stackoom
  简体   繁体   中英

wsHTTPBinding authentication error

 原文  2014-11-10 20:07:27       .net/ wcf/ ssl/ wshttpbinding

Question

I'd like to implement wsHTTPBinding on a web service but I continuously get this error: "The caller was not authenticated by the service". I've seen a ton of posts on the subject but they either do not fix my issue/not related to my configuration or the 'answer' is to use basicHTTPBinding. The service is hosted within the root folder of a secure website complete with its own ssl certificate. I was hoping that I could use that certificate to reasonably secure the SOAP messages which is why I want to stick with wsHTTP. However, I've tried modifying all kinds of configurations - even setting authentication mode to 'none' just to get it to work - but every time I get the same error. Does anyone know how I can modify the web.config settings to get wsHTTPBinding to work using the existing ssl certificate?

Web.config 

<?xml version="1.0"?>
  <configuration>
    <appSettings/>
      <connectionStrings/>
        <system.web>


          <trust level="Full"></trust>

          <compilation debug="true" strict="false" explicit="true" targetFramework="4.0"/>

          </system.web>

          <system.serviceModel>
            <services>
              <service behaviorConfiguration="xxxService1.xxx1Behavior" name="xxxService1.xxx1">
                <endpoint address="" 
                binding="basicHttpBinding" 
                contract="xxxService1.Ixxx1"
                bindingConfiguration="secureHttpBinding"
                >
                </endpoint>
                <endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange"/>
              </service>
            </services>
          <bindings>
        <basicHttpBinding>
          <binding name="secureHttpBinding">
          <security mode="Transport">
            <transport clientCredentialType="None"/>
          </security>
    </binding>
  </basicHttpBinding>
</bindings>
<behaviors>
  <serviceBehaviors>
    <behavior name="xxxService1.Service1Behavior">
      <serviceMetadata httpGetEnabled="true"/>
      <serviceDebug includeExceptionDetailInFaults="false"/>
    </behavior>
    <behavior name="xxxService1.xxx1Behavior">
      <serviceMetadata httpGetEnabled="true"/>
      <serviceDebug includeExceptionDetailInFaults="false"/>
    </behavior>
  </serviceBehaviors>
</behaviors>
<serviceHostingEnvironment multipleSiteBindingsEnabled="true">
</serviceHostingEnvironment>
</system.serviceModel>

<system.webServer>
  <modules runAllManagedModulesForAllRequests="true"/>
</system.webServer>

</configuration>

App.config 

<?xml version="1.0" encoding="utf-8" ?>
  <configuration>
    <startup useLegacyV2RuntimeActivationPolicy="true">

    <requiredRuntime version="v4.0.20506"/>
    <supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.0"/>
     </startup>
    <system.serviceModel>
    <bindings>
      <basicHttpBinding>
        <binding name="secureHttpBinding">
          <security mode="Transport">
          <transport clientCredentialType="None"/>
          </security>
        </binding>
     </basicHttpBinding>

    </bindings>
    <client>

    <endpoint address="https://111.111.111.111/xxxAPI/xxx1.svc" 
            binding="basicHttpBinding"

            contract="TestingxxxService1.Ixxx1"
      name="BasicHttpBinding_Ixxx1"
            bindingConfiguration="secureHttpBinding" />
    </client>
</system.serviceModel>
</configuration>

2 answers

solution1
 1  2014-11-11 06:45:31

You need to post your client and server config. The configuration depends on what credentials you need want to use for authentication. To use SSL over a HTTP binding (BasicHttpBinding or WsHttpBinding), the security mode will be Transport or TransportWithMessageCredential. Why do you need WsHttpBinding for this?

There are a bunch of different configuration options here: http://msdn.microsoft.com/en-us/library/ms789011%28v=vs.110%29.aspx

An example: 

<wsHttpBinding>
    <binding name="WsHttpBinding_ICalculator">
        <security mode="TransportWithMessageCredential" >
           <message clientCredentialType="UserName" />
        </security>
    </binding>
</wsHttpBinding>

solution2
 0  2014-11-16 07:14:49

The problem here was that I was testing the service on our new site that we have not yet migrated to. So, that site was only identified by the IP address and not the domain. The SSL certificate from the old site that I had the tech at our web hosting service port over to the new site rejected the communication because obviously the request was for a resource from an IP it did not recognize. I 'fixed' the problem by moving the service over to the existing site for testing. A small note, you have to remember the Enable SSL in IIS if you are accessing a web service in this way.

See the endpoint element in my config file: endpoint address="https://111.111.111.111/xxxAPI/xxx1.svc"

it needs to be: endpoint address="https://www.mysite.com/xxxAPI/xxx1.svc"

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How secure is WCF wsHttpBinding's Windows authentication? Is it possible to get through a Basic authentication proxy using WsHttpBinding? getting error message related to basicHttpBinding even though I'm using wsHttpBinding increasing the performance of wshttpbinding? How to add WSHttpBinding to NinjectServiceHostFactory WCF wsHttpBinding with http keepalive WCF, wsHttpBinding and wsp:policy wsHttpBinding workarounds in .NET Core WCF Service wsHttpBinding WsHttpBinding on .Net Core
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM