stackoom
  简体   繁体   中英

WCF Service secured by STS IssuedToken - configuration issue

 原文  2012-06-11 10:04:00       .net/ wcf/ web-services/ wcf-binding/ wcf-security

Question

I am attempting to create a WCF dotnet service secured using a STS IssuedToken. STS is secured by X509.

Following is the configuration of relying party and I am using custom binding. Do I need to add identity within the issuer in custombinding?

Is my behaviour configuration right? Please help. 

<?xml version="1.0"?>
 <configuration>
 <system.serviceModel>
 <services>
   <service name="EnterpriseServices.X509.EchoService">
     <endpoint address="" binding="customBinding" bindingConfiguration="stsBinding" contract="EnterpriseServices.IEchoService"/>
   </service>
 </services>

<bindings>    
  <customBinding>
    <binding name="stsBinding">
      <security authenticationMode="IssuedToken" securityHeaderLayout="Lax" requireDerivedKeys="false" >
        <issuedTokenParameters keyType="SymmetricKey" tokenType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1" >
          <issuer address="http://sts_hostname/SenderVouches.svc/app">
          </issuer>
          <issuerMetadata address="http://sts_hostname/SenderVouches.svc/mex"></issuerMetadata>
        </issuedTokenParameters>
      </security>
      <httpTransport></httpTransport>
    </binding>
  </customBinding>
</bindings>

<behaviors>
  <serviceBehaviors>
    <behavior>
      <serviceDebug includeExceptionDetailInFaults="true"/>
      <serviceCredentials>   
        <issuedTokenAuthentication certificateValidationMode="None" revocationMode="NoCheck">
          <allowedAudienceUris>
            <add allowedAudienceUri="https://rp_hostname/"/>
          </allowedAudienceUris>
        </issuedTokenAuthentication>
        <clientCertificate>
          <authentication certificateValidationMode="None" revocationMode="NoCheck"/>
        </clientCertificate>
      </serviceCredentials>
    </behavior>
  </serviceBehaviors>
 </behaviors>
 </system.serviceModel>
</configuration>

Following is the exception received at server side. Accessed from a metro-java client and it is generated using wsdl provided by the service. 

