我目前正在开发一个使用多个WCF-WebServices的网站。
委派和假冒尚未成为问题。
现在我有以下情况:
网站 - > WebService1 - >验证-WebService的
我的网站调用WebService1(系统的核心),WebService1调用我的Validation-WebService。 WebService1和Validation-WebService当前在不同虚拟目录中的同一台机器上运行。服务可能在生产模式下的不同机器上运行,这就是我想使用委托而不是模拟的原因。两者都在以下上下文中运行:“NT AUTHORITY \ NETWORK SERVICE”。
在两个WebServices中,我想识别WebSite的实际用户,在我的情况下,目前通过ServiceSecurityContext.Current.WindowsIdentity.Name工作。
我能够在第一个WebService中获取用户的WindowsIndentity,但不能在Validation-WebService中获取。
如果我需要通过[OperationBehavior(Impersonation = ImpersonationOption.Required)]模拟中间WebService,我会遇到异常:
System.ServiceModel.EndpointNotFoundException: There was no endpoint listening at https://myWebServer.myCompany.com/ValidationService_dev/ValidationService.svc that could accept the message. This is often caused by an incorrect address or SOAP action. See InnerException, if present, for more details. ---> System.Net.WebException: The remote name could not be resolved: 'myWebServer.myCompany.com'
如果我没有在WebService1中模仿,则连接有效,但Validation-WebService中的标识失败。
WebService1具有以下配置(只是重要部分):
<services>
<service name="WebService1.WebService1">
<endpoint address="" binding="wsHttpBinding" bindingConfiguration="WSHttpBinding_IWebService1" contract="WebService1.IWebService1">
<identity>
<servicePrincipalName value="host/myWebServer.myCompany.com"/>
</identity>
</endpoint>
<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange"/>
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior>
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true"/>
<serviceDebug includeExceptionDetailInFaults="true"/>
<serviceAuthenticationManager authenticationSchemes="IntegratedWindowsAuthentication" />
</behavior>
</serviceBehaviors>
<endpointBehaviors>
<behavior name="CredentialDelegationBehavior">
<clientCredentials>
<windows allowedImpersonationLevel="Delegation" />
</clientCredentials>
</behavior>
</endpointBehaviors>
</behaviors>
<serviceHostingEnvironment aspNetCompatibilityEnabled="false" multipleSiteBindingsEnabled="true"/>
<bindings>
<wsHttpBinding>
<binding name="WSHttpBinding_IValidationService">
<security mode="Transport" />
</binding>
<binding name="WSHttpBinding_IWebService1" closeTimeout="00:01:00"
openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00"
bypassProxyOnLocal="false" transactionFlow="false" hostNameComparisonMode="StrongWildcard"
maxBufferPoolSize="524288" maxReceivedMessageSize="2147483647"
messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true"
allowCookies="false">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
maxBytesPerRead="4096" maxNameTableCharCount="16384" />
<reliableSession ordered="true" inactivityTimeout="00:10:00"
enabled="false" />
<security mode="Transport">
<transport clientCredentialType="Windows" proxyCredentialType="None"
realm="" />
</security>
</binding>
</wsHttpBinding>
</bindings>
<client>
<endpoint address="https://myWebServer.myCompany.com/ValidationService_dev/ValidationService.svc"
binding="wsHttpBinding" bindingConfiguration="WSHttpBinding_IValidationService" behaviorConfiguration="CredentialDelegationBehavior"
contract="ValidationService.IValidationService" name="WSHttpBinding_IValidationService">
<identity>
<servicePrincipalName value="host/myWebServer.myCompany.com" />
</identity>
</endpoint>
</client>
委派已配置,看起来类似于WebSite的配置(可以工作)。
Validation-WebService的配置(只是重要部分):
<services>
<service name="ValidationService.ValidationService" >
<endpoint address="" binding="wsHttpBinding" bindingConfiguration="WSHttpBinding_IValidationService" contract="ValidationService.IValidationService">
<identity>
<servicePrincipalName value="host/myWebServer.myCompany.com"/>
</identity>
</endpoint>
<endpoint address="mex" binding="mexHttpsBinding" contract="IMetadataExchange" />
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior>
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true"/>
<serviceDebug includeExceptionDetailInFaults="true"/>
<serviceAuthenticationManager authenticationSchemes="IntegratedWindowsAuthentication" />
</behavior>
</serviceBehaviors>
</behaviors>
<serviceHostingEnvironment aspNetCompatibilityEnabled="false" multipleSiteBindingsEnabled="true" />
<bindings>
<wsHttpBinding>
<binding name="WSHttpBinding_IValidationService" closeTimeout="00:01:00" openTimeout="00:01:00"
receiveTimeout="00:10:00" sendTimeout="00:01:00" bypassProxyOnLocal="false"
transactionFlow="false" hostNameComparisonMode="StrongWildcard"
maxBufferPoolSize="524288" maxReceivedMessageSize="2147483647"
messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true"
allowCookies="false">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
maxBytesPerRead="4096" maxNameTableCharCount="16384" />
<reliableSession ordered="true" inactivityTimeout="00:10:00"
enabled="false" />
<security mode="Transport">
<transport clientCredentialType="Windows" proxyCredentialType="None"
realm="" />
</security>
</binding>
</wsHttpBinding>
</bindings>
我已经找到一个论坛帖子,描述了完全相同的问题,但这对我不起作用:( 这里:Forum Post found
有人建议如何运作吗? 我两天以来一直在研究这个问题而无法找到解决方案。
如果您需要任何其他信息,请随时提问。