我创建了一个WCF服务并将其部署在Server上。当我浏览这个服务时,它使用?wsdl URL给我积极的回应。现在我正试图通过WCF测试客户端测试服务。它显示正确的元数据。但是当我尝试从服务中调用任何方法时,它会向我显示异常...这里是堆栈跟踪的错误细节..
HTTP请求未经授权 客户认证方案 '匿名'。身份验证标头 从服务器收到了 '协商,NTLM'。
服务器堆栈跟踪:
在
System.ServiceModel.Channels.HttpChannelUtilities.ValidateAuthentication(HttpWebRequest的 请求,HttpWebResponse响应, WebException responseException, HttpChannelFactory工厂)
HTTP请求未经授权与客户端 认证方案'匿名'。该 收到的身份验证标头 服务器是'Negotiate,NTLM'。
服务器堆栈跟踪:
在
System.ServiceModel.Channels.HttpChannelUtilities.ValidateAuthentication(HttpWebRequest的 请求,HttpWebResponse响应, WebException responseException, HttpChannelFactory工厂)
客户端绑定:
<bindings>
<wsHttpBinding>
<binding name="WSHttpBinding_IServiceMagicService" closeTimeout="00:01:00"
openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00"
bypassProxyOnLocal="false" transactionFlow="false" hostNameComparisonMode="StrongWildcard"
maxBufferPoolSize="524288" maxReceivedMessageSize="65536"
messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true"
allowCookies="false">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
maxBytesPerRead="4096" maxNameTableCharCount="16384" />
<reliableSession ordered="true" inactivityTimeout="00:10:00"
enabled="false" />
<security mode="None">
<transport clientCredentialType="Windows" proxyCredentialType="None"
realm="" />
<message clientCredentialType="Windows" negotiateServiceCredential="true"
establishSecurityContext="true" />
</security>
</binding>
</wsHttpBinding>
</bindings>
服务器绑定:
<bindings>
<wsHttpBinding>
<binding name="WSHttpBinding_SEOService" closeTimeout="00:10:00" openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:10:00" bypassProxyOnLocal="true" transactionFlow="false" hostNameComparisonMode="StrongWildcard" maxBufferPoolSize="999524288" maxReceivedMessageSize="655360000" messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true" allowCookies="false">
<readerQuotas maxDepth="32" maxStringContentLength="900000" maxArrayLength="900000" maxBytesPerRead="900000" maxNameTableCharCount="900000" />
<reliableSession ordered="true" inactivityTimeout="00:10:00" enabled="false" />
<security mode="None">
<transport clientCredentialType="Windows" proxyCredentialType="None" realm="" />
<message clientCredentialType="Windows" negotiateServiceCredential="true" establishSecurityContext="true" />
</security>
</binding>
<binding name="WSHttpServiceMagicBinding" closeTimeout="00:10:00" openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:10:00" bypassProxyOnLocal="true" transactionFlow="false" hostNameComparisonMode="StrongWildcard" maxBufferPoolSize="999524288" maxReceivedMessageSize="655360000" messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true" allowCookies="false">
<readerQuotas maxDepth="32" maxStringContentLength="900000" maxArrayLength="900000" maxBytesPerRead="900000" maxNameTableCharCount="900000"/>
<reliableSession ordered="true" inactivityTimeout="00:10:00" enabled="false"/>
<security mode="None">
<transport clientCredentialType="Windows" proxyCredentialType="None" realm=""/>
<message clientCredentialType="Windows" negotiateServiceCredential="true" establishSecurityContext="true"/>
</security>
</binding>
</wsHttpBinding>
</bindings>
客户的客户部分:
<client>
<endpoint address="http://hydwebd02.solutions.com/GeoService.Saveology.com/ServiceMagicService.svc"
binding="wsHttpBinding" bindingConfiguration="WSHttpBinding_IServiceMagicService"
contract="IServiceMagicService" name="WSHttpBinding_IServiceMagicService" />
</client>
服务器服务部分:
<services>
<service behaviorConfiguration="GeoService.Saveology.com.CityStateServiceProviderBehavior"
name="GeoService.Saveology.com.CityStateServiceProvider">
<endpoint binding="wsHttpBinding" bindingConfiguration="WSHttpBinding_SEOService"
contract="SEO.Common.ServiceContract.ICityStateService" />
<endpoint address="mex" binding="mexHttpBinding" bindingConfiguration=""
contract="IMetadataExchange" />
</service>
<service behaviorConfiguration="GeoService.Saveology.com.ServiceMagicServiceProviderBehavior"
name="GeoService.Saveology.com.ServiceMagicServiceProvider">
<endpoint binding="wsHttpBinding" bindingConfiguration="WSHttpServiceMagicBinding"
contract="SEO.Common.ServiceContract.IServiceMagicService">
</endpoint>
<endpoint address="mex" binding="mexHttpBinding" bindingConfiguration="" contract="IMetadataExchange" />
</service>
</services>
答案 0 :(得分:80)
我无法控制我正在调用的服务的安全配置,但是遇到了同样的错误。我能够按如下方式修复我的客户端。
在配置中,设置安全模式:
<security mode="TransportCredentialOnly">
<transport clientCredentialType="Windows" proxyCredentialType="None" realm="" />
<message clientCredentialType="UserName" algorithmSuite="Default" />
</security>
在代码中,将代理类设置为允许模拟(我添加了对名为customer的服务的引用):
Customer_PortClient proxy = new Customer_PortClient();
proxy.ClientCredentials.Windows.AllowedImpersonationLevel =
System.Security.Principal.TokenImpersonationLevel.Impersonation;
答案 1 :(得分:9)
我有类似的问题,你试过了吗?
