Question

我有一个使用Forms身份验证保护的C＃Web应用程序项目。使用默认的Role Manager管理各种页面的授权效果很好。

我最近在项目中添加了许多WCF（* .svc）服务，我使用ASP.NET AJAX从浏览器中调用Javascript（添加引用该服务的ScriptManager）。这一切都可以正常使用HTTP。

我现在已经使用证书向IIS添加了HTTPS绑定，并尝试通过HTTPS使用该应用程序;但是，当他们尝试加载js代理类（service.svc / jsdebug）时，引用该服务的页面会抛出“401 Unauthorized”错误。从我收集的内容中，我需要更改web.config文件中的配置以使其正常工作，但我找不到任何可以使其正常工作的设置。我需要它可以通过HTTP协议（enableWebScript）访问，但通过HTTPS。它还需要使用当前经过身份验证的Forms用户的标识。

关于在web.config中配置端点的任何一般建议也将受到赞赏 - 或指向一个好的教程的指针。感谢

以下是我目前的web.config文件的服务部分

  <system.serviceModel>
    <bindings>
      <wsHttpBinding>
        <binding name="WsHttpBindingConfig">
          <security mode="Transport">
            <transport clientCredentialType="None" />
            <message clientCredentialType="UserName"/>
          </security>
        </binding>
      </wsHttpBinding>
      <webHttpBinding>
        <binding name="webHttp">
          <security mode="None">
          </security>
        </binding>
        <binding name="default"/>
      </webHttpBinding>
    </bindings>
    <behaviors>
      <endpointBehaviors>
        <behavior name="webScriptEnablingBehavior">
          <enableWebScript/>
        </behavior>
        <behavior name="scorelink.groups.Risk">
          <enableWebScript />
        </behavior>
        <behavior name="scorelink.tests.Benchmarks">
          <enableWebScript />
        </behavior>
        <behavior name="default">
        </behavior>
      </endpointBehaviors>
      <serviceBehaviors>
        <behavior name="DefaultBehaviours">
          <serviceMetadata httpGetEnabled="true" httpsGetEnabled="true"/>
          <serviceDebug includeExceptionDetailInFaults="true" />
          <serviceCredentials>
            <userNameAuthentication userNamePasswordValidationMode="MembershipProvider" membershipProviderName="SqlProvider"/>
          </serviceCredentials>
          <serviceAuthorization principalPermissionMode="UseAspNetRoles" roleProviderName="SqlProvider" />
        </behavior>
        <behavior name="">
          <serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />
          <serviceDebug includeExceptionDetailInFaults="false" />
        </behavior>
      </serviceBehaviors>
    </behaviors>
    <serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" />
    <services>
      <service name="scorelink.groups.Risk">
        <endpoint address="" behaviorConfiguration="scorelink.groups.Risk"
          binding="webHttpBinding" contract="scorelink.groups.Risk" />
      </service>
      <service name="scorelink.tests.Benchmarks" behaviorConfiguration="DefaultBehaviours">
        <endpoint address="" behaviorConfiguration="scorelink.tests.Benchmarks"
          binding="webHttpBinding" contract="scorelink.tests.Benchmarks" />
      </service>
      <service name="scorelink.services.user" behaviorConfiguration="DefaultBehaviours">
        <endpoint address="" binding="wsHttpBinding" behaviorConfiguration="default" bindingConfiguration="WsHttpBindingConfig" contract="scorelink.services.Iuser" />
        <endpoint address="http" binding="webHttpBinding" behaviorConfiguration="webScriptEnablingBehavior" bindingConfiguration="webHttp" contract="scorelink.services.Iuser" />
      </service>
    </services>
  </system.serviceModel>

因为我尝试了很多东西，所以可能有点混乱。我目前只专注于user.svc，但一旦工作，我就会将配置应用于所有服务。

修改

我将配置更新为建议但现在出现以下错误：

The endpoint at 'https://localhost:44300/_assets/code/services/user.svc' does 
not have a Binding with the None MessageVersion. 
System.ServiceModel.Description.WebScriptEnablingBehavior' is only intended 
for use with WebHttpBinding or similar bindings.

