.net - WCF 随机数无效或重播

Question

我有一个 WCF 服务，它使用具有可靠会话 + 消息安全性 + 自定义用户名验证器的 wsHttpBinding。

在内部，使用演示应用程序的每个人都可以检索自定义故障异常。

catch (FaultException<EPIFault> fx)    -- break point on this works

外部测试应用程序的第三方供应商收到

catch (CommunicationException exception) - 3rd party vendor break point lands here

该服务使用 Message Security 托管在 HTTP 端口 80 上。服务器证书是内部生成的，即

<serviceCertificate findValue="*.au.mycompany.net"

检索数据在内部/外部都可以正常工作。只是没有收到自定义故障。他们只捕获带有以下消息的通信异常：

System.ServiceModel.CommunicationException: The underlying secure session has faulted     before the reliable session fully completed. The reliable session was faulted.\r\n\r\nServer stack trace: \r\n   at System.ServiceModel.Channels.ReliableRequestSessionChannel.SyncRequest.WaitForReply(TimeSpan timeout)\r\n   

下面添加了更多信息

使用 serviceSecurityAudit 打开 WCF 审核并始终收到此消息

The nonce is invalid or replayed

使用下面的自定义绑定暂时修复此问题

下面的自定义绑定

 <customBinding>
    <binding name="myCustomBinding" closeTimeout="00:15:00" openTimeout="00:15:00" receiveTimeout="00:15:00" sendTimeout="00:15:00">
      <reliableSession inactivityTimeout="00:15:00" maxRetryCount="8192"  maxPendingChannels="5" ordered="true"  />
      <transactionFlow />
      <security defaultAlgorithmSuite="Default" authenticationMode="SecureConversation"
       requireDerivedKeys="true" includeTimestamp="true" messageSecurityVersion="WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10"
       requireSecurityContextCancellation="false" requireSignatureConfirmation="false"
       canRenewSecurityContextToken="true">
        <secureConversationBootstrap defaultAlgorithmSuite="Default"
         authenticationMode="UserNameForCertificate"  requireDerivedKeys="true" allowInsecureTransport="true"
         includeTimestamp="true" messageSecurityVersion="WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10"
         requireSignatureConfirmation="false">
        </secureConversationBootstrap>
      </security>
      <sslStreamSecurity requireClientCertificate="false"/>
      <binaryMessageEncoding maxReadPoolSize="2147483647" maxSessionSize="2147483647" maxWritePoolSize="2147483647">
        <readerQuotas maxDepth="32" maxStringContentLength="2147483647"
        maxArrayLength="200000" maxBytesPerRead="4096" maxNameTableCharCount="16384" />
      </binaryMessageEncoding>
      <httpTransport decompressionEnabled="true" maxReceivedMessageSize="2147483647" maxBufferSize="2147483647" transferMode="Buffered"  ></httpTransport>
    </binding>
  </customBinding>