Question

我有一个WCF服务迁移到.Net framework 4.5，它安装在IIS 7.0中。我可以在浏览器中浏览该服务。但是，当我在控制台应用程序中引用服务并尝试调用其中的方法时，我收到错误“访问被拒绝”。下面是我正在使用的堆栈跟踪和web.config设置。

System.ServiceModel.Security.SecurityAccessDeniedException was unhandled
  HResult=-2146233087
  Message=Access is denied.
  Source=mscorlib
  StackTrace:
    Server stack trace: 
       at System.ServiceModel.Channels.ServiceChannel.ThrowIfFaultUnderstood(Message reply, MessageFault fault, String action, MessageVersion version, FaultConverter faultConverter)
       at System.ServiceModel.Channels.ServiceChannel.HandleReply(ProxyOperationRuntime operation, ProxyRpc& rpc)
       at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)
       at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)
       at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)
    Exception rethrown at [0]: 
       at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)
       at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
       at ConsoleApplication1.sharedservice.IShared.ProcessRequest(ProcessRequestRequest request)
       at ConsoleApplication1.sharedservice.SharedClient.ConsoleApplication1.sharedservice.IShared.ProcessRequest(ProcessRequestRequest request) in c:\Users\vijayara\Documents\Visual Studio 2012\Projects\ConsoleApplication1\ConsoleApplication1\Service References\sharedservice\Reference.cs:line 214
       at ConsoleApplication1.sharedservice.SharedClient.ProcessRequest(String RuleName, String RequestMessage, Int32 WaitTime, Int32 ChannelID, Int32 PassThruMode, Int32 MaxResponseSize, Int32 MaxErrorText, Int32& ActualResponseSize, String& Response, Int32& ActualErrorTextSize, String& ErrorText) in c:\Users\vijayara\Documents\Visual Studio 2012\Projects\ConsoleApplication1\ConsoleApplication1\Service References\sharedservice\Reference.cs:line 226
       at ConsoleApplication1.Program.Main(String[] args) in c:\Users\vijayara\Documents\Visual Studio 2012\Projects\ConsoleApplication1\ConsoleApplication1\Program.cs:line 22
       at System.AppDomain._nExecuteAssembly(RuntimeAssembly assembly, String[] args)
       at System.AppDomain.ExecuteAssembly(String assemblyFile, Evidence assemblySecurity, String[] args)
       at Microsoft.VisualStudio.HostingProcess.HostProc.RunUsersAssembly()
       at System.Threading.ThreadHelper.ThreadStart_Context(Object state)
       at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
       at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
       at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)
       at System.Threading.ThreadHelper.ThreadStart()
  InnerException: 

<configuration>
  <appSettings/>
  <connectionStrings/>
    <system.web>
    <compilation debug="false" targetFramework="4.5">

          <assemblies>
            <add assembly="System.Core, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/>
            <add assembly="System.Web.Extensions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
          </assemblies>

        </compilation>
        <authentication mode="Windows" />
    <pages controlRenderingCompatibilityVersion="4.0">
        <controls>
          <add tagPrefix="asp" namespace="System.Web.UI" assembly="System.Web.Extensions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
        </controls>
      </pages>

      <httpHandlers>
        <remove verb="*" path="*.asmx"/>
        <add verb="*" path="*.asmx" validate="false" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
        <add verb="*" path="*_AppService.axd" validate="false" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
        <add verb="GET,HEAD" path="ScriptResource.axd" type="System.Web.Handlers.ScriptResourceHandler, System.Web.Extensions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" validate="false"/>
      </httpHandlers>
      <httpModules>
        <add name="ScriptModule" type="System.Web.Handlers.ScriptModule, System.Web.Extensions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
      </httpModules>


    </system.web>
    <system.webServer>
      <validation validateIntegratedModeConfiguration="false"/>
      <modules>
        <add name="ScriptModule" preCondition="integratedMode" type="System.Web.Handlers.ScriptModule, System.Web.Extensions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
      </modules>
      <handlers>
        <remove name="WebServiceHandlerFactory-Integrated"/>
      <add name="ScriptHandlerFactory" verb="*" path="*.asmx" preCondition="integratedMode" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
      <add name="ScriptHandlerFactoryAppServices" verb="*" path="*_AppService.axd" preCondition="integratedMode" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
        <add name="ScriptResource" preCondition="integratedMode" verb="GET,HEAD" path="ScriptResource.axd" type="System.Web.Handlers.ScriptResourceHandler, System.Web.Extensions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
      </handlers>
    </system.webServer>


  <system.serviceModel>
    <serviceHostingEnvironment aspNetCompatibilityEnabled="false" />
    <services>
      <service behaviorConfiguration="Access_Shared_WCF.SharedBehavior" name="Access_Shared_WCF.Shared">
        <endpoint address="" binding="basicHttpBinding" contract="Access_Shared_WCF.IShared">
          <identity>
            <dns value="localhost" />
          </identity>
        </endpoint>
        <endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" />
        <host>
          <baseAddresses>
            <add baseAddress="http/localhost/Access_Shared_WCF/Shared" />
          </baseAddresses>
        </host>
      </service>
    </services>
    <behaviors>
      <serviceBehaviors>
        <behavior name="Access_Shared_WCF.SharedBehavior">
          <serviceMetadata httpGetEnabled="true"/>
          <!-- To receive exception details in faults for debugging purposes, set the value below to true.  Set to false before deployment to avoid disclosing exception information -->
          <serviceDebug includeExceptionDetailInFaults="false"/>
        </behavior>
      </serviceBehaviors>
    </behaviors>
  </system.serviceModel>
</configuration>

Answer 1

我有与WCF类似的问题。问题是我的appPool帐户没有IIS生成的程序集的权限，用于“影子副本”。我使用procmon http://technet.microsoft.com/cs-cz/sysinternals/bb896645.aspx跟踪它，过滤到IIS进程名称“w3wp.exe”，状态为“拒绝访问”。然后再次调用服务并检查procmon输出哪些文件有此问题。

我在c：\ windows \ temp \ Microsoft.Generated.dll上访问了deniend，所以我删除了它，再次调用并生成了新的一个并且一切正常。

另一个选项是将“更强”的用户身份设置为appPool，例如LocalService（appPool - ＆gt;高级设置 - ＆gt; Indetitiy - ＆gt;预定义帐户 - ＆gt;本地服务）

但使用procmon的解决方案更有趣： - ）

Answer 2

有很多原因可以解决此错误。我遇到的时间是将wcf方法保护为特定的AD角色：

在Web服务客户端上设置ClientCredentials。这可能很挑剔，并且对客户端连接执行某些操作可能会导致您丢失凭据。
在设置ClientCredentials之前设置InnerChannel.OperationTimeout将清除ClientCredentials（我知道的很奇怪，但我测试了很多次）。

Answer 3

我相信这可能是服务尝试使用事件日志来记录信息的问题。事件日志不存在，应用程序池标识伪用户没有创建事件日志的权限。因此，使用高特权帐户的建议通过允许创建它来解决问题。也许可以简单地将用户切换到高帐户运行，然后再切换回常规。

如果您知道需要创建的内容，也可以使用 powershell 直接创建事件日志（请注意，查看任何 .NET 应用程序或 dll 的源通常很容易找到用于使用的常量字符串名称）

>

 New-EventLog -source "My.Name.Space" -logname "MyApplicationName"

来源：https://robertgreiner.com/wcf-azure-service-bus-access-is-denied-exception/

访问被拒绝访问WCF服务时出错

3 个答案: