堆栈内存溢出
  简体   繁体   English

WCF Active Directory授权-PrincipalPermission->访问被拒绝

[英]WCF Active Directory Authorization - PrincipalPermission -> access denied

 原文  2013-09-19 12:26:49       c#/ wcf/ iis

问题描述

I try to secure my WCF service by an AD based logon system. 我尝试通过基于AD的登录系统保护WCF服务。 I've created an AD group named "TestUsers". 我创建了一个名为“ TestUsers”的AD组。 My user account is member of that group. 我的用户帐户是该组的成员。 The WCF Service is hosted in IIS. WCF服务托管在IIS中。

But i always get the exception "SecurityAccessDeniedException". 但是我总是得到异常“ SecurityAccessDeniedException”。

My WCF Service looks like: 我的WCF服务看起来像:

Web.Config Web.Config中 

<?xml version="1.0" encoding="utf-8"?>
<configuration>

  <appSettings>
    <add key="aspnet:UseTaskFriendlySynchronizationContext" value="true" />
  </appSettings>
  <system.web>
    <compilation debug="true" targetFramework="4.5" />
    <httpRuntime targetFramework="4.5"/>
  </system.web>
  <system.serviceModel>
    <bindings>
      <basicHttpBinding>
        <binding name="BasicHttpEndpointBinding">
          <security mode="TransportCredentialOnly">
            <transport clientCredentialType="Windows" />
          </security>
        </binding>
      </basicHttpBinding>
    </bindings>
    <behaviors>
      <serviceBehaviors>
        <behavior>
          <serviceMetadata httpGetEnabled="true" httpsGetEnabled="true"/>
          <serviceDebug includeExceptionDetailInFaults="false"/>
        </behavior>
      </serviceBehaviors>
    </behaviors>
    <protocolMapping>
        <add binding="basicHttpsBinding" scheme="https" />
    </protocolMapping>    
    <serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" />
  </system.serviceModel>
  <system.webServer>
    <modules runAllManagedModulesForAllRequests="true"/>
    <directoryBrowse enabled="true"/>
  </system.webServer>

</configuration>

IService1.cs (Service interface): Just one method: IService1.cs(服务接口):仅一种方法: 

string GetWelcomeMessage();

Service1.svc.cs: Service1.svc.cs: 

public class Service1 : IService1
    {
        [PrincipalPermission(SecurityAction.Demand, Role = @"mydomain\TestUsers")]
        public string GetWelcomeMessage()
        {
            return "hello world";
        }
    }

Any ideas what's wrong??? 任何想法有什么问题吗???

Any help would be greatly appreciated. 任何帮助将不胜感激。

1 个解决方案

解决方案1
 1 已采纳  2013-09-19 12:40:12

Make sure that the account that runs the service that hosts IIS is permitted to perform security checks in the AD. 确保允许运行承载IIS的服务的帐户在AD中执行安全检查。

Also change 也改变 

includeExceptionDetailInFaults="false"

to 

includeExceptionDetailInFaults="true"

for now, this might help you analyze the problem. 目前,这可能有助于您分析问题。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 WCF PrincipalPermission授权 - WCF PrincipalPermission Authorization WCF服务使用Active Directory授权-访问被拒绝错误 - WCF Service Authorizing with Active Directory - Access Denied Error SSIS-&gt;更新Active Directory访问被拒绝异常 - SSIS -> updating Active Directory access denied exception WCF,Active Directory身份验证|授权和sql组合中的用户配置文件 - WCF, active directory authentication|authorization and user profiles in sql combination 在PrincipalPermission上请求授权失败 - Request authorization on PrincipalPermission fail WCF中的PrincipalPermission身份验证出错 - Error with PrincipalPermission authentication in WCF Azure Active Directory授权 - Azure Active Directory authorization Active Directory智能卡授权 - Active Directory smartcard authorization 将用户添加到Active Directory时C#访问被拒绝 - C# Access is Denied when adding user to Active Directory Active Directory访问拒绝DirectoryEntry上的异常。调用ChangePassword - Active Directory access denied exception on DirectoryEntry.Invoke ChangePassword
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM