我目前正在开发一个使用多个 WCF-WebServices 的网站。
委托和模拟还不是问题。
现在我有以下情况:
网站 --> WebService1 --> 验证-WebService
我的网站调用 WebService1(这是系统的核心),WebService1 调用我的 Validation-WebService。WebService1 和 Validation-WebService 当前在不同虚拟目录中的同一台机器上运行。服务可能在生产模式下运行在不同的机器上,这就是我想使用委托而不是模拟的原因。两者都在以下上下文中运行:“NT AUTHORITY\NETWORK SERVICE”。
在这两个 WebServices 中,我想识别网站的实际用户,在我的情况下,它当前通过ServiceSecurityContext.Current.WindowsIdentity.Name.
我能够在第一个 WebService 中获得用户的 WindowsIndentity,但不能在 Validation-WebService 中获得。
如果我需要通过中间 WebService 进行模拟,[OperationBehavior(Impersonation = ImpersonationOption.Required)]则会遇到异常:
System.ServiceModel.EndpointNotFoundException: There was no endpoint listening at https://myWebServer.myCompany.com/ValidationService_dev/ValidationService.svc that could accept the message. This is often caused by an incorrect address or SOAP action. See InnerException, if present, for more details. ---> System.Net.WebException: The remote name could not be resolved: 'myWebServer.myCompany.com'
如果我不在 WebService1 中模拟,则连接有效,但 Validation-WebService 中的识别失败。
WebService1 具有以下配置(只是重要部分):
<services>
<service name="WebService1.WebService1">
<endpoint address="" binding="wsHttpBinding" bindingConfiguration="WSHttpBinding_IWebService1" contract="WebService1.IWebService1">
<identity>
<servicePrincipalName value="host/myWebServer.myCompany.com"/>
</identity>
</endpoint>
<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange"/>
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior>
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true"/>
<serviceDebug includeExceptionDetailInFaults="true"/>
<serviceAuthenticationManager authenticationSchemes="IntegratedWindowsAuthentication" />
</behavior>
</serviceBehaviors>
<endpointBehaviors>
<behavior name="CredentialDelegationBehavior">
<clientCredentials>
<windows allowedImpersonationLevel="Delegation" />
</clientCredentials>
</behavior>
</endpointBehaviors>
</behaviors>
<serviceHostingEnvironment aspNetCompatibilityEnabled="false" multipleSiteBindingsEnabled="true"/>
<bindings>
<wsHttpBinding>
<binding name="WSHttpBinding_IValidationService">
<security mode="Transport" />
</binding>
<binding name="WSHttpBinding_IWebService1" closeTimeout="00:01:00"
openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00"
bypassProxyOnLocal="false" transactionFlow="false" hostNameComparisonMode="StrongWildcard"
maxBufferPoolSize="524288" maxReceivedMessageSize="2147483647"
messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true"
allowCookies="false">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
maxBytesPerRead="4096" maxNameTableCharCount="16384" />
<reliableSession ordered="true" inactivityTimeout="00:10:00"
enabled="false" />
<security mode="Transport">
<transport clientCredentialType="Windows" proxyCredentialType="None"
realm="" />
</security>
</binding>
</wsHttpBinding>
</bindings>
<client>
<endpoint address="https://myWebServer.myCompany.com/ValidationService_dev/ValidationService.svc"
binding="wsHttpBinding" bindingConfiguration="WSHttpBinding_IValidationService" behaviorConfiguration="CredentialDelegationBehavior"
contract="ValidationService.IValidationService" name="WSHttpBinding_IValidationService">
<identity>
<servicePrincipalName value="host/myWebServer.myCompany.com" />
</identity>
</endpoint>
</client>
委派已配置并且看起来类似于网站的配置(有效)。
Validation-WebService 的配置(只是重要的部分):
<services>
<service name="ValidationService.ValidationService" >
<endpoint address="" binding="wsHttpBinding" bindingConfiguration="WSHttpBinding_IValidationService" contract="ValidationService.IValidationService">
<identity>
<servicePrincipalName value="host/myWebServer.myCompany.com"/>
</identity>
</endpoint>
<endpoint address="mex" binding="mexHttpsBinding" contract="IMetadataExchange" />
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior>
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true"/>
<serviceDebug includeExceptionDetailInFaults="true"/>
<serviceAuthenticationManager authenticationSchemes="IntegratedWindowsAuthentication" />
</behavior>
</serviceBehaviors>
</behaviors>
<serviceHostingEnvironment aspNetCompatibilityEnabled="false" multipleSiteBindingsEnabled="true" />
<bindings>
<wsHttpBinding>
<binding name="WSHttpBinding_IValidationService" closeTimeout="00:01:00" openTimeout="00:01:00"
receiveTimeout="00:10:00" sendTimeout="00:01:00" bypassProxyOnLocal="false"
transactionFlow="false" hostNameComparisonMode="StrongWildcard"
maxBufferPoolSize="524288" maxReceivedMessageSize="2147483647"
messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true"
allowCookies="false">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
maxBytesPerRead="4096" maxNameTableCharCount="16384" />
<reliableSession ordered="true" inactivityTimeout="00:10:00"
enabled="false" />
<security mode="Transport">
<transport clientCredentialType="Windows" proxyCredentialType="None"
realm="" />
</security>
</binding>
</wsHttpBinding>
</bindings>
我已经找到了一篇描述完全相同问题的论坛帖子,但这对我不起作用:(这里:找到论坛帖子
有人对这如何工作有建议吗?两天以来我一直在努力解决这个问题,但无法找到解决方案。
如果您需要任何其他信息,请随时询问。