我正在尝试从Silverlight(v5)使用BasicHTTPBinding WCF服务(在.Net 4.0控制台应用程序中自托管)。当没有传输加密时,一切正常,但我想将流量包装在一层SSL中。不需要任何形式的身份验证。
启用传输安全性后,我收到内部异常
{System.Security.SecurityException ---> System.Security.SecurityException:安全性错误。在 System.Net.Browser.BrowserHttpWebRequest.InternalEndGetResponse(IAsyncResult的 asyncResult)at System.Net.Browser.BrowserHttpWebRequest<> C_ DisplayClassa.b _9(对象 sendState)at System.Net.Browser.AsyncHelper<> C_ DisplayClass4.b _0(对象 sendState)---内部异常堆栈跟踪结束--- at System.Net.Browser.AsyncHelper.BeginOnUI(SendOrPostCallback System.Net.Browser.BrowserHttp中的beginMethod,Object state) WebRequest.EndGetResponse(IAsyncResult asyncResult)at System.ServiceModel.Channels.HttpChannelFactory.HttpRequestChannel.HttpChannelAsyncRequest.CompleteGetResponse(IAsyncResult的 结果)}
以下是代码:
服务器 - 无法正常工作(有安全性)
baseAddress = new Uri("https://mysite.com:8080/myService");
BasicHttpBinding externalBinding = new BasicHttpBinding{ MaxReceivedMessageSize = 1000000,
MaxBufferPoolSize = 1000000,
SendTimeout = TimeSpan.FromSeconds(30),
ReceiveTimeout = TimeSpan.FromSeconds(30),
Security = {Mode = BasicHttpSecurityMode.Transport}
};
externalBinding.Security.Transport.ClientCredentialType=HttpClientCredentialType.None;
host.AddServiceEndpoint(typeof(IPolicyRetriever), wsbinding, "").Behaviors.Add(new WebHttpBehavior());
host.AddServiceEndpoint(typeof(ImyServiceService), externalBinding, "myService");
服务器工作(没有安全性)
baseAddress = new Uri("http://mysite.com:8080/myService");
BasicHttpBinding externalBinding = new BasicHttpBinding
{
MaxReceivedMessageSize = 1000000,
MaxBufferPoolSize = 1000000,
SendTimeout = TimeSpan.FromSeconds(30),
ReceiveTimeout = TimeSpan.FromSeconds(30)
} ;
host.AddServiceEndpoint(typeof(IPolicyRetriever), wsbinding, "").Behaviors.Add(new WebHttpBehavior());
host.AddServiceEndpoint(typeof(ImyServiceService), externalBinding, "myServiceService");
SL客户端无法正常工作(有安全性)
EndpointAddress address = new EndpointAddress("https://mysite.com:8080/myService");
BasicHttpBinding binding = new BasicHttpBinding(BasicHttpSecurityMode.Transport);
client = new myServiceServiceReference.myServiceServiceClient(binding, address);
SL客户端工作(无安全性)
EndpointAddress address = new EndpointAddress("http://mysite.com:8080/myService");
BasicHttpBinding binding = new BasicHttpBinding();
client = new myServiceServiceReference.myServiceServiceClient(binding, address);
clientaccesspolicy.xml
<xml version=""1.0"" encoding=""utf-8""?>
<access-policy>
<cross-domain-access>
<policy>
<allow-from http-request-headers=""*"">
<domain uri=""*""/></allow-from>
<grant-to><resource path=""/"" include-subpaths=""true""/>
</grant-to></policy>
</cross-domain-access>
</access-policy>
我尝试将http-request-headers更改为https-request-headers无效。
任何人都可以看到错误;我需要做什么才能在这个BasicHTTPBinding上启用简单的SSL安全性?
答案 0 :(得分:1)
破解了。奇怪的是,问题在于<domain uri=""*""/>文件中的clientaccesspolicy.xml行 - 对于SSL,它必须明确包含HTTPS。所以工作文件看起来像:
<xml version="1.0" encoding="utf-8"?> <access-policy>
<cross-domain-access>
<policy>
<allow-from http-request-headers="*">
<domain uri="http://*"/>
<domain uri="https://*"/>
</allow-from>
<grant-to>
<resource path=""/"" include-subpaths=""true""/>
</grant-to>
</policy>
</cross-domain-access>
</access-policy>
奇怪,但显然是真的。