错误[a:InvalidSecurity] An error occurred when verifying security for the message.
我试着像这样打电话给我的服务。
PHP
<?php
$soapURL = "https://localhost:8888/wcf/?wsdl" ;
$soapParameters = Array('userName' => "user23", 'password' => "pass123") ;
$soapClient = new SoapClient($soapURL, $soapParameters);
var_dump($soapClient->GetVersion());
?>
我之前没有验证就让它工作了所以错误就在于PHP代码或我相信的WCF上的app.config中。
这是我的 app.config
<?xml version="1.0"?>
<configuration>
<system.serviceModel>
<services>
<service
behaviorConfiguration="MYDLL.Behavior"
name="MYDLL.WCFService">
<endpoint
address=""
binding="basicHttpBinding"
bindingConfiguration="UsernameAndSSL"
name="basicHttpBinding"
contract="MYDLL.IService"/>
<endpoint
address="mex"
binding="mexHttpsBinding"
bindingConfiguration=""
name="MexBinding"
contract="IMetadataExchange"/>
<host>
<baseAddresses>
<add baseAddress="https://localhost:8734/wcf/"/>
</baseAddresses>
</host>
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="MYDLL.Behavior">
<serviceMetadata httpsGetEnabled="true"/>
<serviceCredentials>
<userNameAuthentication userNamePasswordValidationMode="Custom" customUserNamePasswordValidatorType="MYDLL.CustomUserNameValidator, MYDLL"/>
<serviceCertificate findValue="localhost" storeLocation="LocalMachine" storeName="My" x509FindType="FindBySubjectName"/>
</serviceCredentials>
<useRequestHeadersForMetadataAddress />
</behavior>
</serviceBehaviors>
</behaviors>
<bindings>
<basicHttpBinding>
<binding name="UsernameAndSSL">
<security mode="TransportWithMessageCredential">
<transport clientCredentialType="Basic"/>
<message clientCredentialType="UserName"/>
</security>
</binding>
</basicHttpBinding>
</bindings>
</system.serviceModel>
<startup>
<supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.0,Profile=Client"/>
</startup>
</configuration>
和 customusernamevalidator
public class CustomUserNameValidator : UserNamePasswordValidator
{
public override void Validate(string userName, string password)
{
Console.WriteLine("User validation succeeded (Username: {0}; Password: {1})", userName, password);
}
}
我不知道的是,如果故障在我的PHP代码或配置中。 consolewrite 没有运行,我只是得到那个invalidSecurity异常所以它似乎知道我有一个无法找到的customusernamevalidation?
答案 0 :(得分:4)
我在这个问题上挣扎了几个星期,最后让PHP客户端使用我的WCF服务进行身份验证。这种配置是我目前正在制作的。
首先,您必须启用匿名身份验证和基本身份验证。您必须打开Anonymous,以便客户端在进行身份验证之前可以读取WSDL。即使启用了匿名身份验证,他们也无法在未经过身份验证的情况下使用您的服务。
将它放在您的web.config中或直接启用IIS中的匿名和基本身份验证:
<security>
<authentication>
<anonymousAuthentication enabled="true" />
<basicAuthentication enabled="true" />
</authentication>
</security>
然后设置WCF安全性以使用基本身份验证和传输安全性:
<bindings>
<basicHttpBinding>
<binding name="SSLBinding">
<security mode="Transport">
<transport clientCredentialType="Basic" />
</security>
</binding>
</basicHttpBinding>
</bindings>
这是我的行为:
<behaviors>
<serviceBehaviors>
<behavior name="SSLBehavior">
<serviceMetadata httpsGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
<serviceSecurityAudit auditLogLocation="Application"
serviceAuthorizationAuditLevel="Failure"
messageAuthenticationAuditLevel="Failure"
suppressAuditFailure="true" />
</behavior>
</serviceBehaviors>
</behaviors>
使用它来装饰你的方法来控制谁可以访问:
[PrincipalPermission(SecurityAction.Demand, Role = @"DOMAIN\ActiveDirectoryGroup")]
使用此设置,PHP客户端应该能够获得WSDL,然后在授权后调用您的方法:
$url = 'https://domain.com/service.svc?wsdl';
$username = 'username';
$password = 'password';
$options = array(
'login' => $username,
'password' => $password,
'soap_version' => SOAP_1_1,
'exceptions' => true,
'trace' => 1,
'cache_wsdl' => WSDL_CACHE_NONE,
'compression' => SOAP_COMPRESSION_ACCEPT | SOAP_COMPRESSION_GZIP,
'connection_timeout' => 60
);
$client = new SoapClient($url, $options);
$obj = new YourObject();
$obj->MyProperty = 'Test';
$obj->MyOtherProperty = 'Testing';
$result = $client->WCFMethodName(array('paramName' => $obj));
PHP代码中的参数名称与WCF参数名称完全匹配(区分大小写)非常重要。