ASP.NET - 使用WCF Web服务绑定w / AD组的IIS7部署错误500 24 50
[英]ASP.NET - IIS7 Deployment Error 500 24 50 using WCF Web Service Binding w/ AD Groups
问题描述
Background: I am getting a Internal Server 500 24 50 error after deploying an application that has compiled without errors on my local machine. 
背景:在部署在本地计算机上无错误编译的应用程序后,我收到内部服务器500 24 50错误。 The server that the application is deployed on has a ton of security and is running IIS 7.5 so I need to specify read and write access for every directory. 部署应用程序的服务器具有大量安全性并且运行IIS 7.5,因此我需要为每个目录指定读写访问权限。 This application uses windows authentication and a web service to populate drop down boxes via a proxy. 此应用程序使用Windows身份验证和Web服务通过代理填充下拉框。 I think there might be an issue connecting to the web service or an issue with the read/write security on the files, or an issue with the active directory authentication. 我认为连接到Web服务可能存在问题,或者文件的读/写安全性问题,或者活动目录身份验证存在问题。
For some reason, Internet Explorer just displayed can't load webpage Error. 由于某种原因,Internet Explorer刚刚显示无法加载网页错误。
Error in Google Chrome: Google Chrome中出错:
500 – Internal Server Error.
There is a problem with the resource you are looking for, and it cannot be displayed.
Log File Details: 日志文件详情:
#Software: Microsoft Internet Information Services 7.5
#Fields: date time s-sitename s-computername s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs-version cs(User-Agent) cs(Cookie) cs(Referer) cs-host sc-status sc-substatus sc-win32-status sc-bytes cs-bytes time-taken
2011-05-18 13:54:46 W3SVC1 FL-TPA-WEB-01 172.17.1.25 GET / - 80 -
172.17.1.25 HTTP/1.1 Mozilla/4.0+(compatible;+MSIE+8.0;+Windows+NT+6.1;+WOW64;
+Trident/4.0;+SLCC2;+.NET+CLR+2.0.50727;+.NET4.0C;+.NET4.0E) - -
invitations.myagencyservices.com 500 24 50 1380 368 15
MSDN Defines the error at http://support.microsoft.com/kb/943891 as: MSDN将错误定义为http://support.microsoft.com/kb/943891,如下所示:
500.24 - An ASP.NET impersonation configuration does not apply in Managed
Pipeline mode.
Web.Config code: Web.Config代码:
<system.web>
<customErrors mode="Off" ></customErrors>
<compilation debug="true" strict="false" explicit="true" targetFramework="4.0" />
<trace enabled="true" pageOutput="true" />
<authentication mode="Windows"/>
<identity impersonate="true"/>
<authorization>
<allow users="alg\bmccarthy, alg\phoward" />
<allow roles="alg\ACOMP_USER_ADMIN" />
<allow roles="alg\ACOMP_user_AMG" />
<allow roles="alg\ACOMP_user_BIG" />
<allow roles="alg\ACOMP_user_NIS" />
<allow roles="alg\ACOMP_user_GLA" />
<allow roles="alg\ACOMP_user_PIP" />
<allow roles="alg\ACOMP_user_PSM" />
<allow roles="alg\ACOMP_user_PAM" />
<allow roles="alg\ACOMP_user_ANN" />
<allow roles="alg\ACOMP_user_AAM" />
<allow roles="alg\ACOMP_user_MWM" />
<allow roles="alg\ACOMP_user_GIM" />
<deny users="*" />
</authorization>
</system.web>
<system.webServer>
<modules runAllManagedModulesForAllRequests="true"/>
</system.webServer>
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="BasicHttpBinding_IAcompService1" closeTimeout="00:01:00"
openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00"
allowCookies="false" bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard"
maxBufferSize="65536" maxBufferPoolSize="524288" maxReceivedMessageSize="65536"
messageEncoding="Text" textEncoding="utf-8" transferMode="Buffered"
useDefaultWebProxy="true">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
maxBytesPerRead="4096" maxNameTableCharCount="16384" />
<security mode="None">
<transport clientCredentialType="None" proxyCredentialType="None"
realm="" />
<message clientCredentialType="UserName" algorithmSuite="Default" />
</security>
</binding>
</basicHttpBinding>
</bindings>
<client>
<endpoint address="http://63.236.108.91/aCompService.svc" binding="basicHttpBinding"
bindingConfiguration="BasicHttpBinding_IAcompService1" contract="aComp_ServiceReference.IAcompService"
name="BasicHttpBinding_IAcompService1" />
</client>
</system.serviceModel>
Any suggestions will be up-voted! 任何建议都将被投票! Thanks for looking! 谢谢你的期待!