我认为这是因为它使用的是指定<enableWebScript />的端点行为。问题是，如果我把它拿走，那么服务不会生成一个javascript代理类，所以我不能从js调用它。

编辑2 下面是ASP.NET生成的js代理类的转储，用于响应EnableWebScript标志。可以从http://uri/service.svc/jsdebug访问：

Type.registerNamespace('scorelink.services');
scorelink.services.Iuser=function() {
scorelink.services.Iuser.initializeBase(this);
this._timeout = 0;
this._userContext = null;
this._succeeded = null;
this._failed = null;
}
scorelink.services.Iuser.prototype={
_get_path:function() {
 var p = this.get_path();
 if (p) return p;
 else return scorelink.services.Iuser._staticInstance.get_path();},
CreateUser:function(FirstName,LastName,Username,DateOfBirth,Roles,succeededCallback, failedCallback, userContext) {
/// <param name="FirstName" type="String">System.String</param>
/// <param name="LastName" type="String">System.String</param>
/// <param name="Username" type="String">System.String</param>
/// <param name="DateOfBirth" type="String">System.String</param>
/// <param name="Roles" type="Array">System.String[]</param>
/// <param name="succeededCallback" type="Function" optional="true" mayBeNull="true"></param>
/// <param name="failedCallback" type="Function" optional="true" mayBeNull="true"></param>
/// <param name="userContext" optional="true" mayBeNull="true"></param>
return this._invoke(this._get_path(), 'CreateUser',false,{FirstName:FirstName,LastName:LastName,Username:Username,DateOfBirth:DateOfBirth,Roles:Roles},succeededCallback,failedCallback,userContext); },
UpdateUser:function(username,firstName,lastName,dateOfBirth,roles,succeededCallback, failedCallback, userContext) {
/// <param name="username" type="String">System.String</param>
/// <param name="firstName" type="String">System.String</param>
/// <param name="lastName" type="String">System.String</param>
/// <param name="dateOfBirth" type="String">System.String</param>
/// <param name="roles" type="Array">System.String[]</param>
/// <param name="succeededCallback" type="Function" optional="true" mayBeNull="true"></param>
/// <param name="failedCallback" type="Function" optional="true" mayBeNull="true"></param>
/// <param name="userContext" optional="true" mayBeNull="true"></param>
return this._invoke(this._get_path(), 'UpdateUser',false,{username:username,firstName:firstName,lastName:lastName,dateOfBirth:dateOfBirth,roles:roles},succeededCallback,failedCallback,userContext); },
DeleteUser:function(Username,succeededCallback, failedCallback, userContext) {
/// <param name="Username" type="String">System.String</param>
/// <param name="succeededCallback" type="Function" optional="true" mayBeNull="true"></param>
/// <param name="failedCallback" type="Function" optional="true" mayBeNull="true"></param>
/// <param name="userContext" optional="true" mayBeNull="true"></param>
return this._invoke(this._get_path(), 'DeleteUser',false,{Username:Username},succeededCallback,failedCallback,userContext); },
GetUserDetails:function(Username,succeededCallback, failedCallback, userContext) {
/// <param name="Username" type="String">System.String</param>
/// <param name="succeededCallback" type="Function" optional="true" mayBeNull="true"></param>
/// <param name="failedCallback" type="Function" optional="true" mayBeNull="true"></param>
/// <param name="userContext" optional="true" mayBeNull="true"></param>
return this._invoke(this._get_path(), 'GetUserDetails',true,{Username:Username},succeededCallback,failedCallback,userContext); },
ChangePassword:function(oldPassword,newPassword,succeededCallback, failedCallback, userContext) {
/// <param name="oldPassword" type="String">System.String</param>
/// <param name="newPassword" type="String">System.String</param>
/// <param name="succeededCallback" type="Function" optional="true" mayBeNull="true"></param>
/// <param name="failedCallback" type="Function" optional="true" mayBeNull="true"></param>
/// <param name="userContext" optional="true" mayBeNull="true"></param>
return this._invoke(this._get_path(), 'ChangePassword',false,{oldPassword:oldPassword,newPassword:newPassword},succeededCallback,failedCallback,userContext); },
ChangeLockoutCode:function(password,symbol1,symbol2,succeededCallback, failedCallback, userContext) {
/// <param name="password" type="String">System.String</param>
/// <param name="symbol1" type="Number">System.Int32</param>
/// <param name="symbol2" type="Number">System.Int32</param>
/// <param name="succeededCallback" type="Function" optional="true" mayBeNull="true"></param>
/// <param name="failedCallback" type="Function" optional="true" mayBeNull="true"></param>
/// <param name="userContext" optional="true" mayBeNull="true"></param>
return this._invoke(this._get_path(), 'ChangeLockoutCode',false,{password:password,symbol1:symbol1,symbol2:symbol2},succeededCallback,failedCallback,userContext); }}
scorelink.services.Iuser.registerClass('scorelink.services.Iuser',Sys.Net.WebServiceProxy);
scorelink.services.Iuser._staticInstance = new scorelink.services.Iuser();
scorelink.services.Iuser.set_path = function(value) {
scorelink.services.Iuser._staticInstance.set_path(value); }
scorelink.services.Iuser.get_path = function() { 
/// <value type="String" mayBeNull="true">The service url.</value>
return scorelink.services.Iuser._staticInstance.get_path();}
scorelink.services.Iuser.set_timeout = function(value) {
scorelink.services.Iuser._staticInstance.set_timeout(value); }
scorelink.services.Iuser.get_timeout = function() { 
/// <value type="Number">The service timeout.</value>
return scorelink.services.Iuser._staticInstance.get_timeout(); }
scorelink.services.Iuser.set_defaultUserContext = function(value) { 
scorelink.services.Iuser._staticInstance.set_defaultUserContext(value); }
scorelink.services.Iuser.get_defaultUserContext = function() { 
/// <value mayBeNull="true">The service default user context.</value>
return scorelink.services.Iuser._staticInstance.get_defaultUserContext(); }
scorelink.services.Iuser.set_defaultSucceededCallback = function(value) { 
 scorelink.services.Iuser._staticInstance.set_defaultSucceededCallback(value); }
scorelink.services.Iuser.get_defaultSucceededCallback = function() { 
/// <value type="Function" mayBeNull="true">The service default succeeded callback.</value>
return scorelink.services.Iuser._staticInstance.get_defaultSucceededCallback(); }
scorelink.services.Iuser.set_defaultFailedCallback = function(value) { 
scorelink.services.Iuser._staticInstance.set_defaultFailedCallback(value); }
scorelink.services.Iuser.get_defaultFailedCallback = function() { 
/// <value type="Function" mayBeNull="true">The service default failed callback.</value>
return scorelink.services.Iuser._staticInstance.get_defaultFailedCallback(); }
scorelink.services.Iuser.set_enableJsonp = function(value) { scorelink.services.Iuser._staticInstance.set_enableJsonp(value); }
scorelink.services.Iuser.get_enableJsonp = function() { 
/// <value type="Boolean">Specifies whether the service supports JSONP for cross domain calling.</value>
return scorelink.services.Iuser._staticInstance.get_enableJsonp(); }
scorelink.services.Iuser.set_jsonpCallbackParameter = function(value) { scorelink.services.Iuser._staticInstance.set_jsonpCallbackParameter(value); }
scorelink.services.Iuser.get_jsonpCallbackParameter = function() { 
/// <value type="String">Specifies the parameter name that contains the callback function name for a JSONP request.</value>
return scorelink.services.Iuser._staticInstance.get_jsonpCallbackParameter(); }
scorelink.services.Iuser.set_path("http://localhost:5584/_assets/code/services/user.svc");
scorelink.services.Iuser.CreateUser= function(FirstName,LastName,Username,DateOfBirth,Roles,onSuccess,onFailed,userContext) {
/// <param name="FirstName" type="String">System.String</param>
/// <param name="LastName" type="String">System.String</param>
/// <param name="Username" type="String">System.String</param>
/// <param name="DateOfBirth" type="String">System.String</param>
/// <param name="Roles" type="Array">System.String[]</param>
/// <param name="succeededCallback" type="Function" optional="true" mayBeNull="true"></param>
/// <param name="failedCallback" type="Function" optional="true" mayBeNull="true"></param>
/// <param name="userContext" optional="true" mayBeNull="true"></param>
scorelink.services.Iuser._staticInstance.CreateUser(FirstName,LastName,Username,DateOfBirth,Roles,onSuccess,onFailed,userContext); }
scorelink.services.Iuser.UpdateUser= function(username,firstName,lastName,dateOfBirth,roles,onSuccess,onFailed,userContext) {
