress = "service@fabrikam.com";
private static CFMessagingSerializer serializer = new CFMessagingSerializer(typeof(string));
static void Main(string[] args)
{
IChannelFactory<IOutputChannel> factory;
IOutputChannel output;
BindingParameterCollection bpc;
Message message;
ExchangeWebServiceMailBinding binding;
Uri clientEmailServer = new Uri("http://mail.example.com");
string clientEmailAddress = "client@example.com";
string password = "password";
binding = new ExchangeWebServiceMailBinding(clientEmailServer,
new NetworkCredential(clientEmailAddress, password));
binding.Security.Mode = MailSecurityMode.Message;
bpc = new BindingParameterCollection();
ClientCredentials cc = new ClientCredentials();
cc.ClientCertificate.SetCertificate(
System.Security.Cryptography.X509Certificates.StoreLocation.CurrentUser,
System.Security.Cryptography.X509Certificates.StoreName.My,
System.Security.Cryptography.X509Certificates.X509FindType.FindBySubjectName,
"example.com");
cc.ServiceCertificate.Authentication.CertificateValidationMode =
System.ServiceModel.Security.X509CertificateValidationMode.ChainTrust;
cc.ServiceCertificate.SetDefaultCertificate(System.Security.Cryptography.X509Certificates.StoreLocation.CurrentUser,
System.Security.Cryptography.X509Certificates.StoreName.My, System.Security.Cryptography.X509Certificates.X509FindType.FindBySubjectName,
"fabrikam.com");
ChannelProtectionRequirements cpr = new ChannelProtectionRequirements();
// Sign and encrypt body for *all* messages
cpr.OutgoingSignatureParts.AddParts(new MessagePartSpecification(true), "*");
cpr.IncomingSignatureParts.AddParts(new MessagePartSpecification(true), "*");
cpr.OutgoingEncryptionParts.AddParts(new MessagePartSpecification(true), "*");
cpr.IncomingEncryptionParts.AddParts(new MessagePartSpecification(true), "*");
bpc.Add(cc);
bpc.Add(cpr);
factory = binding.BuildChannelFactory<IOutputChannel>(bpc);
factory.Open();
EndpointAddress sendAddress = new EndpointAddress(MailUriHelper.CreateUri(ChannelName,
ServiceEmailAddress), EndpointIdentity.CreateX509CertificateIdentity(cc.ServiceCertificate.DefaultCertificate));
output = factory.CreateChannel(sendAddress);
message = Message.CreateMessage(MessageVersion.Default, "urn:Test", "Hello, World!", serializer);
output.Open();
output.Send(message);
output.Close();
factory.Close();
binding.Close();
// Receiving message on the server side
//
IChannelListener<IInputChannel> listener;
IInputChannel input;
Uri serviceEmailServer = new Uri("http://mail.fabrikam.com");
binding = new ExchangeWebServiceMailBinding(serviceEmailServer,
new NetworkCredential(ServiceEmailAddress, password),
MailSecurityMode.Message);
// Create credential for the listening side
ServiceCredentials sc = new ServiceCredentials();
sc.ServiceCertificate.SetCertificate(
System.Security.Cryptography.X509Certificates.StoreLocation.CurrentUser,
System.Security.Cryptography.X509Certificates.StoreName.My,
System.Security.Cryptography.X509Certificates.X509FindType.FindBySubjectName,
"fabrikam.com");
sc.ClientCertificate.Authentication.CertificateValidationMode = X509CertificateValidationMode.None;
bpc = new BindingParameterCollection();
bpc.Add(sc);
bpc.Add(cpr);
listener = binding.BuildChannelListener<IInputChannel>(MailUriHelper.CreateUri(ChannelName, ""), bpc);
listener.Open();
input = listener.AcceptChannel();
input.Open();
message = input.Receive();
string data = message.GetBody<string>(serializer);
input.Close();
listener.Close();
binding.Close();
}
}
編譯程式碼
此範例需要下列命名空間的參考:
安全性
如需安全性選項的詳細資訊,請參閱 WCF Exchange Server Mail Transport。
請參閱
工作
逐步解說:使用 WCF Exchange Server Mail Transport
其他資源
Windows Communication Foundation (WCF) 開發和 .NET Compact Framework