3 个解决方案
解决方案1
13 已采纳 2011-05-19 19:25:44
The 500.24.50 Error occurs because ASP.NET Integrated mode is unable to impersonate the request identity in the BeginRequest and AuthenticateRequest pipeline stages. 发生500.24.50错误是因为ASP.NET集成模式无法模拟BeginRequest和AuthenticateRequest管道阶段中的请求标识。 500.24 is thrown if your application is running in integrated mode, validateIntegratedModeConfiguration is not declared or set to true, and your application has identity impersonate set to true. 如果您的应用程序在集成模式下运行,则声明500.24,未声明validateIntegratedModeConfiguration或设置为true,并且您的应用程序将标识模拟设置为true。
Workaround 解决方法
A. If your application does not rely on impersonating the requesting user in the BeginRequest and AuthenticateRequest stages (the only stages where impersonation is not possible in Integrated mode), ignore this error by adding the following to your application's web.config: 答:如果您的应用程序不依赖于在BeginRequest和AuthenticateRequest阶段模拟请求用户(在集成模式下无法模拟的唯一阶段),请通过将以下内容添加到应用程序的web.config来忽略此错误:
<system.webServer>
<validation validateIntegratedModeConfiguration="false" />
</system.webServer>
B. If your application does rely on impersonation in BeginRequest and AuthenticateRequest, or you are not sure, move to Classic mode. B.如果您的应用程序确实依赖于BeginRequest和AuthenticateRequest中的模拟,或者您不确定,请转到经典模式。
C. remove from web.config which won't be effective in integrated mode anyway C.从web.config中删除无论如何都无法在集成模式下生效
Read more on Breaking Changes in IIS 7 from LEARN.IIS.NET 阅读LEARN.IIS.NET中有关IIS 7中的重大更改的更多信息
解决方案2
2 2011-05-19 17:27:00
UPDATE: 更新:
Did a little more digging and you actually have the service mis-configured. 做了一点挖掘,你实际上错误配置了服务。 This MSDN article explains how to configure basicHttpBinding for Windows authentication. 此MSDN文章介绍了如何为Windows身份验证配置basicHttpBinding。 Basically, the basicHttpBinding element needs to look like this: 基本上,basicHttpBinding元素需要如下所示:
<basicHttpBinding>
<binding name="BasicHttpEndpointBinding">
<security mode="TransportCredentialOnly">
<transport clientCredentialType="Windows" />
</security>
</binding>
</basicHttpBinding>
Original answer: 原始答案:
Below is something to try from the information in this article. 以下是本文中的信息。 Since your service uses impersonation for authorization it looks like you'll need to use the ASP.NET classic mode pipeline configuration of the AppPool for this service. 由于您的服务使用模拟进行授权,因此您似乎需要使用AppPool的ASP.NET 经典模式管道配置来进行此服务。 You may want to research how impersonation is supported in the new Integrated mode pipeline and see why your service is failing to comply with it since Integrated mode is prefered. 您可能想要研究新的集成模式管道中如何支持模拟,并了解您的服务无法满足它的原因,因为首选集成模式。
You will receive a 500 - Internal Server Error.
B. If your application does rely on impersonation in BeginRequest and AuthenticateRequest, or you are not sure, move to Classic mode.
解决方案3
1 2012-09-09 19:38:03
Important: Make sure that you have installed ASP.NET on your machine; 重要说明:确保已在计算机上安装了ASP.NET; if not or if in doubt, run the following command: 如果没有或有疑问,请运行以下命令:
> c:\Windows\Microsoft.NET\Framework\vX.X.XXXXX\aspnet_regiis.exe /i
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.