WCF Windows身份验证无法正常工作

时间:2013-05-02 20:44:19

标签: wcf wcf-security

我已经创建了一个WCF服务,我正在尝试将其设置为禁用匿名访问。尝试在应用程序中添加服务引用时出现以下错误:

此服务的安全设置需要“匿名”身份验证,但不会为承载此服务的IIS应用程序启用此功能。

以下是我的WCF服务的配置文件:

<?xml version="1.0"?>
<configuration>
    <system.diagnostics>
        <sources>
            <source name="System.ServiceModel"
                    switchValue="All"
                    propagateActivity="true">
                <listeners>
                    <add name="traceListener"
                        type="System.Diagnostics.XmlWriterTraceListener"
                        initializeData= "c:\log\Traces.svclog" />
                </listeners>
            </source>
        </sources>
    </system.diagnostics>
  <system.web>
    <compilation debug="true" targetFramework="4.0" />
      <authentication mode="Windows"/>
      <customErrors mode="Off" />
  </system.web>
    <appSettings>

    </appSettings>
    <system.serviceModel>
        <bindings>
            <basicHttpBinding>
                <binding name="MyBinding">
                    <security mode="TransportCredentialOnly">
                        <transport clientCredentialType="Windows" />
                    </security>
                </binding>
            </basicHttpBinding>
        </bindings>
        <behaviors>
            <serviceBehaviors>
                <behavior>
                    <!-- To avoid disclosing metadata information, set the value below to false and remove the metadata endpoint above before deployment -->
                    <serviceMetadata httpGetEnabled="true"/>
                    <!-- To receive exception details in faults for debugging purposes, set the value below to true.  Set to false before deployment to avoid disclosing exception information -->
                    <serviceDebug includeExceptionDetailInFaults="true"/>
                </behavior>
            </serviceBehaviors>
        </behaviors>
        <serviceHostingEnvironment multipleSiteBindingsEnabled="true" />
    </system.serviceModel>
 <system.webServer>
    <modules runAllManagedModulesForAllRequests="true"/>
  </system.webServer>

</configuration>

需要更改哪些内容才能使用Windows身份验证?

编辑 *

杰夫,这是我的错误消息:

The request failed with the error message:
--
<html>
    <head>
        <title>Security settings for this service require 'Anonymous' Authentication but it is not enabled for the IIS application that hosts this service.</title>
        <style>
            body {font-family:"Verdana";font-weight:normal;font-size: .7em;color:black;}
            p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
            b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
            H1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
            H2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
            pre {font-family:"Lucida Console";font-size: .9em}
            .marker {font-weight: bold; color: black;text-decoration: none;}
            .version {color: gray;}
            .error {margin-bottom: 10px;}
            .expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
        </style>
    </head>

    <body bgcolor="white">

        <span>
            <H1>
                Server Error in '/' Application.<hr width="100"% size="1" color="silver">
            </H1>

            <h2>
                <i>Security settings for this service require 'Anonymous' Authentication but it is not enabled for the IIS application that hosts this service.</i>
            </h2>
        </span>

        <font face="Arial, Helvetica, Geneva, SunSans-Regular, sans-serif ">

            <b> Description: </b>An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

            <br>
                <br>

                    <b> Exception Details: </b>System.NotSupportedException: Security settings for this service require 'Anonymous' Authentication but it is not enabled for the IIS application that hosts this service.<br>
                        <br>

                            <b>Source Error:</b>
                            <br>
                                <br>

                                    <table width="100"% bgcolor="#ffffcc">
                                        <tr>
                                            <td>
                                                <code>

                                                    An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.
                                                </code>

                                            </td>
                                        </tr>
                                    </table>

                                    <br>

                                        <b>Stack Trace:</b>
                                        <br>
                                            <br>

                                                <table width="100"% bgcolor="#ffffcc">
                                                    <tr>
                                                        <td>
                                                            <code>
                                                                <pre>