    <E2ETraceEvent xmlns="http://schemas.microsoft.com/2004/06/E2ETraceEvent">
    <System xmlns="http://schemas.microsoft.com/2004/06/windows/eventlog/system">
    <EventID>131075</EventID>
    <Type>3</Type>
    <SubType Name="Error">0</SubType>
    <Level>2</Level>
    <TimeCreated SystemTime="2012-06-11T13:49:34.3816111Z" />
    <Source Name="System.ServiceModel" />
    <Correlation ActivityID="{d15dc2ee-5be8-4a1f-8690-748979c0a0e3}" />
    <Execution ProcessName="w3wp" ProcessID="944" ThreadID="8" />
    <Channel />
    <Computer>CH10</Computer>
    </System>
    <ApplicationData>
    <TraceData>
    <DataItem>
    <TraceRecord xmlns="http://schemas.microsoft.com/2004/10/E2ETraceEvent/TraceRecord" Severity="Error">
    <TraceIdentifier>http://msdn.microsoft.com/en-US/library/System.ServiceModel.Diagnostics.ThrowingException.aspx</TraceIdentifier>
    <Description>Throwing an exception.</Description>
    <AppDomain>/LM/W3SVC/3/ROOT-1-129838961736527071</AppDomain>
    <Exception>
    <ExceptionType>System.ServiceModel.ProtocolException, System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</ExceptionType>
    <Message>There is a problem with the XML that was received from the network. See inner exception for more details.</Message>
    <StackTrace>
    at System.ServiceModel.Channels.HttpRequestContext.CreateMessage()
    at System.ServiceModel.Channels.HttpChannelListener.HttpContextReceived(HttpRequestContext context, Action callback)
    at System.ServiceModel.Activation.HostedHttpTransportManager.HttpContextReceived(HostedHttpRequestAsyncResult result)
    at System.ServiceModel.Activation.HostedHttpRequestAsyncResult.HandleRequest()
    at System.ServiceModel.Activation.HostedHttpRequestAsyncResult.BeginRequest()
    at System.ServiceModel.Activation.HostedHttpRequestAsyncResult.OnBeginRequest(Object state)
    at System.Runtime.IOThreadScheduler.ScheduledOverlapped.IOCallback(UInt32 errorCode, UInt32 numBytes, NativeOverlapped* nativeOverlapped)
    at System.Runtime.Fx.IOCompletionThunk.UnhandledExceptionFrame(UInt32 error, UInt32 bytesRead, NativeOverlapped* nativeOverlapped)
    at System.Threading._IOCompletionCallback.PerformIOCompletionCallback(UInt32 errorCode, UInt32 numBytes, NativeOverlapped* pOVERLAP)
    </StackTrace>
    <ExceptionString>System.ServiceModel.ProtocolException: There is a problem with the XML that was received from the network. See inner exception for more details. ---&gt; System.Xml.XmlException: The body of the message cannot be read because it is empty.
       --- End of inner exception stack trace ---</ExceptionString>
    <InnerException>
    <ExceptionType>System.Xml.XmlException, System.Xml, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</ExceptionType>
    <Message>The body of the message cannot be read because it is empty.</Message>
    <StackTrace>
    at System.ServiceModel.Channels.HttpRequestContext.CreateMessage()
    at System.ServiceModel.Channels.HttpChannelListener.HttpContextReceived(HttpRequestContext context, Action callback)
    at System.ServiceModel.Activation.HostedHttpTransportManager.HttpContextReceived(HostedHttpRequestAsyncResult result)
    at System.ServiceModel.Activation.HostedHttpRequestAsyncResult.HandleRequest()
    at System.ServiceModel.Activation.HostedHttpRequestAsyncResult.BeginRequest()
    at System.ServiceModel.Activation.HostedHttpRequestAsyncResult.OnBeginRequest(Object state)
    at System.Runtime.IOThreadScheduler.ScheduledOverlapped.IOCallback(UInt32 errorCode, UInt32 numBytes, NativeOverlapped* nativeOverlapped)
    at System.Runtime.Fx.IOCompletionThunk.UnhandledExceptionFrame(UInt32 error, UInt32 bytesRead, NativeOverlapped* nativeOverlapped)
    at System.Threading._IOCompletionCallback.PerformIOCompletionCallback(UInt32 errorCode, UInt32 numBytes, NativeOverlapped* pOVERLAP)
    </StackTrace>
    <ExceptionString>System.Xml.XmlException: The body of the message cannot be read because it is empty.</ExceptionString>
    </InnerException>
    </Exception>
    </TraceRecord>
    </DataItem>
    </TraceData>
    </ApplicationData>
    </E2ETraceEvent>

1 answers

solution1
 0  2012-06-11 11:25:57

I would start by adding some tracing to the server, this might help you figure out what is going wrong.

Add this to your server app config: 

 <system.diagnostics>
    <sources>
      <source name="Microsoft.IdentityModel" switchValue="Verbose">
        <listeners>
          <add name="xml" type="System.Diagnostics.XmlWriterTraceListener"
               initializeData="c:\temp\WIF.svclog" />
        </listeners>
      </source>
      <source name="System.ServiceModel.MessageLogging" switchValue="Verbose">
        <listeners>
          <add name="xml" type="System.Diagnostics.XmlWriterTraceListener"
               initializeData="c:\temp\WCF.svclog" />
        </listeners>
      </source>
    </sources>
    <trace autoflush="true" />
  </system.diagnostics>

Then post the exception the server creates here.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Secured WCF service without userPrincipalName How does TraceViewer work with a secured WCF service? WCF Service Custom Configuration WCF Service Configuration for basicHttpBinding Two endpoints for same service in WCF, one secured one not Error while accessing Custom STS(WCF Service) on Azure How to create an authentication cookie in the WCF Service that makes a request to a secured site? wcf service with call back configuration WCF service App configuration error WCF RIA Service Issue
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM