连接到IP地址的WCF身份验证错误
[英]WCF Authentication error connecting to IP Address
问题描述
I have a program which have a wcf service to communicate with other module. 
我有一个程序,该程序具有与其他模块进行通信的wcf服务。 I'd like to implement custom authorization and authentication. 我想实现自定义授权和身份验证。 Sorry for bad code. 抱歉,代码错误。 Here is it: Server: 它是:服务器:
Config: 配置:
<behaviors>
<serviceBehaviors>
<behavior name="managementMexBehavior">
<serviceMetadata httpGetEnabled="True" httpGetUrl="http://localhost:7538/management/mex"/>
<serviceDebug includeExceptionDetailInFaults="True"/>
<serviceDiscovery>
<announcementEndpoints>
<endpoint kind="udpAnnouncementEndpoint"/>
</announcementEndpoints>
</serviceDiscovery>
</behavior>
</serviceBehaviors>
</behaviors>
<binding name="managementServerBindingConfig" closeTimeout="00:10:00"
openTimeout="00:10:00" receiveTimeout="00:10:00" sendTimeout="00:10:00"
transferMode="Buffered" maxReceivedMessageSize="65535">
<security mode="TransportWithMessageCredential">
<message clientCredentialType="UserName" />
</security>
</binding>
Code 码
var binding = new NetTcpBinding("managementServerBindingConfig");
binding.Security.Message.ClientCredentialType = MessageCredentialType.UserName;
string address = _c24ServerAdminSettings.ManagementWebServerAddress;
ServiceEndpoint endpoint = Host.AddServiceEndpoint(ServiceInterface, binding, address);
endpoint.Name = "C24ServerAdminManagementEndpoint";
var parametrInspector = new OperationParametrInspector();
var errorHandler = new DispatcherErrorHandler();
errorHandler.OnHandleError += errorHandler_OnHandleError;
var behavior = new EnpointDispathcherBehavior(parametrInspector, errorHandler);
endpoint.Behaviors.Add(behavior);
//ServiceCredentials
ServiceCredentials scb = Host.Description.Behaviors.Find<ServiceCredentials>();
if (scb == null)
{
scb = new ServiceCredentials();
Host.Description.Behaviors.Add(scb);
}
scb.UserNameAuthentication.UserNamePasswordValidationMode = UserNamePasswordValidationMode.Custom;
scb.UserNameAuthentication.CustomUserNamePasswordValidator = new PasswordValidator(_dataManager);
scb.ServiceCertificate.SetCertificate(StoreLocation.LocalMachine, StoreName.My, X509FindType.FindBySubjectName, "localhost");
//ServiceAuthorizationBehavior
ServiceAuthorizationBehavior sab = Host.Description.Behaviors.Find<ServiceAuthorizationBehavior>();
if (sab == null)
{
sab = new ServiceAuthorizationBehavior();
Host.Description.Behaviors.Add(sab);
}
sab.PrincipalPermissionMode = PrincipalPermissionMode.Custom;
sab.ExternalAuthorizationPolicies = new ReadOnlyCollection<IAuthorizationPolicy>(new[]
{
new AuthorizationPolicy()
});
Client: 客户:
Config: 配置:
<binding name="C24ServerAdminManagementEndpoint" closeTimeout="00:01:00"
openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00"
transactionFlow="false" transferMode="Buffered" transactionProtocol="OleTransactions"
hostNameComparisonMode="StrongWildcard" listenBacklog="10"
maxBufferPoolSize="524288" maxBufferSize="65536" maxConnections="10"
maxReceivedMessageSize="65536">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
maxBytesPerRead="4096" maxNameTableCharCount="16384" />
<reliableSession ordered="true" inactivityTimeout="00:10:00"
enabled="false" />
<security mode="TransportWithMessageCredential">
<message clientCredentialType="UserName" />
</security>
</binding>
<endpoint address="net.tcp://localhost:60001/Management/" binding="netTcpBinding"
bindingConfiguration="C24ServerAdminManagementEndpoint" contract="C24ServerAdminManagement.IManagementWebService"
name="C24ServerAdminManagementEndpoint">
<identity>
<dns value="localhost" />
</identity>
</endpoint>
Code: 码:
ManagementWebServiceClient ds = new ManagementWebServiceClient("C24ServerAdminManagementEndpoint", _managementServiceAddress);
ds.ClientCredentials.ServiceCertificate.Authentication.CertificateValidationMode = X509CertificateValidationMode.None;
ds.ClientCredentials.UserName.UserName = UserName;
ds.ClientCredentials.UserName.Password = Password;
ds.Open();
This work pretty well with localhost. 本地主机可以很好地工作。 But when I set computer Ip address. 但是当我设置计算机的IP地址时。 Client trying to connect to service, service respond and exception occurs.In exception said that response received from DNS(localhost) while we wait from DNS(192.168.0.1). 客户端尝试连接到服务,服务响应并发生异常。异常表示从DNS(localhost)接收到响应,而我们从DNS(192.168.0.1)等待。 But 192.168.0.1 is local address. 但是192.168.0.1是本地地址。
2 个解决方案
解决方案1
0 2014-01-21 13:42:02
I was having the same problem "...everything OK if the client and host are on the same machine, but if the Host and Client are on separate machines I get exceptions errors". 我遇到了同样的问题:“ ...如果客户端和主机位于同一台计算机上,则一切正常,但是如果主机和客户端位于不同的计算机上,则会出现异常错误”。
This is what solved the problem for me: My internet connection settings used a proxy server. 这就是为我解决问题的原因:我的Internet连接设置使用了代理服务器。 I changed the IE options for the LAN settings to Bypass proxy server for local addresses and Do not use proxy server for addresses beginning with: http:\\\\host-ip-here 我将LAN设置的IE选项更改为Bypass proxy server for local addresses Do not use proxy server for addresses beginning with: http:\\\\host-ip-here
Good luck. 祝好运。
解决方案2
0 已采纳 2014-01-27 07:51:24
The problem was in dns identity. 问题出在dns身份上。 I used localhost certificate. 我使用了本地主机证书。 And when i connected using direct IP service returned DNS from certificate.Actually adding dns identity in config should have fixed that problem. 当我使用直接IP服务进行连接时,从证书返回了DNS。实际上在配置中添加dns身份应该可以解决该问题。 Maybe it didn't fix because i created endpoint in code and it load binding config but not endpoint. 也许它没有解决,因为我在代码中创建了终结点,并且加载了绑定配置,但没有终结点。 I rewrite code just a little 我只重写一点代码
string address = _managementServiceAddress;
EndpointAddress epa = new EndpointAddress(new Uri(address), EndpointIdentity.CreateDnsIdentity("localhost"));
ManagementWebServiceClient ds = new ManagementWebServiceClient("C24ServerAdminManagementEndpoint", epa);
ds.ClientCredentials.ServiceCertificate.Authentication.CertificateValidationMode = X509CertificateValidationMode.None;
ds.ClientCredentials.UserName.UserName = UserName;
ds.ClientCredentials.UserName.Password = Password;
It works fine. 工作正常。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.