我从 .net 客户端使用 JAX-WS Webservice 时遇到问题。我能够打开到 WS 的连接,但是当我尝试使用任何方法时,我得到了这个错误:
我得到的第一个错误是:
Identity check failed for outgoing message. The expected DNS identity of the remote endpoint was 'amms.someDomain.com' but the remote endpoint provided DNS claim '*.someDomain.com'. If this is a legitimate remote endpoint, you can fix the problem by explicitly specifying DNS identity '*.someDomain.com' as the Identity property of EndpointAddress when creating channel proxy.
我的 app.config 看起来像:
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<system.serviceModel>
<customBinding>
<binding name="SrvPortBinding">
<security defaultAlgorithmSuite="Basic128" authenticationMode="UserNameForCertificate"
requireDerivedKeys="false" securityHeaderLayout="Strict" includeTimestamp="true"
keyEntropyMode="CombinedEntropy" messageProtectionOrder="SignBeforeEncrypt"
messageSecurityVersion="WSSecurity11WSTrust13WSSecureConversation13WSSecurityPolicy12BasicSecurityProfile10"
requireSignatureConfirmation="false">
<localClientSettings cacheCookies="true" detectReplays="true"
replayCacheSize="900000" maxClockSkew="00:05:00" maxCookieCachingTime="Infinite"
replayWindow="00:05:00" sessionKeyRenewalInterval="10:00:00"
sessionKeyRolloverInterval="00:05:00" reconnectTransportOnFailure="true"
timestampValidityDuration="00:05:00" cookieRenewalThresholdPercentage="60" />
<localServiceSettings detectReplays="true" issuedCookieLifetime="10:00:00"
maxStatefulNegotiations="128" replayCacheSize="900000" maxClockSkew="00:05:00"
negotiationTimeout="00:01:00" replayWindow="00:05:00" inactivityTimeout="00:02:00"
sessionKeyRenewalInterval="15:00:00" sessionKeyRolloverInterval="00:05:00"
reconnectTransportOnFailure="true" maxPendingSessions="128"
maxCachedCookies="1000" timestampValidityDuration="00:05:00" />
<secureConversationBootstrap />
</security>
<textMessageEncoding maxReadPoolSize="64" maxWritePoolSize="16"
messageVersion="Soap11WSAddressing10" writeEncoding="utf-8">
<readerQuotas maxDepth="32" maxStringContentLength="98192" maxArrayLength="916384"
maxBytesPerRead="94096" maxNameTableCharCount="916384" />
</textMessageEncoding>
<httpsTransport manualAddressing="false" maxBufferPoolSize="9524288"
maxReceivedMessageSize="965536" allowCookies="false" authenticationScheme="Anonymous"
bypassProxyOnLocal="false" decompressionEnabled="true" hostNameComparisonMode="StrongWildcard"
keepAliveEnabled="true" maxBufferSize="965536" proxyAuthenticationScheme="Anonymous"
realm="" transferMode="Buffered" unsafeConnectionNtlmAuthentication="false"
useDefaultWebProxy="true" requireClientCertificate="false" />
</binding>
</customBinding>
</bindings>
<client>
<endpoint address="https://amms.someDomain.com:443/mmew1/Srv"
binding="customBinding" bindingConfiguration="SrvPortBinding"
contract="InfoMedica1.Srv" name="SrvPort" >
</endpoint>
</client>
</system.serviceModel>
`
然后我改变了这个:
<client>
<endpoint address="https://amms.someDomain.com:443/mmew1/Srv"
binding="customBinding" bindingConfiguration="SrvPortBinding"
contract="InfoMedica1.Srv" name="SrvPort" >
</endpoint>
</client>
到:
<client>
<endpoint address="https://amms.someDomain.com:443/mmew1/Srv"
binding="customBinding" bindingConfiguration="SrvPortBinding"
contract="InfoMedica1.Srv" name="SrvPort" >
<identity>
<dns value="*.someDomain.com"/>
</identity>
</endpoint>
</client>
现在我有异常:
An unsecured or incorrectly secured fault was received from the other party. See the inner FaultException for the fault code and detail.
内部异常:Invalid Security Header
有没有人遇到这种错误并让它工作?这个错误会因为这个*字符而发生*.someDomain.com吗?
我检查了服务器和客户端的时间是一样的。在添加此 X509 和用户名/密码身份验证之前,Web 服务工作正常。
如果需要任何进一步的信息,请在评论中询问:)
编辑:
当我尝试像这样禁用服务证书验证时:
<client>
<endpoint address="https://amms.someDomain.com:443/mmew1/Srv"
binding="customBinding" bindingConfiguration="SrvPortBinding"
contract="InfoMedica1.Srv" name="SrvPort" behaviorConfiguration="DisableServiceCertificateValidation">
<identity>
<dns value="*.someDomain.com"/>
</identity>
</endpoint>
</client>
出现异常:
There is no endpoint behavior named 'DisableServiceCertificateValidation'
感谢提前:)