C# WCF服务在网络外部进行身份验证
我将WCF服务发布到IIS,以便可以使用正确的凭据公开访问它。在过去的几天里,我一直在努力让这项服务在公司网络之外运行。但我所做的一切都不管用 在我的公司网络中,我可以打电话给该服务,使用它时不会出现问题。我可以通过浏览器在外部找到服务。当我尝试在网络外的代码中使用服务时,会收到错误消息: HTTP请求未经客户端身份验证方案“Ntlm”授权。从服务器接收的身份验证标头为“NTLM” 该错误是在我将身份验证提供程序重新排序为Ntlm,然后进行协商之后发生的 我遗漏了什么,以便公司网络之外的客户可以访问该服务 控制台应用程序中测试的App.ConfigC# WCF服务在网络外部进行身份验证,c#,web-services,wcf,authentication,iis,C#,Web Services,Wcf,Authentication,Iis,我将WCF服务发布到IIS,以便可以使用正确的凭据公开访问它。在过去的几天里,我一直在努力让这项服务在公司网络之外运行。但我所做的一切都不管用 在我的公司网络中,我可以打电话给该服务,使用它时不会出现问题。我可以通过浏览器在外部找到服务。当我尝试在网络外的代码中使用服务时,会收到错误消息: HTTP请求未经客户端身份验证方案“Ntlm”授权。从服务器接收的身份验证标头为“NTLM” 该错误是在我将身份验证提供程序重新排序为Ntlm,然后进行协商之后发生的 我遗漏了什么,以便公司网络之外的客户可以
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<startup>
<supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.5" />
</startup>
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="BasicHttpEndpoint">
<security mode="Transport">
<transport clientCredentialType="Ntlm" />
</security>
</binding>
</basicHttpBinding>
</bindings>
<client>
<endpoint address="https://<iis server>/services/360Review/ReviewSvc.svc"
binding="basicHttpBinding" bindingConfiguration="BasicHttpEndpoint"
contract="WebSTGReviewReference.IReviewSvc" name="BasicHttpEndpoint" />
</client>
</system.serviceModel>
</configuration>
enter code here
EndpointAddress endpoint = new EndpointAddress("https://<BizTalk server>/<service folder>/ReviewSvc.svc");
BasicHttpsBinding binding = new BasicHttpsBinding();
binding.Security.Mode = BasicHttpsSecurityMode.Transport;
binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Ntlm;
try
{
ServiceReference.ReviewSvcClient client = new ServiceReference.ReviewSvcClient(binding, endpoint);
ServiceReference.ActivityType act = client.GetActivityTypes()[0];
Console.WriteLine("Test 1 Complete");
}
catch (Exception e)
{
Console.WriteLine(e.Message);
if (e.InnerException != null)
Console.WriteLine(e.InnerException.Message);
}
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<startup>
<supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.5" />
</startup>
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="BasicHttpEndpoint">
<security mode="Transport">
<transport clientCredentialType="Ntlm" />
</security>
</binding>
</basicHttpBinding>
</bindings>
<client>
<endpoint address="https://<iis server>/services/360Review/ReviewSvc.svc"
binding="basicHttpBinding" bindingConfiguration="BasicHttpEndpoint"
contract="WebSTGReviewReference.IReviewSvc" name="BasicHttpEndpoint" />
</client>
</system.serviceModel>
</configuration>
enter code here
EndpointAddress endpoint = new EndpointAddress("https://<BizTalk server>/<service folder>/ReviewSvc.svc");
BasicHttpsBinding binding = new BasicHttpsBinding();
binding.Security.Mode = BasicHttpsSecurityMode.Transport;
binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Ntlm;
try
{
ServiceReference.ReviewSvcClient client = new ServiceReference.ReviewSvcClient(binding, endpoint);
ServiceReference.ActivityType act = client.GetActivityTypes()[0];
Console.WriteLine("Test 1 Complete");
}
catch (Exception e)
{
Console.WriteLine(e.Message);
if (e.InnerException != null)
Console.WriteLine(e.InnerException.Message);
}
<configuration>
<appSettings>
<add key="aspnet:UseTaskFriendlySynchronizationContext" value="true" />
</appSettings>
<system.web>
<compilation targetFramework="4.5" />
<httpRuntime targetFramework="4.5"/>
<authentication mode="Windows"></authentication>
<customErrors mode="Off"/>
</system.web>
<system.serviceModel>
<client>
<endpoint address="https://<BizTalk Server>/<service folder>/ReviewSvc.svc"
binding="basicHttpBinding" bindingConfiguration="BasicHttpsBinding_IReviewSvc"
contract="BTReviewSvc.IReviewSvc" name="BasicHttpsBinding_IReviewSvc" />
</client>
<bindings>
<basicHttpBinding>
<binding name="BasicBinding">
<security mode="TransportCredentialOnly">
<transport clientCredentialType="Ntlm" />
</security>
</binding>
<binding name="SSLBinding">
<security mode="Transport">
<transport clientCredentialType="Ntlm" />
</security>
</binding>
<binding name="BasicHttpsBinding_IReviewSvc">
<security mode="Transport">
<transport clientCredentialType="Ntlm"/>
</security>
</binding>
</basicHttpBinding>
</bindings>
<services>
<service behaviorConfiguration="<namespace>.ReviewSvcBehavior" name="<namespace>.ReviewSvc">
<endpoint address="" binding="basicHttpBinding" bindingConfiguration="SSLBinding" name="BasicHttpEndpoint" contract="<namespace>.IReviewSvc"></endpoint>
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="<namespace>.ReviewSvcBehavior">
<!-- To avoid disclosing metadata information, set the values below to false before deployment -->
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true"/>
<!-- To receive exception details in faults for debugging purposes, set the value below to true. Set to false before deployment to avoid disclosing exception information -->
<serviceDebug includeExceptionDetailInFaults="true"/>
</behavior>
</serviceBehaviors>
</behaviors>
<protocolMapping>
<add binding="basicHttpsBinding" scheme="https" />
</protocolMapping>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" />
</system.serviceModel>
<system.webServer>
<modules runAllManagedModulesForAllRequests="true"/>
<!--
To browse web app root directory during debugging, set the value below to true.
Set to false before deployment to avoid disclosing web app folder information.
-->
<directoryBrowse enabled="true"/>
</system.webServer>
</configuration>
看起来您在网络内使用active directory身份验证,当然网络外的客户端不是域成员,因此NTLM在那里不起作用。请参阅:有关如何保护WCF服务的详细信息。该服务的web.config文件是什么样子的?这可能会帮助您@Jocke。请参阅IISIs NTLM上WCF服务的更新部分web.config作为IIS的提供程序添加: