Fatal编程技术网
  • wcf/
  • WCF-带有用户名自动验证和消息的wsHttpBinding-错误消息“;处理消息“中的安全令牌”时出错;

WCF-带有用户名自动验证和消息的wsHttpBinding-错误消息“;处理消息“中的安全令牌”时出错;

wcf

WCF-带有用户名自动验证和消息的wsHttpBinding-错误消息“;处理消息“中的安全令牌”时出错;,wcf,wcf-binding,wcf-security,wcf-wshttpbinding,Wcf,Wcf Binding,Wcf Security,Wcf Wshttpbinding,我正在尝试创建具有用户名身份验证的WCF应用程序。这个错误正在发生 这是服务配置: Web.config <?xml version="1.0"?> <configuration> <system.web> <compilation debug="true" targetFramework="4.0" /> </system.web> <system.serviceModel> <servi

我正在尝试创建具有用户名身份验证的WCF应用程序。这个错误正在发生

这是服务配置:

Web.config

<?xml version="1.0"?>
<configuration>
  <system.web>
    <compilation debug="true" targetFramework="4.0" />
  </system.web>
  <system.serviceModel>
    <services>
      <service name="Jsl.BureauInf.Services.BureauInfSVC" behaviorConfiguration="ServiceBehavior">
        <endpoint address="" binding="wsHttpBinding" contract="Jsl.BureauInf.Contracts.ICliente" bindingConfiguration="ServiceBinding"/>
        <endpoint address="" binding="wsHttpBinding" contract="Jsl.BureauInf.Contracts.IMotorista"  bindingConfiguration="ServiceBinding"/>
        <endpoint address="" binding="wsHttpBinding" contract="Jsl.BureauInf.Contracts.ITransportadora" bindingConfiguration="ServiceBinding"/>
        <endpoint address="" binding="wsHttpBinding" contract="Jsl.BureauInf.Contracts.IVeiculo" bindingConfiguration="ServiceBinding"/>
        <endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" />
      </service>
    </services>
    <bindings>
      <wsHttpBinding>
        <binding name="ServiceBinding">
          <security mode="Message">
            <message clientCredentialType="UserName"/>
          </security>
        </binding>
      </wsHttpBinding>
    </bindings>
    <behaviors>
      <serviceBehaviors>
        <behavior name="ServiceBehavior">
          <serviceDebug httpHelpPageEnabled="true" includeExceptionDetailInFaults="true" />
          <serviceMetadata httpGetEnabled="True"/>
          <serviceCredentials>
            <serviceCertificate findValue="Uareubinf"
                  storeLocation="LocalMachine"
                  storeName="My"
                  x509FindType="FindBySubjectName" />
            <userNameAuthentication userNamePasswordValidationMode="Custom"
                customUserNamePasswordValidatorType="Jsl.BureauInf.Security.Autenticacao, Jsl.BureauInf.Security" />
          </serviceCredentials>
        </behavior>
      </serviceBehaviors>
    </behaviors>
    <serviceHostingEnvironment multipleSiteBindingsEnabled="true" />
  </system.serviceModel>
  <system.webServer>
    <modules runAllManagedModulesForAllRequests="true"/>
  </system.webServer>
  <system.net>
    <defaultProxy useDefaultCredentials="true"/>
  </system.net>
</configuration>
客户

当客户端请求服务时,会触发以下错误:

InnerException.Message:处理消息中的安全令牌时出错

消息:从另一方接收到未安全或安全性不正确的故障。有关故障代码和详细信息,请参见内部FaultException

我应该怎么做才能修复此错误?

发生此响应可能有几个原因。我最怀疑的两个问题是:

  • 您正在向服务器发送错误的客户端凭据。我看到您正在将
    用户名
    密码
    作为
    “xxx”
    发送。但是,您的服务器需要
    用户名
    “yaron”
    。在这种情况下,这是服务器的预期响应
  • 客户端计算机的时间无效或与服务器的时间相差超过5分钟。
    WSHttpBinding
    的默认
    MaxClockSkew
    值为5分钟

    • 当客户机上的时间与服务器上的时间相差过大时,可能会发生这种情况。默认时间偏差为5分钟。您真的在客户端上以“xxx”的身份发送凭据吗?或者你删除它们只是为了你的代码片段? 
    namespace Jsl.BureauInf.Security
{
public class Autenticacao : UserNamePasswordValidator
{
    public override void Validate(string userName, string password)
    {
        if (userName != "yaron")
            throw new SecurityTokenException("Unknown Username or Password");
    }
}
}

        BureauService.TransportadoraClient service = new BureauService.TransportadoraClient();
    service.ClientCredentials.UserName.UserName = "xxx";
    service.ClientCredentials.UserName.Password = "xxx";
    service.ClientCredentials.ServiceCertificate.Authentication.CertificateValidationMode = System.ServiceModel.Security.X509CertificateValidationMode.None;

    BureauService.RESPOSTADTC rep = service.ConsultarTransportadora(consulta);