由STS IssuedToken保护的WCF服务 - 配置问题

时间:2012-06-11 10:04:01

标签: .net wcf web-services wcf-binding wcf-security

我正在尝试创建使用STS IssuedToken保护的WCF dotnet服务。 STS由X509担保。

以下是依赖方的配置,我正在使用自定义绑定。我是否需要在custombinding中在发行者中添加身份?

我的行为配置是否合适? 请帮忙。

<?xml version="1.0"?>
 <configuration>
 <system.serviceModel>
 <services>
   <service name="EnterpriseServices.X509.EchoService">
     <endpoint address="" binding="customBinding" bindingConfiguration="stsBinding" contract="EnterpriseServices.IEchoService"/>
   </service>
 </services>

<bindings>    
  <customBinding>
    <binding name="stsBinding">
      <security authenticationMode="IssuedToken" securityHeaderLayout="Lax" requireDerivedKeys="false" >
        <issuedTokenParameters keyType="SymmetricKey" tokenType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1" >
          <issuer address="http://sts_hostname/SenderVouches.svc/app">
          </issuer>
          <issuerMetadata address="http://sts_hostname/SenderVouches.svc/mex"></issuerMetadata>
        </issuedTokenParameters>
      </security>
      <httpTransport></httpTransport>
    </binding>
  </customBinding>
</bindings>

<behaviors>
  <serviceBehaviors>
    <behavior>
      <serviceDebug includeExceptionDetailInFaults="true"/>
      <serviceCredentials>   
        <issuedTokenAuthentication certificateValidationMode="None" revocationMode="NoCheck">
          <allowedAudienceUris>
            <add allowedAudienceUri="https://rp_hostname/"/>
          </allowedAudienceUris>
        </issuedTokenAuthentication>
        <clientCertificate>
          <authentication certificateValidationMode="None" revocationMode="NoCheck"/>
        </clientCertificate>
      </serviceCredentials>
    </behavior>
  </serviceBehaviors>
 </behaviors>
 </system.serviceModel>
</configuration>

以下是服务器端收到的异常。从metro-java客户端访问,它是使用服务提供的wsdl生成的。

    <E2ETraceEvent xmlns="http://schemas.microsoft.com/2004/06/E2ETraceEvent">
    <System xmlns="http://schemas.microsoft.com/2004/06/windows/eventlog/system">
    <EventID>131075</EventID>
    <Type>3</Type>
    <SubType Name="Error">0</SubType>
    <Level>2</Level>
    <TimeCreated SystemTime="2012-06-11T13:49:34.3816111Z" />
    <Source Name="System.ServiceModel" />
    <Correlation ActivityID="{d15dc2ee-5be8-4a1f-8690-748979c0a0e3}" />
    <Execution ProcessName="w3wp" ProcessID="944" ThreadID="8" />
    <Channel />
    <Computer>CH10</Computer>
    </System>
    <ApplicationData>
    <TraceData>
    <DataItem>
    <TraceRecord xmlns="http://schemas.microsoft.com/2004/10/E2ETraceEvent/TraceRecord" Severity="Error">
    <TraceIdentifier>http://msdn.microsoft.com/en-US/library/System.ServiceModel.Diagnostics.ThrowingException.aspx</TraceIdentifier>
    <Description>Throwing an exception.</Description>
    <AppDomain>/LM/W3SVC/3/ROOT-1-129838961736527071</AppDomain>
    <Exception>
    <ExceptionType>System.ServiceModel.ProtocolException, System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</ExceptionType>
    <Message>There is a problem with the XML that was received from the network. See inner exception for more details.</Message>
    <StackTrace>
    at System.ServiceModel.Channels.HttpRequestContext.CreateMessage()
    at System.ServiceModel.Channels.HttpChannelListener.HttpContextReceived(HttpRequestContext context, Action callback)
    at System.ServiceModel.Activation.HostedHttpTransportManager.HttpContextReceived(HostedHttpRequestAsyncResult result)
    at System.ServiceModel.Activation.HostedHttpRequestAsyncResult.HandleRequest()
    at System.ServiceModel.Activation.HostedHttpRequestAsyncResult.BeginRequest()
    at System.ServiceModel.Activation.HostedHttpRequestAsyncResult.OnBeginRequest(Object state)
    at System.Runtime.IOThreadScheduler.ScheduledOverlapped.IOCallback(UInt32 errorCode, UInt32 numBytes, NativeOverlapped* nativeOverlapped)
    at System.Runtime.Fx.IOCompletionThunk.UnhandledExceptionFrame(UInt32 error, UInt32 bytesRead, NativeOverlapped* nativeOverlapped)
    at System.Threading._IOCompletionCallback.PerformIOCompletionCallback(UInt32 errorCode, UInt32 numBytes, NativeOverlapped* pOVERLAP)
    </StackTrace>
    <ExceptionString>System.ServiceModel.ProtocolException: There is a problem with the XML that was received from the network. See inner exception for more details. ---&gt; System.Xml.XmlException: The body of the message cannot be read because it is empty.
       --- End of inner exception stack trace ---</ExceptionString>
    <InnerException>
    <ExceptionType>System.Xml.XmlException, System.Xml, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</ExceptionType>
    <Message>The body of the message cannot be read because it is empty.</Message>
    <StackTrace>
    at System.ServiceModel.Channels.HttpRequestContext.CreateMessage()
    at System.ServiceModel.Channels.HttpChannelListener.HttpContextReceived(HttpRequestContext context, Action callback)
    at System.ServiceModel.Activation.HostedHttpTransportManager.HttpContextReceived(HostedHttpRequestAsyncResult result)
    at System.ServiceModel.Activation.HostedHttpRequestAsyncResult.HandleRequest()
    at System.ServiceModel.Activation.HostedHttpRequestAsyncResult.BeginRequest()
    at System.ServiceModel.Activation.HostedHttpRequestAsyncResult.OnBeginRequest(Object state)
    at System.Runtime.IOThreadScheduler.ScheduledOverlapped.IOCallback(UInt32 errorCode, UInt32 numBytes, NativeOverlapped* nativeOverlapped)
    at System.Runtime.Fx.IOCompletionThunk.UnhandledExceptionFrame(UInt32 error, UInt32 bytesRead, NativeOverlapped* nativeOverlapped)
    at System.Threading._IOCompletionCallback.PerformIOCompletionCallback(UInt32 errorCode, UInt32 numBytes, NativeOverlapped* pOVERLAP)
    </StackTrace>
    <ExceptionString>System.Xml.XmlException: The body of the message cannot be read because it is empty.</ExceptionString>
    </InnerException>
    </Exception>
    </TraceRecord>
    </DataItem>
    </TraceData>
    </ApplicationData>
    </E2ETraceEvent>

1 个答案:

答案 0 :(得分:0)

我首先要在服务器上添加一些跟踪,这可能会帮助你弄清楚出了什么问题。

将此添加到您的服务器应用配置:

 <system.diagnostics>
    <sources>
      <source name="Microsoft.IdentityModel" switchValue="Verbose">
        <listeners>
          <add name="xml" type="System.Diagnostics.XmlWriterTraceListener"
               initializeData="c:\temp\WIF.svclog" />
        </listeners>
      </source>
      <source name="System.ServiceModel.MessageLogging" switchValue="Verbose">
        <listeners>
          <add name="xml" type="System.Diagnostics.XmlWriterTraceListener"
               initializeData="c:\temp\WCF.svclog" />
        </listeners>
      </source>
    </sources>
    <trace autoflush="true" />
  </system.diagnostics>

然后发布服务器在此处创建的异常。