0

我创建了一个使用 Windows 身份验证的 WCF 服务,该服务可以正常工作。现在我正在尝试添加 SSL。执行完这些步骤后,它现在似乎正在使用匿名身份验证,出现此错误:HTTP 请求被客户端身份验证方案“匿名”禁止。

任何线索将不胜感激。

我们在 Windows Server 2008 R2 和 .Net 版本 4 上使用 IIS 7.5

正常工作的配置文件具有此服务模型(服务器端):

      <system.serviceModel>
    <bindings />
<client />
<services>
  <service name="WCFServiceTest.Service1" behaviorConfiguration="WCFServiceBehavior">
    <endpoint address="" binding="wsHttpBinding" contract="WCFServiceTest.WCFService1">
      <identity>
        <dns value="localhost" />
      </identity>
    </endpoint>
    <endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" />
    <host>
    </host>
  </service>
</services>
<behaviors>
  <serviceBehaviors>
    <behavior name="WCFServiceBehavior">

      <serviceMetadata httpGetEnabled="True" policyVersion="Policy15" />

      <serviceDebug includeExceptionDetailInFaults="True" />
    </behavior>
  </serviceBehaviors>
</behaviors>

这是更改后的配置

        <system.serviceModel>
    <bindings>
        <wsHttpBinding>
            <binding name="TransportWsSecurity">
                <security mode="Transport">
                    <transport clientCredentialType="Windows"/>
                </security>
            </binding>
        </wsHttpBinding>
    </bindings>
    <client />
    <services>
        <service name="WCFServiceTest.Service1" behaviorConfiguration="WCFServiceBehavior">
            <endpoint address="" binding="wsHttpsBinding" 
                      bindingConfiguration="TransportWsSecurity"
                      contract="WCFServiceTest.WCFService1">
                <identity>
                    <dns value="localhost" />
                </identity>
            </endpoint>
            <endpoint address="mex" binding="mexHttpsBinding" contract="IMetadataExchange" />
            <host>
            </host>
        </service>
    </services>
    <behaviors>
        <serviceBehaviors>
            <behavior name="WCFServiceBehavior">

                <serviceMetadata httpsGetEnabled="True" policyVersion="Policy15" />

                <serviceDebug includeExceptionDetailInFaults="True" />
            </behavior>
        </serviceBehaviors>
    </behaviors>
</system.serviceModel>

这是调用服务的代码。它永远不会到达只返回 true 的 IgnoreCertificateErrorHandler:

                    ServicePointManager.ServerCertificateValidationCallback = new RemoteCertificateValidationCallback(IgnoreCertificateErrorHandler);
            WCFService1Client client = new WCFService1Client();

            client.ClientCredentials.Windows.ClientCredential.UserName = Utility1.GetConfig("RemoteLogin");
            client.ClientCredentials.Windows.ClientCredential.Password = Utility1.GetConfig("RemotePassword");

            try
            {
                result = client.SendUpdatesFromLocation(temp);
            }
            catch (FaultException<WCFProcessFault> ex)
            {
                string op = ex.Detail.Operation;
                string err = ex.Detail.Notes;

            }
            finally
            {
                client.Close();
            }
            WCFService1Client client = new WCFService1Client();

            client.ClientCredentials.Windows.ClientCredential.UserName = Utility1.GetConfig("RemoteLogin");
            client.ClientCredentials.Windows.ClientCredential.Password = Utility1.GetConfig("RemotePassword");

            try
            {
                result = client.SendUpdatesFromLocation(temp);
            }
            catch (FaultException<WCFProcessFault> ex)
            {
                string op = ex.Detail.Operation;
                string err = ex.Detail.Notes;

            }
            finally
            {
                client.Close();
            }
4

1 回答 1

0 
<bindings>
    <wsHttpBinding>
        <binding name="TransportWsSecurity">
            <security mode="Transport">
                <transport clientCredentialType="Ntlm"/>
            </security>
        </binding>
    </wsHttpBinding>
</bindings>

尝试上述更改。这将使用 Ntlm 而不是 Negotiate (Kerberos) 进行身份验证。您很可能还没有为 Kerberos 身份验证设置服务器。

于 2013-03-14T05:14:31.793 回答