具有WsHttpBinding和Windows身份验证的WCF服务因匿名访问错误而失败
[英]WCF service with WsHttpBinding & windows authentication failing with anonymous access error
问题描述
Good day. 
美好的一天。 I've written a service in WCF that uses message-level security, which is set to use Windows authentication. 我已经在WCF中编写了一个使用消息级安全性的服务,该服务设置为使用Windows身份验证。 The relevant configuration is shown below: 相关配置如下所示:
<wsHttpBinding>
<binding name="WsHttpBinding" closeTimeout="00:30:00" openTimeout="00:30:00"
receiveTimeout="00:30:00" sendTimeout="00:30:00" maxBufferPoolSize="2147483647"
maxReceivedMessageSize="2147483647">
<readerQuotas maxStringContentLength="2147483647" maxArrayLength="2147483647"
maxBytesPerRead="2147483647" />
<security mode="Message">
<message clientCredentialType="Windows" establishSecurityContext="true" />
</security>
</binding>
</wsHttpBinding>
The developer of the calling client requested that my service is configured using these details. 调用客户端的开发人员请求使用这些详细信息配置我的服务。 I also do not have access to the configuration of the client binding unfortunately, but I can only assume it is configured properly, since other services that are consumed by it is working. 不幸的是,我也无法访问客户端绑定的配置,但是我只能假定它已正确配置,因为它消耗的其他服务正在运行。
The service is hosted through IIS, as an application under the default website. 该服务通过IIS作为默认网站下的应用程序托管。 The Authentication for the service application is set to Windows, with Anonymous authentication turned off. 服务应用程序的身份验证设置为Windows,匿名身份验证已关闭。 It also doesn't have a SSL certificate bound to it. 它也没有绑定SSL证书。
When the service gets called from the client, the following error is reported in the logs: The HTTP request is unauthorized with client authentication scheme 'Anonymous'. 当从客户端调用该服务时,在日志中报告以下错误: HTTP请求未经客户端身份验证方案“匿名”授权。 The authentication header received from the server was 'Negotiate,NTLM'. 从服务器收到的身份验证标头是“ Negotiate,NTLM”。
Any help resolving this issue will be greatly appreciated. 解决此问题的任何帮助将不胜感激。
Additional Info 附加信息
In an effort to find a solution, I had thrown together a WinForms test client to call the service. 为了找到解决方案,我将WinForms测试客户端召集在一起以调用该服务。 The client binding is configured as follows: 客户端绑定配置如下:
<wsHttpBinding>
<binding name="WSHttpBinding_IEAIEndpointService" closeTimeout="00:10:00"
openTimeout="00:10:00" receiveTimeout="00:10:00" sendTimeout="00:10:00"
maxBufferPoolSize="2147483647" maxReceivedMessageSize="2147483647">
<security mode="Message">
<message clientCredentialType="Windows" establishSecurityContext="true" />
</security>
</binding>
</wsHttpBinding>
Before making calls using the client proxy, I have the following code to set the Windows user account I want the service to authenticate with: 在使用客户端代理进行呼叫之前,我具有以下代码来设置我希望该服务进行身份验证的Windows用户帐户:
client.ClientCredentials.Windows.ClientCredential = new System.Net.NetworkCredential("Username", "Password", "DOMAIN");
Even with this configuration, I am still receiving the above-mentioned error. 即使使用这种配置,我仍然会收到上述错误。
1 个解决方案
解决方案1
2 已采纳 2015-02-03 10:13:51
IIS authentication is transport security. IIS身份验证是传输安全性。 Your client requested message security, so you need to disable it. 您的客户端请求消息安全性,因此您需要禁用它。 Message security will be handled by WCF, not IIS. 邮件安全性将由WCF而不是IIS处理。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.