1

我们在自定义绑定上设置安全性,如下所示:

var lSecurity = lCustomBinding.Elements.Find<TransportSecurityBindingElement>();
                lSecurity.LocalClientSettings.DetectReplays = false;
                lSecurity.LocalServiceSettings.DetectReplays = false;
                lSecurity.LocalClientSettings.TimestampValidityDuration = TimeSpan.FromDays(7);
                lSecurity.LocalServiceSettings.TimestampValidityDuration = TimeSpan.FromDays(7);
                lSecurity.LocalClientSettings.MaxClockSkew = TimeSpan.FromDays(7);
                lSecurity.LocalServiceSettings.MaxClockSkew = TimeSpan.FromDays(7);

现在我们发现,如果我们通过将客户端设置回从现在到 7 天的任何时间来测试上述内容,它就可以工作。但是,当我们将客户端设置为未来 9 小时以上的时间时,我们会遇到异常。

我们唯一发现的是另一个线程末尾的一些晦涩的引用:

http://social.msdn.microsoft.com/Forums/en/wcf/thread/7c3a7a7e-b9a5-4198-9a29-c6d4e408d36d

有人有什么想法吗?

更新: 我们得到的异常现在添加在下面。似乎服务器拒绝了客户端消息:

System.ServiceModel.Security.MessageSecurityException occurred
  Message=An unsecured or incorrectly secured fault was received from the other party. See the inner FaultException for the fault code and detail.
  Source=mscorlib
  StackTrace:
    Server stack trace: 
       at System.ServiceModel.Channels.SecurityChannelFactory`1.SecurityRequestChannel.ProcessReply(Message reply, SecurityProtocolCorrelationState correlationState, TimeSpan timeout)
       at System.ServiceModel.Channels.SecurityChannelFactory`1.SecurityRequestChannel.Request(Message message, TimeSpan timeout)
       at System.ServiceModel.Security.SecuritySessionSecurityTokenProvider.DoOperation(SecuritySessionOperation operation, EndpointAddress target, Uri via, SecurityToken currentToken, TimeSpan timeout)
       at System.ServiceModel.Security.SecuritySessionSecurityTokenProvider.RenewTokenCore(TimeSpan timeout, SecurityToken tokenToBeRenewed)
       at System.IdentityModel.Selectors.SecurityTokenProvider.RenewToken(TimeSpan timeout, SecurityToken tokenToBeRenewed)
       at System.ServiceModel.Security.SecuritySessionClientSettings`1.ClientSecuritySessionChannel.RenewKey(TimeSpan timeout)
       at System.ServiceModel.Security.SecuritySessionClientSettings`1.ClientSecuritySessionChannel.SecureOutgoingMessage(Message& message, TimeSpan timeout)
       at System.ServiceModel.Security.SecuritySessionClientSettings`1.ClientSecurityDuplexSessionChannel.Send(Message message, TimeSpan timeout)
       at System.ServiceModel.Channels.ClientReliableChannelBinder`1.DuplexClientReliableChannelBinder`1.OnSend(TDuplexChannel channel, Message message, TimeSpan timeout)
       at System.ServiceModel.Channels.ReliableChannelBinder`1.Send(Message message, TimeSpan timeout, MaskingMode maskingMode)
       at System.ServiceModel.Channels.SendReceiveReliableRequestor.OnRequest(Message request, TimeSpan timeout, Boolean last)
       at System.ServiceModel.Channels.ReliableRequestor.Request(TimeSpan timeout)
       at System.ServiceModel.Channels.ClientReliableSession.Open(TimeSpan timeout)
       at System.ServiceModel.Channels.ClientReliableDuplexSessionChannel.OnOpen(TimeSpan timeout)
       at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)
       at System.ServiceModel.Channels.ServiceChannel.OnOpen(TimeSpan timeout)
       at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)
       at System.ServiceModel.Channels.ServiceChannel.CallOpenOnce.System.ServiceModel.Channels.ServiceChannel.ICallOnce.Call(ServiceChannel channel, TimeSpan timeout)
       at System.ServiceModel.Channels.ServiceChannel.CallOnceManager.CallOnce(TimeSpan timeout, CallOnceManager cascade)
       at System.ServiceModel.Channels.ServiceChannel.EnsureOpened(TimeSpan timeout)
       at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)
       at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)
       at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)
    Exception rethrown at [0]: 
       at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)
       at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
       at CompuLoan.Maintenance.IMaintenanceService.IsLicensed(String pHardwareId, Boolean pUseLicense)
       at CompuLoan.Maintenance.MaintenanceServiceClient.IsLicensed(String pHardwareId, Boolean pUseLicense) in C:\Development\compuloan\Source\CompuLoan\Service References\Maintenance\Reference.cs:line 5156
       at CompuLoan.App.IsLicensed(Boolean pUseLicense) in C:\Development\compuloan\Source\CompuLoan\App.xaml.cs:line 365
  InnerException: System.ServiceModel.FaultException
       Message=The security context token is expired or is not valid. The message was not processed.
       InnerException:
4

1 回答 1

1

这是会话密钥的到期,与时间戳不同。例如,您关闭建立安全上下文(或不使用 CreateSecureConversationSecurity),您不应该得到此异常。

否则尝试增加其他值,例如 InactivityTimeout、IssedCookieLifetime、NegotiationTimeout、SessionKeyRenewalInterval 和 SessionKeyRolloverInterval。

如果您在服务器上打开 WCF 跟踪并查看错误的确切堆栈跟踪,也许我们可以深入了解确切的属性。

于 2012-05-10T11:10:43.050 回答