某些用户的WCF错误

时间:2013-05-02 20:19:49

标签: wcf wcf-binding wcf-security

我有一个Silverlight应用程序,它使用了一些WCF服务。当我运行silverlight应用程序时,一切正常。另一个人可以使用它,但是,大多数用户都会收到错误。

“尝试向URI'xxxxx发出请求时发生错误'。这可能是由于尝试以跨域方式访问服务而没有适当的跨域策略,或者策略是您可能需要联系服务的所有者以发布跨域策略文件,并确保它允许发送与SOAP相关的HTTP标头。此错误也可能是由于在Web中使用内部类型引起的不使用InternalsVisibleToAttribute属性的服务代理。请参阅内部异常以获取更多详细信息。“

我启用了WCF跟踪,并在这些用户访问我的Silverlight应用时发现了一些错误:

1)找不到配置评估上下文。 2)内容类型应用/ soap + xml; charset = utf-8被发送到期望text / xml的服务;字符集= UTF-8

以下是我的配置文件:

WCF的服务器配置:

    <?xml version="1.0"?>
<configuration>
    <system.diagnostics>
        <sources>
            <source name="System.ServiceModel"
                    switchValue="All"
                    propagateActivity="true">
                <listeners>
                    <add name="traceListener"
                        type="System.Diagnostics.XmlWriterTraceListener"
                        initializeData= "c:\log\Traces.svclog" />
                </listeners>
            </source>
        </sources>
    </system.diagnostics>
  <system.web>
    <compilation debug="true" targetFramework="4.0" />
      <authentication mode="Windows"/>
      <identity impersonate="false"/>
      <customErrors mode="Off" />
  </system.web>
    <appSettings>

    </appSettings>
    <system.serviceModel>
        <behaviors>
            <serviceBehaviors>
                <behavior>
                    <!-- To avoid disclosing metadata information, set the value below to false and remove the metadata endpoint above before deployment -->
                    <serviceMetadata httpGetEnabled="true"/>
                    <!-- To receive exception details in faults for debugging purposes, set the value below to true.  Set to false before deployment to avoid disclosing exception information -->
                    <serviceDebug includeExceptionDetailInFaults="true"/>
                </behavior>
            </serviceBehaviors>
        </behaviors>
        <serviceHostingEnvironment multipleSiteBindingsEnabled="true" />
    </system.serviceModel>
 <system.webServer>
    <modules runAllManagedModulesForAllRequests="true"/>
  </system.webServer>

</configuration>

以下是我在Silverlight中的客户端配置:

<configuration>
    <system.serviceModel>
        <bindings>
            <basicHttpBinding>
                <binding name="BasicHttpBinding_ISLtoCRM" maxBufferSize="2147483647"
                    maxReceivedMessageSize="2147483647">
                    <security mode="None" />
                </binding>
                <binding name="BasicHttpBinding_ISLtoSQL" maxBufferSize="2147483647"
                    maxReceivedMessageSize="2147483647">
                    <security mode="None" />
                </binding>
            </basicHttpBinding>
        </bindings>
        <client>
            <endpoint address="http://xxxx.svc" binding="basicHttpBinding"
                bindingConfiguration="BasicHttpBinding_ISLtoCRM" contract="SLCRMSrvc.ISLtoCRM"
                name="BasicHttpBinding_ISLtoCRM" />
            <endpoint address="http://yyyy.svc" binding="basicHttpBinding"
                bindingConfiguration="BasicHttpBinding_ISLtoSQL" contract="SLSQLSrvc.ISLtoSQL"
                name="BasicHttpBinding_ISLtoSQL" />
        </client>
    </system.serviceModel>
</configuration>

WCF服务托管在Windows Server 2008 R2上的IIS 6.1中。应用程序池设置为在特定用户下运行。托管管道模式是经典的,并且在IIS中的站点上启用了匿名身份验证。所有其他身份验证都已禁用。

任何帮助解决这个问题?不知道为什么我自己和另一个用户可以访问该应用程序,但大多数用户不能。这是一个安全问题,或者我是如何创建WCF服务的?

WCF的更新服务器配置:

<?xml version="1.0"?>
<configuration>
    <system.diagnostics>
        <sources>
            <source name="System.ServiceModel"
                    switchValue="All"
                    propagateActivity="true">
                <listeners>
                    <add name="traceListener"
                        type="System.Diagnostics.XmlWriterTraceListener"
                        initializeData= "c:\log\Traces.svclog" />
                </listeners>
            </source>
        </sources>
    </system.diagnostics>
  <system.web>
    <compilation debug="true" targetFramework="4.0" />
      <customErrors mode="Off" />

      <authentication mode="Windows" />

  </system.web>
    <appSettings>

    </appSettings>
    <system.serviceModel>       
        <bindings>
            <basicHttpBinding>
                <binding name="MyBinding">
                    <security mode="TransportCredentialOnly">
                        <transport clientCredentialType="Windows" proxyCredentialType="None" realm="" />
                    </security>
                </binding>
            </basicHttpBinding>
        </bindings>
        <services>
            <service name="CRMWCF.SLtoCRM" behaviorConfiguration="CRMBehavior">
                <endpoint address="" binding="basicHttpBinding" bindingConfiguration="MyBinding" contract="CRMWCF.ISLtoCRM" />
            </service>
            <service name="CRMWCF.SLtoSQL" behaviorConfiguration="CRMBehavior">
                <endpoint address="" binding="basicHttpBinding" bindingConfiguration="MyBinding" contract="CRMWCF.ISLtoSQL" />
            </service>
        </services>
        <behaviors>
            <serviceBehaviors>
                <behavior name="CRMBehavior">
                    <!-- To avoid disclosing metadata information, set the value below to false and remove the metadata endpoint above before deployment -->
                    <serviceMetadata httpGetEnabled="true"/>
                    <!-- To receive exception details in faults for debugging purposes, set the value below to true.  Set to false before deployment to avoid disclosing exception information -->
                    <serviceDebug includeExceptionDetailInFaults="true"/>
                </behavior>
            </serviceBehaviors>
        </behaviors>

        <serviceHostingEnvironment multipleSiteBindingsEnabled="true" />
    </system.serviceModel>
 <system.webServer>
     <httpProtocol>
         <customHeaders>
             <add name="Access-Control-Allow-Origin" value="*"/>
             <add name="Access-Control-Allow-Method" value="GET,PUT,POST,DELETE,OPTIONS"/>
             <add name="Access-Control-Allow-Headers" value="Content-Type"/>
         </customHeaders>
     </httpProtocol>
     <modules runAllManagedModulesForAllRequests="true"/>
  </system.webServer>

</configuration>

1 个答案:

答案 0 :(得分:1)

很常见的问题。您将需要clientaccesspolicy.xml和crossdomain.xml。

http://msdn.microsoft.com/en-us/library/cc197955(v=vs.95).aspx