/// <param name="username" type="String">System.String</param>
/// <param name="firstName" type="String">System.String</param>
/// <param name="lastName" type="String">System.String</param>
/// <param name="dateOfBirth" type="String">System.String</param>
/// <param name="roles" type="Array">System.String[]</param>
/// <param name="succeededCallback" type="Function" optional="true" mayBeNull="true"></param>
/// <param name="failedCallback" type="Function" optional="true" mayBeNull="true"></param>
/// <param name="userContext" optional="true" mayBeNull="true"></param>
scorelink.services.Iuser._staticInstance.UpdateUser(username,firstName,lastName,dateOfBirth,roles,onSuccess,onFailed,userContext); }
scorelink.services.Iuser.DeleteUser= function(Username,onSuccess,onFailed,userContext) {
/// <param name="Username" type="String">System.String</param>
/// <param name="succeededCallback" type="Function" optional="true" mayBeNull="true"></param>
/// <param name="failedCallback" type="Function" optional="true" mayBeNull="true"></param>
/// <param name="userContext" optional="true" mayBeNull="true"></param>
scorelink.services.Iuser._staticInstance.DeleteUser(Username,onSuccess,onFailed,userContext); }
scorelink.services.Iuser.GetUserDetails= function(Username,onSuccess,onFailed,userContext) {
/// <param name="Username" type="String">System.String</param>
/// <param name="succeededCallback" type="Function" optional="true" mayBeNull="true"></param>
/// <param name="failedCallback" type="Function" optional="true" mayBeNull="true"></param>
/// <param name="userContext" optional="true" mayBeNull="true"></param>
scorelink.services.Iuser._staticInstance.GetUserDetails(Username,onSuccess,onFailed,userContext); }
scorelink.services.Iuser.ChangePassword= function(oldPassword,newPassword,onSuccess,onFailed,userContext) {
/// <param name="oldPassword" type="String">System.String</param>
/// <param name="newPassword" type="String">System.String</param>
/// <param name="succeededCallback" type="Function" optional="true" mayBeNull="true"></param>
/// <param name="failedCallback" type="Function" optional="true" mayBeNull="true"></param>
/// <param name="userContext" optional="true" mayBeNull="true"></param>
scorelink.services.Iuser._staticInstance.ChangePassword(oldPassword,newPassword,onSuccess,onFailed,userContext); }
scorelink.services.Iuser.ChangeLockoutCode= function(password,symbol1,symbol2,onSuccess,onFailed,userContext) {
/// <param name="password" type="String">System.String</param>
/// <param name="symbol1" type="Number">System.Int32</param>
/// <param name="symbol2" type="Number">System.Int32</param>
/// <param name="succeededCallback" type="Function" optional="true" mayBeNull="true"></param>
/// <param name="failedCallback" type="Function" optional="true" mayBeNull="true"></param>
/// <param name="userContext" optional="true" mayBeNull="true"></param>
scorelink.services.Iuser._staticInstance.ChangeLockoutCode(password,symbol1,symbol2,onSuccess,onFailed,userContext); }
var gtc = Sys.Net.WebServiceProxy._generateTypedConstructor;
if (typeof(scorelink.services.UserDetails) === 'undefined') {
scorelink.services.UserDetails=gtc("UserDetails:http://schemas.datacontract.org/2004/07/scorelink.services");
scorelink.services.UserDetails.registerClass('scorelink.services.UserDetails');
}

Answer 1

我认为您需要确认的事情很少：

您有自签名证书。
您需要检查SSL。
您有编辑绑定 - ＆gt;类型是Https - ＆gt;端口是443（默认值端口）。
安全模式。
端点地址=“mex”binding =“mexHttpsBinding”contract =“IMetadataExchange”
您正在访问服务的Page.aspx.cs中的一些自定义代码。

Answer 2

根据对所提供信息的简要回顾，配置文件似乎没有正确定义安全性。例如，以下代码段：

    <binding name="WsHttpBindingConfig">
      <security mode="Transport">
        <transport clientCredentialType="None" />
        <message clientCredentialType="UserName"/>
      </security>

......应该看起来像：

  <wsHttpBinding>
        <binding name=" WsHttpBindingConfig">
            <security mode="TransportWithMessageCredential">
                <message clientCredentialType="UserName"/>
            </security>

以下链接提供了良好的背景信息：
http://msdn.microsoft.com/en-us/library/ff648840.aspx
http://www.codeproject.com/Articles/59927/WCF-Service-over-HTTPS-with-custom-username-and-pa

此致

通过HTTPS的HTTP WCF服务

2 个答案: