WCF-错误安全处理器无法在消息中找到安全标头
我试图使用soapui调用WCF服务,并得到以下错误;我不知道怎么了。 错误:安全处理器无法在消息中找到安全标头。这可能是因为消息是不安全的错误,或者是因为通信方之间存在绑定不匹配。如果服务配置为安全性,而客户端未使用安全性,则可能发生这种情况WCF-错误安全处理器无法在消息中找到安全标头,wcf,binding,soapui,saml-2.0,Wcf,Binding,Soapui,Saml 2.0,我试图使用soapui调用WCF服务,并得到以下错误;我不知道怎么了。 错误:安全处理器无法在消息中找到安全标头。这可能是因为消息是不安全的错误,或者是因为通信方之间存在绑定不匹配。如果服务配置为安全性,而客户端未使用安全性,则可能发生这种情况 web.config <system.serviceModel> <diagnostics performanceCounters="All">
web.config
<system.serviceModel>
<diagnostics performanceCounters="All">
<messageLogging logMalformedMessages="true" logMessagesAtTransportLevel="true"/>
<endToEndTracing propagateActivity="true" messageFlowTracing="true"/>
</diagnostics>
<behaviors>
<serviceBehaviors>
<behavior name="DefaultBehavior">
<!--<serviceThrottling maxConcurrentCalls="100" maxConcurrentInstances="200" maxConcurrentSessions="100"/>-->
<serviceAuthorization principalPermissionMode="Always"/>
<serviceCredentials useIdentityConfiguration="true">
<serviceCertificate findValue="localhost" storeLocation="LocalMachine" storeName="My" x509FindType="FindBySubjectName"/>
<issuedTokenAuthentication audienceUriMode="BearerKeyOnly" certificateValidationMode="PeerOrChainTrust" revocationMode="NoCheck"
trustedStoreLocation="LocalMachine" allowUntrustedRsaIssuers="false"></issuedTokenAuthentication>
</serviceCredentials>
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true"/>
<serviceDebug includeExceptionDetailInFaults="false"/>
</behavior>
</serviceBehaviors>
</behaviors>
<serviceHostingEnvironment aspNetCompatibilityEnabled="false"/>
<bindings>
<ws2007FederationHttpBinding>
<binding name="wsFedBinding" receiveTimeout="00:10:00" sendTimeout="00:10:00" openTimeout="00:10:00" closeTimeout="00:10:00"
maxReceivedMessageSize="262144" maxBufferPoolSize="262144">
<readerQuotas maxArrayLength="16384" maxDepth="32" maxStringContentLength="262144" maxBytesPerRead="4096" maxNameTableCharCount="16384"/>
<security mode="TransportWithMessageCredential">
<message issuedKeyType="BearerKey" issuedTokenType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0"
negotiateServiceCredential="false" establishSecurityContext="false"/>
</security>
<security mode="None">
<!--<message negotiateServiceCredential="true"></message>-->
</security>
</binding>
</ws2007FederationHttpBinding>
<wsHttpBinding>
<binding name="wsHttpClientServiceBinding" receiveTimeout="00:10:00" sendTimeout="00:10:00" openTimeout="00:10:00" closeTimeout="00:10:00"
maxReceivedMessageSize="262144" maxBufferPoolSize="262144">
<readerQuotas maxArrayLength="16384" maxDepth="32" maxStringContentLength="262144" maxBytesPerRead="4096" maxNameTableCharCount="16384"/>
<security mode="Transport">
<transport clientCredentialType="None"></transport>
</security>
</binding>
</wsHttpBinding>
</bindings>
<services>
<service name="XXX.Service" behaviorConfiguration="DefaultBehavior">
<host>
<baseAddresses>
<add baseAddress="https://ws40022517..intranet/XXXX.Service/" />
</baseAddresses>
</host>
<endpoint address="" binding="ws2007FederationHttpBinding" bindingConfiguration="wsFedBinding"
contract="XXX.Contract.Vault.ServiceContract.IVaultService"/>
</service>
</services>
</system.serviceModel>
<system.webServer>
<modules runAllManagedModulesForAllRequests="true"/>
<directoryBrowse enabled="false"/>
<httpProtocol>
<customHeaders>
<add name="X-Content-Type-Options" value="nosniff"/>
</customHeaders>
</httpProtocol>
</system.webServer>
<runtime>
<assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
<dependentAssembly>
<assemblyIdentity name="NHibernate" publicKeyToken="aa95f207798dfdb4" culture="neutral"/>
<bindingRedirect oldVersion="0.0.0.0-3.3.1.4000" newVersion="3.3.1.4000"/>
</dependentAssembly>
</assemblyBinding>
</runtime>
<system.identityModel>
<identityConfiguration saveBootstrapContext="true">
<issuerNameRegistry type="System.IdentityModel.Tokens.ConfigurationBasedIssuerNameRegistry, System.IdentityModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
<trustedIssuers>
<add thumbprint="XXXXC" name="SignCertificate"/>
</trustedIssuers>
</issuerNameRegistry>
<securityTokenHandlers>
<remove type="System.IdentityModel.Tokens.Saml2SecurityTokenHandler, System.IdentityModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"/>
<add type="XXXX.OcdSaml2SecurityTokenHandler, XXX.WCFExtension"/>
</securityTokenHandlers>
<claimsAuthenticationManager type="XXXX.Security.SoapClaimsAuthenticationManager, XXXX"/>
</identityConfiguration>
</system.identityModel>
If I comment the TranportwithMessagesecurity and add just transport and none then it shows that channel endpoint not found.
在webconfig中添加以下代码并重试:
<security enableUnsecuredResponse="true"
authenticationMode="MutualCertificateDuplex"
defaultAlgorithmSuite="TripleDesRsa15"
includeTimestamp="false"
messageSecurityVersion="Default" >
</security>
是否应将其添加到哪个部分?它在system.webserver下不工作;标记未被识别。ConfigurationIn Error我在federationbinding元素服务下的安全性下添加的includeTimestamp=false标记未被托管,因为该标记无法识别。不确定该标记是否支持联合绑定下的绑定?显然,当我在请求中删除该标记时,我不再需要时间戳,只要该标记包装在安全标记下,它就可以正常工作。