启用ASP.net Ajax的WCF服务-安全问题
我对支持AJAX的WCF服务有一个问题 服务配置如下:启用ASP.net Ajax的WCF服务-安全问题,asp.net,wcf,asp.net-ajax,wcf-security,Asp.net,Wcf,Asp.net Ajax,Wcf Security,我对支持AJAX的WCF服务有一个问题 服务配置如下: <system.serviceModel> <bindings> <webHttpBinding> <binding name="secureWebHttpBinding"> <security mode="TransportCredentialOnly"> <transport clientCredentialTyp
<system.serviceModel>
<bindings>
<webHttpBinding>
<binding name="secureWebHttpBinding">
<security mode="TransportCredentialOnly">
<transport clientCredentialType="Ntlm"></transport>
</security>
</binding>
</webHttpBinding>
</bindings>
<behaviors>
<endpointBehaviors>
<behavior name="Shared.Services.AjaxServiceAspNetAjaxBehavior">
<enableWebScript/>
</behavior>
</endpointBehaviors>
<serviceBehaviors>
<behavior name="Shared.Services.AjaxServiceServiceBehaviour">
<serviceDebug includeExceptionDetailInFaults="true"/>
</behavior>
</serviceBehaviors>
</behaviors>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true"/>
<services>
<service name="Shared.Services.AjaxService" behaviorConfiguration="Shared.Services.AjaxServiceServiceBehaviour">
<endpoint address="" behaviorConfiguration="Shared.Services.AjaxServiceAspNetAjaxBehavior" bindingConfiguration="secureWebHttpBinding" binding="webHttpBinding" contract="Shared.Services.AjaxService">
</endpoint>
</service>
</services>
</system.serviceModel>
在生产环境(IIS 7)上部署应用程序时会出现安全问题
当我请求ajax服务“serviceName.svc/js”的url时,会出现一个windows凭据提示。即使当我请求“serviceName.svc”时,服务描述页面也会正确显示。是否IIS将…/js识别为物理上不存在的子目录,因此它不知道应该应用哪个安全设置?我还在IIS管理页面中为目录和服务启用了所有身份验证类型。另外,我还通过web.config启用了对该位置的匿名访问。整个应用程序是一个intranet应用程序,受windows身份验证保护
提前谢谢