我们在自定义绑定上设置安全性,如下所示:
var lSecurity = lCustomBinding.Elements.Find<TransportSecurityBindingElement>();
lSecurity.LocalClientSettings.DetectReplays = false;
lSecurity.LocalServiceSettings.DetectReplays = false;
lSecurity.LocalClientSettings.TimestampValidityDuration = TimeSpan.FromDays(7);
lSecurity.LocalServiceSettings.TimestampValidityDuration = TimeSpan.FromDays(7);
lSecurity.LocalClientSettings.MaxClockSkew = TimeSpan.FromDays(7);
lSecurity.LocalServiceSettings.MaxClockSkew = TimeSpan.FromDays(7);
现在我们发现,如果我们通过将客户端设置回从现在到7天的任何地方来测试上述内容,那么它可以工作。但是,当我们将客户设置为未来9个小时以上时,我们会遇到例外情况。
我们发现的唯一一件事就是在另一个帖子的末尾有一些模糊的引用:
http://social.msdn.microsoft.com/Forums/en/wcf/thread/7c3a7a7e-b9a5-4198-9a29-c6d4e408d36d
有人有什么想法吗?
更新 我们得到的例外现在在下面添加。似乎服务器拒绝客户端消息:
System.ServiceModel.Security.MessageSecurityException occurred
Message=An unsecured or incorrectly secured fault was received from the other party. See the inner FaultException for the fault code and detail.
Source=mscorlib
StackTrace:
Server stack trace:
at System.ServiceModel.Channels.SecurityChannelFactory`1.SecurityRequestChannel.ProcessReply(Message reply, SecurityProtocolCorrelationState correlationState, TimeSpan timeout)
at System.ServiceModel.Channels.SecurityChannelFactory`1.SecurityRequestChannel.Request(Message message, TimeSpan timeout)
at System.ServiceModel.Security.SecuritySessionSecurityTokenProvider.DoOperation(SecuritySessionOperation operation, EndpointAddress target, Uri via, SecurityToken currentToken, TimeSpan timeout)
at System.ServiceModel.Security.SecuritySessionSecurityTokenProvider.RenewTokenCore(TimeSpan timeout, SecurityToken tokenToBeRenewed)
at System.IdentityModel.Selectors.SecurityTokenProvider.RenewToken(TimeSpan timeout, SecurityToken tokenToBeRenewed)
at System.ServiceModel.Security.SecuritySessionClientSettings`1.ClientSecuritySessionChannel.RenewKey(TimeSpan timeout)
at System.ServiceModel.Security.SecuritySessionClientSettings`1.ClientSecuritySessionChannel.SecureOutgoingMessage(Message& message, TimeSpan timeout)
at System.ServiceModel.Security.SecuritySessionClientSettings`1.ClientSecurityDuplexSessionChannel.Send(Message message, TimeSpan timeout)
at System.ServiceModel.Channels.ClientReliableChannelBinder`1.DuplexClientReliableChannelBinder`1.OnSend(TDuplexChannel channel, Message message, TimeSpan timeout)
at System.ServiceModel.Channels.ReliableChannelBinder`1.Send(Message message, TimeSpan timeout, MaskingMode maskingMode)
at System.ServiceModel.Channels.SendReceiveReliableRequestor.OnRequest(Message request, TimeSpan timeout, Boolean last)
at System.ServiceModel.Channels.ReliableRequestor.Request(TimeSpan timeout)
at System.ServiceModel.Channels.ClientReliableSession.Open(TimeSpan timeout)
at System.ServiceModel.Channels.ClientReliableDuplexSessionChannel.OnOpen(TimeSpan timeout)
at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)
at System.ServiceModel.Channels.ServiceChannel.OnOpen(TimeSpan timeout)
at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)
at System.ServiceModel.Channels.ServiceChannel.CallOpenOnce.System.ServiceModel.Channels.ServiceChannel.ICallOnce.Call(ServiceChannel channel, TimeSpan timeout)
at System.ServiceModel.Channels.ServiceChannel.CallOnceManager.CallOnce(TimeSpan timeout, CallOnceManager cascade)
at System.ServiceModel.Channels.ServiceChannel.EnsureOpened(TimeSpan timeout)
at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)
at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)
at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)
Exception rethrown at [0]:
at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)
at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
at CompuLoan.Maintenance.IMaintenanceService.IsLicensed(String pHardwareId, Boolean pUseLicense)
at CompuLoan.Maintenance.MaintenanceServiceClient.IsLicensed(String pHardwareId, Boolean pUseLicense) in C:\Development\compuloan\Source\CompuLoan\Service References\Maintenance\Reference.cs:line 5156
at CompuLoan.App.IsLicensed(Boolean pUseLicense) in C:\Development\compuloan\Source\CompuLoan\App.xaml.cs:line 365
InnerException: System.ServiceModel.FaultException
Message=The security context token is expired or is not valid. The message was not processed.
InnerException:
答案 0 :(得分:1)
这是会话密钥的到期,它与时间戳不同。例如,关闭establishSecurityContext(或不使用CreateSecureConversationSecurity),您不应该得到此异常。
否则尝试增加其他值,例如InactivityTimeout,IssuedCookieLifetime,NegotiationTimeout,SessionKeyRenewalInterval和SessionKeyRolloverInterval。
如果您打开服务器上的WCF跟踪并查看错误的确切堆栈跟踪,我们可以深入到确切的属性。