                                                                    [NotSupportedException: Security settings for this service require 'Anonymous' Authentication but it is not enabled for the IIS application that hosts this service.]
                                                                    System.ServiceModel.Activation.HostedAspNetEnvironment.ValidateHttpSettings(String virtualPath, Boolean isMetadataListener, Boolean usingDefaultSpnList, AuthenticationSchemes& supportedSchemes, ExtendedProtectionPolicy& extendedProtectionPolicy, String& realm) +198300
                                                                    System.ServiceModel.Channels.HttpChannelListener.ApplyHostedContext(String virtualPath, Boolean isMetadataListener) +104
                                                                    System.ServiceModel.Channels.HttpTransportBindingElement.BuildChannelListener(BindingContext context) +156
                                                                    System.ServiceModel.Channels.Binding.BuildChannelListener(Uri listenUriBaseAddress, String listenUriRelativeAddress, ListenUriMode listenUriMode, BindingParameterCollection parameters) +166
                                                                    System.ServiceModel.Description.DispatcherBuilder.MaybeCreateListener(Boolean actuallyCreate, Type[] supportedChannels, Binding binding, BindingParameterCollection parameters, Uri listenUriBaseAddress, String listenUriRelativeAddress, ListenUriMode listenUriMode, ServiceThrottle throttle, IChannelListener& result, Boolean supportContextSession) +393
                                                                    System.ServiceModel.Description.DispatcherBuilder.BuildChannelListener(StuffPerListenUriInfo stuff, ServiceHostBase serviceHost, Uri listenUri, ListenUriMode listenUriMode, Boolean supportContextSession, IChannelListener& result) +583
                                                                    System.ServiceModel.Description.DispatcherBuilder.InitializeServiceHost(ServiceDescription description, ServiceHostBase serviceHost) +2020
                                                                    System.ServiceModel.ServiceHostBase.InitializeRuntime() +82
                                                                    System.ServiceModel.ServiceHostBase.OnOpen(TimeSpan timeout) +64
                                                                    System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout) +789
                                                                    System.ServiceModel.HostingManager.ActivateService(String normalizedVirtualPath) +255
                                                                    System.ServiceModel.HostingManager.EnsureServiceAvailable(String normalizedVirtualPath) +1172

                                                                    [ServiceActivationException: The service '/SLtoCRM.svc' cannot be activated due to an exception during compilation.  The exception message is: Security settings for this service require 'Anonymous' Authentication but it is not enabled for the IIS application that hosts this service..]
                                                                    System.Runtime.AsyncResult.End(IAsyncResult result) +901424
                                                                    System.ServiceModel.Activation.HostedHttpRequestAsyncResult.End(IAsyncResult result) +178702
                                                                    System.Web.AsyncEventExecutionStep.OnAsyncEventCompletion(IAsyncResult ar) +107
                                                                </pre>
                                                            </code>

                                                        </td>
                                                    </tr>
                                                </table>

                                                <br>

                                                    <hr width="100"% size="1" color="silver">

                                                        <b>Version Information:</b> Microsoft .NET Framework Version:4.0.30319; ASP.NET Version:4.0.30319.237

                                                    </font>

    </body>
</html>
<!-- 
[NotSupportedException]: Security settings for this service require 'Anonymous' Authentication but it is not enabled for the IIS application that hosts this service.
   at System.ServiceModel.Activation.HostedAspNetEnvironment.ValidateHttpSettings(String virtualPath, Boolean isMetadataListener, Boolean usingDefaultSpnList, AuthenticationSchemes& supportedSchemes, ExtendedProtectionPolicy& extendedProtectionPolicy, String& realm)
   at System.ServiceModel.Channels.HttpChannelListener.ApplyHostedContext(String virtualPath, Boolean isMetadataListener)
   at System.ServiceModel.Channels.HttpTransportBindingElement.BuildChannelListener[TChannel](BindingContext context)
   at System.ServiceModel.Channels.Binding.BuildChannelListener[TChannel](Uri listenUriBaseAddress, String listenUriRelativeAddress, ListenUriMode listenUriMode, BindingParameterCollection parameters)
   at System.ServiceModel.Description.DispatcherBuilder.MaybeCreateListener(Boolean actuallyCreate, Type[] supportedChannels, Binding binding, BindingParameterCollection parameters, Uri listenUriBaseAddress, String listenUriRelativeAddress, ListenUriMode listenUriMode, ServiceThrottle throttle, IChannelListener& result, Boolean supportContextSession)
   at System.ServiceModel.Description.DispatcherBuilder.BuildChannelListener(StuffPerListenUriInfo stuff, ServiceHostBase serviceHost, Uri listenUri, ListenUriMode listenUriMode, Boolean supportContextSession, IChannelListener& result)
   at System.ServiceModel.Description.DispatcherBuilder.InitializeServiceHost(ServiceDescription description, ServiceHostBase serviceHost)
   at System.ServiceModel.ServiceHostBase.InitializeRuntime()
   at System.ServiceModel.ServiceHostBase.OnOpen(TimeSpan timeout)
   at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)
   at System.ServiceModel.ServiceHostingEnvironment.HostingManager.ActivateService(String normalizedVirtualPath)
   at System.ServiceModel.ServiceHostingEnvironment.HostingManager.EnsureServiceAvailable(String normalizedVirtualPath)
[ServiceActivationException]: The service '/SLtoCRM.svc' cannot be activated due to an exception during compilation.  The exception message is: Security settings for this service require 'Anonymous' Authentication but it is not enabled for the IIS application that hosts this service..
   at System.Runtime.AsyncResult.End[TAsyncResult](IAsyncResult result)
   at System.ServiceModel.Activation.HostedHttpRequestAsyncResult.End(IAsyncResult result)
   at System.Web.HttpApplication.AsyncEventExecutionStep.OnAsyncEventCompletion(IAsyncResult ar)
--><!-- 
This error page might contain sensitive information because ASP.NET is configured to show verbose error messages using <customErrors mode="Off"/>. Consider using <customErrors mode="On"/> or <customErrors mode="RemoteOnly"/> in production environments.-->
--.
Metadata contains a reference that cannot be resolved: 'xxxx/SLtoCRM.svc'.
The HTTP request is unauthorized with client authentication scheme 'Anonymous'. The authentication header received from the server was 'Negotiate,NTLM'.
The remote server returned an error: (401) Unauthorized.
If the service is defined in the current solution, try building the solution and adding the service reference again.

我尝试创建一个新的WCF服务,但我遇到了同样的问题。这是我在WCF服务中更新的配置文件:

    <?xml version="1.0"?>
<configuration>
    <system.diagnostics>
        <sources>
            <source name="System.ServiceModel"
                    switchValue="All"
                    propagateActivity="true">
                <listeners>
                    <add name="traceListener"
                        type="System.Diagnostics.XmlWriterTraceListener"
                        initializeData= "c:\log\Traces.svclog" />
                </listeners>
            </source>
        </sources>
    </system.diagnostics>
  <system.web>
    <compilation debug="true" targetFramework="4.0" />
      <customErrors mode="Off" />

      <authentication mode="Windows" />
      <authorization>
          <allow users="*" />
      </authorization>
  </system.web>
    <appSettings>
    </appSettings>
    <system.serviceModel>
        <bindings>
            <basicHttpBinding>
                <binding name="MyBinding">
                    <security mode="TransportCredentialOnly">
                        <transport clientCredentialType="Windows" />
                    </security>
                </binding>
            </basicHttpBinding>
        </bindings>
        <services>
            <service name="SLtoCRM">
                <endpoint address="" binding="basicHttpBinding" bindingConfiguration="MyBinding" contract="CRMWCF.ISLtoCRM" />
                <endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" />
            </service>
            <service name="SLtoSQL">
                <endpoint address="" binding="basicHttpBinding" bindingConfiguration="MyBinding" contract="CRMWCF.ISLtoSQL" />
                <endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" />
            </service>
        </services>
        <behaviors>
            <serviceBehaviors>
                <behavior name="CRMBehavior">
                    <!-- To avoid disclosing metadata information, set the value below to false and remove the metadata endpoint above before deployment -->
                    <serviceMetadata httpGetEnabled="true"/>
                    <!-- To receive exception details in faults for debugging purposes, set the value below to true.  Set to false before deployment to avoid disclosing exception information -->
                    <serviceDebug includeExceptionDetailInFaults="true"/>
                </behavior>
            </serviceBehaviors>
        </behaviors>

        <serviceHostingEnvironment multipleSiteBindingsEnabled="true" />
    </system.serviceModel>
 <system.webServer>
    <modules runAllManagedModulesForAllRequests="true"/>
  </system.webServer>

</configuration>

只是为了咧嘴笑,这是我在端点中使用的接口之一:

namespace CRMWCF
{
    [ServiceContract]
    public interface ISLtoSQL
    {
        [OperationContract]
        IEnumerable<Dictionary<string, string>> GetOptionSet(string connectionString, int objectTypeCode, string optionSetName);

    }
}

我是否需要在我的应用程序的配置文件中执行任何操作,我正在尝试将此服务添加到?

由于

1 个答案:

答案 0 :(得分:0)

您需要添加“服务”部分。这样,您可以提供服务端点,并告诉它使用您创建的绑定配置。

    <System.ServiceModel>
    <services>
          <service name="ServiceName" >
            <endpoint address="" binding="basicHttpBinding" bindingConfiguration="MyBinding" contract="namespace.IContract" />
            <endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" />
          </service>
        </services>
    </System.ServiceModel>