使用WSFederationHttpBinding的性能非常糟糕

Question

使用WSFederationHttpBinding我的性能非常差 - 每秒只处理250个请求.

捆绑:

public class CustomFactoryActive : ServiceHostFactory
    {
        protected override ServiceHost CreateServiceHost(Type serviceType, Uri[] baseAddresses)
        {
            ServiceHost host = new ServiceHost(serviceType, baseAddresses);
            CommonConf.ConfigureServiceHost(host);


            string issuerAddress = ConfigManager.ActiveSTS;
            string issuerMexAddress = issuerAddress + "/mex";

            WSFederationHttpBinding wsFedBinding = new WSFederationHttpBinding();
            wsFedBinding.Security.Mode = WSFederationHttpSecurityMode.Message;
            wsFedBinding.ReliableSession.Enabled = false;

            wsFedBinding.MaxReceivedMessageSize = wsFedBinding.MaxBufferPoolSize = Constants.MaxFileSize;

            XmlDictionaryReaderQuotas quotas = wsFedBinding.ReaderQuotas;
            quotas.MaxArrayLength = quotas.MaxBytesPerRead = quotas.MaxStringContentLength =
                quotas.MaxNameTableCharCount = quotas.MaxDepth = (int)Constants.MaxFileSize;

            var messageSecurity = wsFedBinding.Security.Message;

            messageSecurity.IssuedTokenType = "http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1";
            messageSecurity.IssuedKeyType = SecurityKeyType.SymmetricKey;
            messageSecurity.EstablishSecurityContext = false;
            messageSecurity.NegotiateServiceCredential = false;

            messageSecurity.IssuerAddress = new EndpointAddress(new Uri(issuerAddress));
            messageSecurity.IssuerMetadataAddress = new EndpointAddress(new Uri(issuerMexAddress));


            WS2007HttpBinding ws2007HttpBinding = new WS2007HttpBinding(SecurityMode.TransportWithMessageCredential);
            var wsHttpSecurity = ws2007HttpBinding.Security;
            wsHttpSecurity.Message.ClientCredentialType = MessageCredentialType.UserName;//??????????? ?? ?????? ? ??????
            wsHttpSecurity.Message.NegotiateServiceCredential = true;
            wsHttpSecurity.Message.AlgorithmSuite = SecurityAlgorithmSuite.Default;

            messageSecurity.IssuerBinding = ws2007HttpBinding;

            ContractDescription contractDescription = ContractDescription.GetContract(typeof(ISignService));

            EndpointAddress endpointAddress = new EndpointAddress(baseAddresses[0]);
            ServiceEndpoint endpoint = new ServiceEndpoint(contractDescription, wsFedBinding, endpointAddress);
            host.Description.Endpoints.Add(endpoint);

            return host;
        }
    }

我的wcf测试方法什么都不做 - 它只返回1个字节.

但是当我使用带有消息安全性的简单WSHttpBinding而没有任何WIF saml令牌时,我得到了大约.每秒4000个请求

我不明白为什么

Answer 1

您应该设置和配置WCF跟踪以查看WCF体系结构中花费时间的大纲,有关详细信息,请参阅http://msdn.microsoft.com/en-us/library/ms733025.aspx.

启用跟踪并查看请求时,您可能会看到(在单个调用方多次调用同一服务的测试环境中)STS仅被调用一次,后续调用包含缓存的标记.但是,所有呼叫仍将设置安全连接,从而为每次呼叫验证令牌(这将花费一些CPU时间).或者,您可以/可以通过方法级别分析服务主机来验证所有这些,这将更清楚地显示完全花费时间的位置.