![](/img/trans.png)
[英]TCP error in case wrong IP Address specified in WCF although the IP Address is correct
[英]WCF Authentication error connecting to IP Address
我有一個程序,該程序具有與其他模塊進行通信的wcf服務。 我想實現自定義授權和身份驗證。 抱歉,代碼錯誤。 它是:服務器:
配置:
<behaviors>
<serviceBehaviors>
<behavior name="managementMexBehavior">
<serviceMetadata httpGetEnabled="True" httpGetUrl="http://localhost:7538/management/mex"/>
<serviceDebug includeExceptionDetailInFaults="True"/>
<serviceDiscovery>
<announcementEndpoints>
<endpoint kind="udpAnnouncementEndpoint"/>
</announcementEndpoints>
</serviceDiscovery>
</behavior>
</serviceBehaviors>
</behaviors>
<binding name="managementServerBindingConfig" closeTimeout="00:10:00"
openTimeout="00:10:00" receiveTimeout="00:10:00" sendTimeout="00:10:00"
transferMode="Buffered" maxReceivedMessageSize="65535">
<security mode="TransportWithMessageCredential">
<message clientCredentialType="UserName" />
</security>
</binding>
碼
var binding = new NetTcpBinding("managementServerBindingConfig");
binding.Security.Message.ClientCredentialType = MessageCredentialType.UserName;
string address = _c24ServerAdminSettings.ManagementWebServerAddress;
ServiceEndpoint endpoint = Host.AddServiceEndpoint(ServiceInterface, binding, address);
endpoint.Name = "C24ServerAdminManagementEndpoint";
var parametrInspector = new OperationParametrInspector();
var errorHandler = new DispatcherErrorHandler();
errorHandler.OnHandleError += errorHandler_OnHandleError;
var behavior = new EnpointDispathcherBehavior(parametrInspector, errorHandler);
endpoint.Behaviors.Add(behavior);
//ServiceCredentials
ServiceCredentials scb = Host.Description.Behaviors.Find<ServiceCredentials>();
if (scb == null)
{
scb = new ServiceCredentials();
Host.Description.Behaviors.Add(scb);
}
scb.UserNameAuthentication.UserNamePasswordValidationMode = UserNamePasswordValidationMode.Custom;
scb.UserNameAuthentication.CustomUserNamePasswordValidator = new PasswordValidator(_dataManager);
scb.ServiceCertificate.SetCertificate(StoreLocation.LocalMachine, StoreName.My, X509FindType.FindBySubjectName, "localhost");
//ServiceAuthorizationBehavior
ServiceAuthorizationBehavior sab = Host.Description.Behaviors.Find<ServiceAuthorizationBehavior>();
if (sab == null)
{
sab = new ServiceAuthorizationBehavior();
Host.Description.Behaviors.Add(sab);
}
sab.PrincipalPermissionMode = PrincipalPermissionMode.Custom;
sab.ExternalAuthorizationPolicies = new ReadOnlyCollection<IAuthorizationPolicy>(new[]
{
new AuthorizationPolicy()
});
客戶:
配置:
<binding name="C24ServerAdminManagementEndpoint" closeTimeout="00:01:00"
openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00"
transactionFlow="false" transferMode="Buffered" transactionProtocol="OleTransactions"
hostNameComparisonMode="StrongWildcard" listenBacklog="10"
maxBufferPoolSize="524288" maxBufferSize="65536" maxConnections="10"
maxReceivedMessageSize="65536">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
maxBytesPerRead="4096" maxNameTableCharCount="16384" />
<reliableSession ordered="true" inactivityTimeout="00:10:00"
enabled="false" />
<security mode="TransportWithMessageCredential">
<message clientCredentialType="UserName" />
</security>
</binding>
<endpoint address="net.tcp://localhost:60001/Management/" binding="netTcpBinding"
bindingConfiguration="C24ServerAdminManagementEndpoint" contract="C24ServerAdminManagement.IManagementWebService"
name="C24ServerAdminManagementEndpoint">
<identity>
<dns value="localhost" />
</identity>
</endpoint>
碼:
ManagementWebServiceClient ds = new ManagementWebServiceClient("C24ServerAdminManagementEndpoint", _managementServiceAddress);
ds.ClientCredentials.ServiceCertificate.Authentication.CertificateValidationMode = X509CertificateValidationMode.None;
ds.ClientCredentials.UserName.UserName = UserName;
ds.ClientCredentials.UserName.Password = Password;
ds.Open();
本地主機可以很好地工作。 但是當我設置計算機的IP地址時。 客戶端嘗試連接到服務,服務響應並發生異常。異常表示從DNS(localhost)接收到響應,而我們從DNS(192.168.0.1)等待。 但是192.168.0.1是本地地址。
我遇到了同樣的問題:“ ...如果客戶端和主機位於同一台計算機上,則一切正常,但是如果主機和客戶端位於不同的計算機上,則會出現異常錯誤”。
這就是為我解決問題的原因:我的Internet連接設置使用了代理服務器。 我將LAN設置的IE選項更改為Bypass proxy server for local addresses
Do not use proxy server for addresses beginning with: http:\\\\host-ip-here
祝好運。
問題出在dns身份上。 我使用了本地主機證書。 當我使用直接IP服務進行連接時,從證書返回了DNS。實際上在配置中添加dns身份應該可以解決該問題。 也許它沒有解決,因為我在代碼中創建了終結點,並且加載了綁定配置,但沒有終結點。 我只重寫一點代碼
string address = _managementServiceAddress;
EndpointAddress epa = new EndpointAddress(new Uri(address), EndpointIdentity.CreateDnsIdentity("localhost"));
ManagementWebServiceClient ds = new ManagementWebServiceClient("C24ServerAdminManagementEndpoint", epa);
ds.ClientCredentials.ServiceCertificate.Authentication.CertificateValidationMode = X509CertificateValidationMode.None;
ds.ClientCredentials.UserName.UserName = UserName;
ds.ClientCredentials.UserName.Password = Password;
工作正常。
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.