由STS IssuedToken保护的WCF服务-配置问题
[英]WCF Service secured by STS IssuedToken - configuration issue
问题描述
I am attempting to create a WCF dotnet service secured using a STS IssuedToken. 
我正在尝试创建使用STS IssuedToken保护的WCF dotnet服务。 STS is secured by X509. STS由X509保护。
Following is the configuration of relying party and I am using custom binding. 以下是依赖方的配置,我正在使用自定义绑定。 Do I need to add identity within the issuer in custombinding? 我是否需要在custombinding中在发行方内添加身份?
Is my behaviour configuration right? 我的行为配置正确吗? Please help. 请帮忙。
<?xml version="1.0"?>
<configuration>
<system.serviceModel>
<services>
<service name="EnterpriseServices.X509.EchoService">
<endpoint address="" binding="customBinding" bindingConfiguration="stsBinding" contract="EnterpriseServices.IEchoService"/>
</service>
</services>
<bindings>
<customBinding>
<binding name="stsBinding">
<security authenticationMode="IssuedToken" securityHeaderLayout="Lax" requireDerivedKeys="false" >
<issuedTokenParameters keyType="SymmetricKey" tokenType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1" >
<issuer address="http://sts_hostname/SenderVouches.svc/app">
</issuer>
<issuerMetadata address="http://sts_hostname/SenderVouches.svc/mex"></issuerMetadata>
</issuedTokenParameters>
</security>
<httpTransport></httpTransport>
</binding>
</customBinding>
</bindings>
<behaviors>
<serviceBehaviors>
<behavior>
<serviceDebug includeExceptionDetailInFaults="true"/>
<serviceCredentials>
<issuedTokenAuthentication certificateValidationMode="None" revocationMode="NoCheck">
<allowedAudienceUris>
<add allowedAudienceUri="https://rp_hostname/"/>
</allowedAudienceUris>
</issuedTokenAuthentication>
<clientCertificate>
<authentication certificateValidationMode="None" revocationMode="NoCheck"/>
</clientCertificate>
</serviceCredentials>
</behavior>
</serviceBehaviors>
</behaviors>
</system.serviceModel>
</configuration>
Following is the exception received at server side. 以下是服务器端收到的异常。 Accessed from a metro-java client and it is generated using wsdl provided by the service. 从Metro-java客户端访问,并且使用服务提供的wsdl生成。
<E2ETraceEvent xmlns="http://schemas.microsoft.com/2004/06/E2ETraceEvent">
<System xmlns="http://schemas.microsoft.com/2004/06/windows/eventlog/system">
<EventID>131075</EventID>
<Type>3</Type>
<SubType Name="Error">0</SubType>
<Level>2</Level>
<TimeCreated SystemTime="2012-06-11T13:49:34.3816111Z" />
<Source Name="System.ServiceModel" />
<Correlation ActivityID="{d15dc2ee-5be8-4a1f-8690-748979c0a0e3}" />
<Execution ProcessName="w3wp" ProcessID="944" ThreadID="8" />
<Channel />
<Computer>CH10</Computer>
</System>
<ApplicationData>
<TraceData>
<DataItem>
<TraceRecord xmlns="http://schemas.microsoft.com/2004/10/E2ETraceEvent/TraceRecord" Severity="Error">
<TraceIdentifier>http://msdn.microsoft.com/en-US/library/System.ServiceModel.Diagnostics.ThrowingException.aspx</TraceIdentifier>
<Description>Throwing an exception.</Description>
<AppDomain>/LM/W3SVC/3/ROOT-1-129838961736527071</AppDomain>
<Exception>
<ExceptionType>System.ServiceModel.ProtocolException, System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</ExceptionType>
<Message>There is a problem with the XML that was received from the network. See inner exception for more details.</Message>
<StackTrace>
at System.ServiceModel.Channels.HttpRequestContext.CreateMessage()
at System.ServiceModel.Channels.HttpChannelListener.HttpContextReceived(HttpRequestContext context, Action callback)
at System.ServiceModel.Activation.HostedHttpTransportManager.HttpContextReceived(HostedHttpRequestAsyncResult result)
at System.ServiceModel.Activation.HostedHttpRequestAsyncResult.HandleRequest()
at System.ServiceModel.Activation.HostedHttpRequestAsyncResult.BeginRequest()
at System.ServiceModel.Activation.HostedHttpRequestAsyncResult.OnBeginRequest(Object state)
at System.Runtime.IOThreadScheduler.ScheduledOverlapped.IOCallback(UInt32 errorCode, UInt32 numBytes, NativeOverlapped* nativeOverlapped)
at System.Runtime.Fx.IOCompletionThunk.UnhandledExceptionFrame(UInt32 error, UInt32 bytesRead, NativeOverlapped* nativeOverlapped)
at System.Threading._IOCompletionCallback.PerformIOCompletionCallback(UInt32 errorCode, UInt32 numBytes, NativeOverlapped* pOVERLAP)
</StackTrace>
<ExceptionString>System.ServiceModel.ProtocolException: There is a problem with the XML that was received from the network. See inner exception for more details. ---> System.Xml.XmlException: The body of the message cannot be read because it is empty.
--- End of inner exception stack trace ---</ExceptionString>
<InnerException>
<ExceptionType>System.Xml.XmlException, System.Xml, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</ExceptionType>
<Message>The body of the message cannot be read because it is empty.</Message>
<StackTrace>
at System.ServiceModel.Channels.HttpRequestContext.CreateMessage()
at System.ServiceModel.Channels.HttpChannelListener.HttpContextReceived(HttpRequestContext context, Action callback)
at System.ServiceModel.Activation.HostedHttpTransportManager.HttpContextReceived(HostedHttpRequestAsyncResult result)
at System.ServiceModel.Activation.HostedHttpRequestAsyncResult.HandleRequest()
at System.ServiceModel.Activation.HostedHttpRequestAsyncResult.BeginRequest()
at System.ServiceModel.Activation.HostedHttpRequestAsyncResult.OnBeginRequest(Object state)
at System.Runtime.IOThreadScheduler.ScheduledOverlapped.IOCallback(UInt32 errorCode, UInt32 numBytes, NativeOverlapped* nativeOverlapped)
at System.Runtime.Fx.IOCompletionThunk.UnhandledExceptionFrame(UInt32 error, UInt32 bytesRead, NativeOverlapped* nativeOverlapped)
at System.Threading._IOCompletionCallback.PerformIOCompletionCallback(UInt32 errorCode, UInt32 numBytes, NativeOverlapped* pOVERLAP)
</StackTrace>
<ExceptionString>System.Xml.XmlException: The body of the message cannot be read because it is empty.</ExceptionString>
</InnerException>
</Exception>
</TraceRecord>
</DataItem>
</TraceData>
</ApplicationData>
</E2ETraceEvent>
1 个解决方案
解决方案1
0 2012-06-11 11:25:57
I would start by adding some tracing to the server, this might help you figure out what is going wrong. 我将从向服务器添加一些跟踪开始,这可能有助于您确定出了什么问题。
Add this to your server app config: 将此添加到您的服务器应用程序配置中:
<system.diagnostics>
<sources>
<source name="Microsoft.IdentityModel" switchValue="Verbose">
<listeners>
<add name="xml" type="System.Diagnostics.XmlWriterTraceListener"
initializeData="c:\temp\WIF.svclog" />
</listeners>
</source>
<source name="System.ServiceModel.MessageLogging" switchValue="Verbose">
<listeners>
<add name="xml" type="System.Diagnostics.XmlWriterTraceListener"
initializeData="c:\temp\WCF.svclog" />
</listeners>
</source>
</sources>
<trace autoflush="true" />
</system.diagnostics>
Then post the exception the server creates here. 然后发布服务器在此处创建的异常。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.
相关问题
没有userPrincipalName的安全WCF服务 - Secured WCF service without userPrincipalName
TraceViewer如何与安全的WCF服务一起使用? - How does TraceViewer work with a secured WCF service?
WCF服务自定义配置 - WCF Service Custom Configuration
基本HttpBinding的WCF服务配置 - WCF Service Configuration for basicHttpBinding
WCF中相同服务的两个端点,一个不受保护 - Two endpoints for same service in WCF, one secured one not
在Azure上访问自定义STS(WCF服务)时出错 - Error while accessing Custom STS(WCF Service) on Azure
如何在WCF服务中创建向安全站点发出请求的身份验证cookie? - How to create an authentication cookie in the WCF Service that makes a request to a secured site?
具有回叫配置的WCF服务 - wcf service with call back configuration
WCF服务应用程序配置错误 - WCF service App configuration error
WCF RIA服务问题 - WCF RIA Service Issue
相关标签