WCF-更改终结点地址会导致securityexception
我的WCF服务使用wsHttpBinding,当客户端使用以下默认选项创建服务时,该服务在客户端可以正常工作:WCF-更改终结点地址会导致securityexception,wcf,Wcf,我的WCF服务使用wsHttpBinding,当客户端使用以下默认选项创建服务时,该服务在客户端可以正常工作: RServiceClient R = new RServiceClient(); RServiceClient R = new RServiceClient(); R.Endpoint.Address = new EndpointAddress(new Uri "http://xxx.xxxx.xxx:80/RServer/RService.svc")); 但是,在某个时候,我需要
RServiceClient R = new RServiceClient();
RServiceClient R = new RServiceClient();
R.Endpoint.Address = new EndpointAddress(new Uri "http://xxx.xxxx.xxx:80/RServer/RService.svc"));
但是,在某个时候,我需要能够指定服务的位置,大概是通过如下更改端点地址:
RServiceClient R = new RServiceClient();
RServiceClient R = new RServiceClient();
R.Endpoint.Address = new EndpointAddress(new Uri "http://xxx.xxxx.xxx:80/RServer/RService.svc"));
但是,当我指定确切的端点时,我会得到一个SecurityNegotiationException:
System.ServiceModel.Security.SecurityNegotiationException未处理
Message=“服务未对调用方进行身份验证。”
Source=“mscorlib”
WCF服务在IIS上运行,并在IIS管理下启用匿名访问。此外,当客户端与服务在同一台机器上以管理员帐户运行时,就会发生此错误-我还没有谈到通过网络运行它的可怕部分
有什么想法吗?您是否将MessageSecurity与证书一起使用?这可能是证书问题(主机名错误、未安装自签名证书等)这是我的服务配置信息,我正在使用wshttpbinding:
<system.serviceModel>
<services>
<service behaviorConfiguration="ServiceBehavior" name="RService">
<endpoint address="" binding="wsHttpBinding" bindingConfiguration=""
name="RService" contract="IRService">
<identity>
<dns value="localhost" />
</identity>
</endpoint>
<endpoint address="mex" binding="mexHttpBinding" name="MetadataExchange"
contract="IMetadataExchange" />
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="ServiceBehavior">
<!-- To avoid disclosing metadata information, set the value below to false and remove the metadata endpoint above before deployment -->
<serviceMetadata httpGetEnabled="true"/>
<!-- To receive exception details in faults for debugging purposes, set the value below to true. Set to false before deployment to avoid disclosing exception information -->
<serviceDebug includeExceptionDetailInFaults="true"/>
</behavior>
</serviceBehaviors>
</behaviors>
</system.serviceModel>
从配置中检查:
...
<identity>
<dns value="localhost" />
</identity>
...
。。。
...
默认情况下,afaik wsHttpBinding已启用消息安全性。
当它检查dns值“localhost”时失败。删除标识块不起作用,尽管它给了我一个想法: 如果我将端点地址更改为:
R.Endpoint.Address = new EndpointAddress(new Uri("http://bigpuss.homeip.net/RServer/RService.svc"));
到
那么一切都很好!苏,很明显,它对非本地url地址感到不安。配置中是否还有其他设置安全性的区域?默认情况下,wsHttpBinding使用Windows身份验证。我不确定IIS中的主机如何影响该场景 如果不想打开安全性,可以添加一个安全性元素,并在两端的配置中将mode元素设置为“None”,以关闭默认设置 我认为这可能会奏效——我已经添加了wsHttpBinding的部分,并将服务的bindingConfiguration设置为指向新添加的绑定属性:
<system.serviceModel>
<bindings>
<wsHttpBinding>
<binding name="wsHttpBind">
<security mode="None">
<transport clientCredentialType="None" protectionLevel="EncryptAndSign" />
<message clientCredentialType="None" algorithmSuite="Default" />
</security>
</binding>
</wsHttpBinding>
</bindings>
<services>
<service behaviorConfiguration="ServiceBehavior"
name="RService">
<endpoint address=""
binding="wsHttpBinding"
bindingConfiguration="wsHttpBind"
name="RService"
contract="IRService">
<identity>
<dns value="localhost" />
</identity>
</endpoint>
<endpoint address="mex"
binding="mexHttpBinding"
name="MetadataExchange"
contract="IMetadataExchange" />
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="ServiceBehavior">
<!-- To avoid disclosing metadata information, set the value below to false and remove the metadata endpoint above before deployment -->
<serviceMetadata httpGetEnabled="true"/>
<!-- To receive exception details in faults for debugging purposes, set the value below to true. Set to false before deployment to avoid disclosing exception information -->
<serviceDebug includeExceptionDetailInFaults="true"/>
</behavior>
</serviceBehaviors>
</behaviors>
</system.serviceModel>