proxy.ClientCredentials.Windows.AllowedImpersonationLevel =
System.Security.Principal.TokenImpersonationLevel.Impersonation;
答案 2 :(得分:6)
我看到这还没有回答,这是一个确切的引用from here:
WSHttpBinding将尝试在SSP层执行内部协商。为了使其成功,您需要在IIS中为VDir允许匿名。默认情况下,WCF将为SPNEGO创建窗口凭据。在IIS层允许匿名不允许任何人进入,它将推迟到WCF堆栈。
我通过以下方式找到了这个:http://fczaja.blogspot.com/2009/10/http-request-is-unauthorized-with.html
答案 3 :(得分:6)
我发现此错误的另一种可能的解决方案。可能没有回答OP的确切问题,但可能会帮助那些偶然发现此错误消息的人。
我正在使用WebHttpBinding在代码中创建我的客户端,以便复制以下行:
<security mode="TransportCredentialOnly">
<transport clientCredentialType="Windows" proxyCredentialType="Windows" />
</security>
我必须这样做:
var binding = new WebHttpBinding(WebHttpSecurityMode.TransportCredentialOnly);
binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Windows;
binding.Security.Transport.ProxyCredentialType = HttpProxyCredentialType.Windows;
以及设置proxy.ClientCredentials.Windows.AllowedImpersonationLevel = System.Security.Principal.TokenImpersonationLevel.Impersonation;
答案 4 :(得分:4)
我遇到了类似的问题并尝试了上面提到的所有内容。然后我尝试将clientCreditialType更改为Basic,一切正常。
<basicHttpBinding>
<binding name="BINDINGNAMEGOESHERE" >
<security mode="TransportCredentialOnly">
<transport clientCredentialType="Basic"></transport>
</security>
</binding>
</basicHttpBinding>
答案 5 :(得分:3)
以下是我必须做的工作才能实现这一目标。这意味着:
我的网站是通过DotNetPanel管理的。它有3个虚拟目录安全选项:
只需要“允许匿名访问”(虽然,这本身还不够)。
设置
proxy.ClientCredentials.Windows.AllowedImpersonationLevel = System.Security.Principal.TokenImpersonationLevel.Impersonation;
对我的情况没有任何影响。
但是,使用此绑定有效:
<security mode="TransportWithMessageCredential">
<transport clientCredentialType="Windows" />
<message clientCredentialType="UserName" />
</security>
答案 6 :(得分:1)
尝试在您的客户端提供用户名和密码,如下所示
client.ClientCredentials.UserName.UserName = @“Domain \ username”; client.ClientCredentials.UserName.Password =“password”;
答案 7 :(得分:0)
在开发机器上遇到这个问题(生产工作正常)。我在IIS中修改我的配置以允许匿名访问并将我的名字和密码作为凭证。
不是我确定的最佳方式,但它可用于测试目的。
答案 8 :(得分:0)
我在将服务调用外部服务到azure中的登台环境之后,今天遇到了同样的错误。本地服务称为外部服务没有错误,但在部署之后它没有。
最后,结果证明外部服务具有IP验证。 Azure中的新环境有另一个IP,但它被拒绝了。
因此,如果您在调用外部服务时遇到此错误
可能是IP限制。
答案 9 :(得分:0)
我也遇到了这个错误,最终这些代码在 dot net core 3.1
中对我有用首先在命令提示符下安装 svcutil :dotnet工具安装--global dotnet-svcutil
然后关闭命令提示符,然后再次将其打开。
然后在命令提示符下创建 Reference.cs :
dotnet-svcutil http://YourService.com/SayHello.svc
(需要输入密钥以及用户名和密码)
将名为 Connected Services 的文件夹添加到项目根目录。
将副本复制到Connected Services文件夹。
在创建BasicHttpBinding并设置MaxBufferSize的行之后,将这些 4行添加到Reference.cs中:
result.Security.Mode = BasicHttpSecurityMode.TransportCredentialOnly;
result.Security.Transport.ClientCredentialType = HttpClientCredentialType.Basic;
result.Security.Transport.ProxyCredentialType = HttpProxyCredentialType.None;
result.Security.Message.ClientCredentialType = BasicHttpMessageCredentialType.UserName;
在Controller中使用此服务:
public async Task<string> Get()
{
try
{
var client = new EstelamClient();
client.ClientCredentials.UserName.UserName = "YourUserName";
client.ClientCredentials.UserName.Password = "YourPassword";
var res = await client.EmployeeCheckAsync("service parameters");
return res.ToString();
}
catch (Exception ex)
{
return ex.Message + " ************ stack : " + ex.StackTrace;
}
}
不要忘记在.cshtml中安装这些软件包:
<PackageReference Include="System.ServiceModel.Duplex" Version="4.6.*" />
<PackageReference Include="System.ServiceModel.Http" Version="4.6.*" />
<PackageReference Include="System.ServiceModel.NetTcp" Version="4.6.*" />
<PackageReference Include="System.ServiceModel.Security" Version="4.6.*" />