使用 IIS 托管服务时出现问题 - 本地和远程
[英]Problem consuming IIS hosted service - locally and remotely
问题描述
I build 2 services for the project I'm currently working on.
我为我目前正在进行的项目构建了 2 个服务。
1) a simple client-server request service using basicHttpBinding 1) 一个使用 basicHttpBinding 的简单客户端-服务器请求服务
2) a callback dataservice using WSDualHttpBinding 2) 使用 WSDualHttpBinding 的回调数据服务
with some twiddling I was able to host both in IIS and I can visit both :/Service.svc in my browser locally as well as on another machine that shall interact with both services as well.通过一些操作,我能够同时在 IIS 中托管,并且可以在本地浏览器中访问 :/Service.svc ,也可以在另一台与这两种服务交互的机器上访问。
here is the app-config section for the callback dataservice这是回调数据服务的 app-config 部分
<system.serviceModel>
<behaviors>
<endpointBehaviors>
<behavior name="myBehavior">
<clientVia />
</behavior>
</endpointBehaviors>
</behaviors>
<bindings>
<wsDualHttpBinding>
<binding name="WSDualHttpBinding_IDataService">
<security mode="None">
<message negotiateServiceCredential="false" clientCredentialType="None" />
</security>
</binding>
</wsDualHttpBinding>
</bindings>
<client>
<endpoint address="http://<address>:50111/Service.svc/service"
binding="wsDualHttpBinding" bindingConfiguration="WSDualHttpBinding_IDataService" behaviorConfiguration="myBehavior"
contract="CallbackService.IDataService" name="WSDualHttpBinding_IDataService">
</endpoint>
</client>
</system.serviceModel>
the basicHttpBinding looks quite similar - only to another port basicHttpBinding 看起来非常相似 - 仅适用于另一个端口
I set IIS to anonymous authentication .. User IUSR, no password ..我将 IIS 设置为匿名身份验证 .. 用户 IUSR,无密码 ..
Originally it worked locally - but from the remote computer I received authentication errors .. so I tweaked some more - and now I get a timeout even locally .. though Visual Studio interacts with the service reference to both services just fine.最初它在本地工作 - 但是从远程计算机我收到了身份验证错误..所以我做了更多调整 - 现在我什至在本地也会超时..尽管 Visual Studio 与两个服务的服务引用交互得很好。
How do I get the service "to cooperate" again如何让服务再次“合作”
And I'm at my wits end - any help greatly appreciated!?我不知所措 - 非常感谢任何帮助!?
Edit: first problem solved - local communication restored编辑:第一个问题解决了 - 本地通信恢复
public ClientCallbacks myCallbacks=new ClientCallbacks();
public DuplexChannelFactory<IDataService> channelFactory { get; set; }
public IDataService channel;
public int connect() {
WSDualHttpBinding binding = new WSDualHttpBinding()
{ Name = "WSDualHttpBinding_IDataService" };
this.channelFactory = new DuplexChannelFactory<IDataService>(
mainForm.dbCommunication.myCallbacks,
binding,
new EndpointAddress("http://<address>:50111/Service.svc/service"));
this.channel = this.channelFactory.CreateChannel();
...
...
channel.AddListener(int-parameter); // announce new callback-partner
...
...
this.newListe = this.myCallbacks.receivedTaskList; //get Tasklist over callback
This works locally - but calling it remotely I get a "new" error这在本地工作 - 但远程调用它我收到一个“新”错误
System.ServiceModel.Security.SecurityNegotiationException:
The caller was not authenticated by the service. --->
System.ServiceModel.FaultException: The request for security token could not be satisfied
because authentication failed.
at System.ServiceModel.Security.SecurityUtils.ThrowIfNegotiationFault
(Message message, EndpointAddress target)
at System.ServiceModel.Security.SspiNegotiationTokenProvider.GetNextOutgoingMessageBody
(Message incomingMessage, SspiNegotiationTokenProviderState sspiState)
--- End of inner exception stack trace ---
And again I struggle to find a clue / solution .. I set IIS authentication to anonymous ... but it seems the communication is blocked before that point is reached .. What do I have to do to reach the service from a remote machine?我再次努力寻找线索/解决方案......我将 IIS 身份验证设置为匿名......但似乎在到达该点之前通信被阻止......我必须做什么才能从远程机器访问服务?
1 个解决方案
解决方案1
1 已采纳 2020-04-10 04:21:41
It seems that we should provide the credentials to have the client authenticated by the server-side.似乎我们应该提供凭据以使服务器端对客户端进行身份验证。 which sort of credentials should be supplied relies on the binding configuration of the server-side.应提供哪种凭据取决于服务器端的绑定配置。
By default.默认情况下。 The security mode of the WsDualhttpbinding is configured with Message security mode, and the client credential type is Windows. WsDualhttpbinding的安全模式配置为Message安全模式,客户端凭证类型为Windows。
These below code snippets are equivalent.下面这些代码片段是等效的。
WSDualHttpBinding binding = new WSDualHttpBinding();
WSDualHttpBinding binding = new WSDualHttpBinding();
binding.Security.Mode = WSDualHttpSecurityMode.Message;
binding.Security.Message.ClientCredentialType = MessageCredentialType.Windows;
From your code snippet, I didn't see your configuration of the server-side.从您的代码片段中,我没有看到您对服务器端的配置。 If Windows credential is required, please consider the below code segments.如果需要 Windows 凭据,请考虑以下代码段。
//ChannelFactory<IService> channelFactory = new ChannelFactory(...);
channelFactory.Credentials.Windows.ClientCredential.UserName = "administrator";
channelFactory.Credentials.Windows.ClientCredential.Password = "123456";
IService svc = channelFactory.CreateChannel();
Feel free to let me know if the problem still exists.如果问题仍然存在,请随时告诉我。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.