WCF身份验证错误连接到IP地址

时间:2014-01-21 13:34:58

标签: c# wcf credentials

我有一个程序,它具有与其他模块通信的wcf服务。我想实现自定义授权和身份验证。抱歉代码不好。就这个: 服务器:

配置:

        <behaviors>
            <serviceBehaviors>
            <behavior name="managementMexBehavior">

            <serviceMetadata httpGetEnabled="True" httpGetUrl="http://localhost:7538/management/mex"/>
            <serviceDebug includeExceptionDetailInFaults="True"/>

            <serviceDiscovery>
                <announcementEndpoints>
                    <endpoint kind="udpAnnouncementEndpoint"/>
                </announcementEndpoints>
            </serviceDiscovery>

            </behavior>                  
            </serviceBehaviors>
        </behaviors>        

        <binding name="managementServerBindingConfig" closeTimeout="00:10:00"
      openTimeout="00:10:00" receiveTimeout="00:10:00" sendTimeout="00:10:00"
      transferMode="Buffered" maxReceivedMessageSize="65535">
            <security mode="TransportWithMessageCredential">
                <message clientCredentialType="UserName" />
            </security>
        </binding>

代码

        var binding = new NetTcpBinding("managementServerBindingConfig");
        binding.Security.Message.ClientCredentialType = MessageCredentialType.UserName;

        string address = _c24ServerAdminSettings.ManagementWebServerAddress;

        ServiceEndpoint endpoint = Host.AddServiceEndpoint(ServiceInterface, binding, address);
        endpoint.Name = "C24ServerAdminManagementEndpoint";

        var parametrInspector = new OperationParametrInspector();

        var errorHandler = new DispatcherErrorHandler();
        errorHandler.OnHandleError += errorHandler_OnHandleError;
        var behavior = new EnpointDispathcherBehavior(parametrInspector, errorHandler);
        endpoint.Behaviors.Add(behavior);

        //ServiceCredentials
        ServiceCredentials scb = Host.Description.Behaviors.Find<ServiceCredentials>();
        if (scb == null)
        {
            scb = new ServiceCredentials();
            Host.Description.Behaviors.Add(scb);
        }
        scb.UserNameAuthentication.UserNamePasswordValidationMode = UserNamePasswordValidationMode.Custom;
        scb.UserNameAuthentication.CustomUserNamePasswordValidator = new PasswordValidator(_dataManager);
        scb.ServiceCertificate.SetCertificate(StoreLocation.LocalMachine, StoreName.My, X509FindType.FindBySubjectName, "localhost");


        //ServiceAuthorizationBehavior
        ServiceAuthorizationBehavior sab = Host.Description.Behaviors.Find<ServiceAuthorizationBehavior>();
        if (sab == null)
        {
            sab = new ServiceAuthorizationBehavior();
            Host.Description.Behaviors.Add(sab);
        }

        sab.PrincipalPermissionMode = PrincipalPermissionMode.Custom;
        sab.ExternalAuthorizationPolicies = new ReadOnlyCollection<IAuthorizationPolicy>(new[]
                                                                                        {
                                                                                             new AuthorizationPolicy()
                                                                                         });

客户端:

配置:

 <binding name="C24ServerAdminManagementEndpoint" closeTimeout="00:01:00"
                openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00"
                transactionFlow="false" transferMode="Buffered" transactionProtocol="OleTransactions"
                hostNameComparisonMode="StrongWildcard" listenBacklog="10"
                maxBufferPoolSize="524288" maxBufferSize="65536" maxConnections="10"
                maxReceivedMessageSize="65536">
                <readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
                    maxBytesPerRead="4096" maxNameTableCharCount="16384" />
                <reliableSession ordered="true" inactivityTimeout="00:10:00"
                    enabled="false" />
                <security mode="TransportWithMessageCredential">
                    <message clientCredentialType="UserName" />
                </security>
            </binding>

  <endpoint address="net.tcp://localhost:60001/Management/" binding="netTcpBinding"
            bindingConfiguration="C24ServerAdminManagementEndpoint" contract="C24ServerAdminManagement.IManagementWebService"
            name="C24ServerAdminManagementEndpoint">
            <identity>
                <dns value="localhost" />
            </identity>
        </endpoint>

代码:

ManagementWebServiceClient ds = new ManagementWebServiceClient("C24ServerAdminManagementEndpoint", _managementServiceAddress);
        ds.ClientCredentials.ServiceCertificate.Authentication.CertificateValidationMode  =    X509CertificateValidationMode.None;
        ds.ClientCredentials.UserName.UserName = UserName;
        ds.ClientCredentials.UserName.Password = Password;
        ds.Open();

这项工作与localhost相当不错。但是当我设置计算机IP地址时。客户端尝试连接到服务,服务响应和异常发生。异常表示从DNS(192.168.0.1)等待从DNS(localhost)收到响应。但是192.168.0.1是本地地址。

2 个答案:

答案 0 :(得分:0)

我遇到了同样的问题“......如果客户端和主机在同一台机器上,一切正常,但如果主机和客户端在不同的机器上,我会收到异常错误”。

这就解决了我的问题:我的互联网连接设置使用了代理服务器。我将局域网设置的IE选项更改为Bypass proxy server for local addressesDo not use proxy server for addresses beginning with: http:\\host-ip-here

祝你好运。

答案 1 :(得分:0)

问题出在dns身份上。我使用localhost证书。当我使用直接IP服务连接从证书返回DNS。实际上在配置中添加DNS身份应该已修复该问题。也许它没有修复,因为我在代码中创建了端点,它加载绑定配置但不加载端点。我只重写了一点代码

        string address = _managementServiceAddress;
        EndpointAddress epa = new EndpointAddress(new Uri(address), EndpointIdentity.CreateDnsIdentity("localhost"));
        ManagementWebServiceClient ds = new ManagementWebServiceClient("C24ServerAdminManagementEndpoint", epa);
        ds.ClientCredentials.ServiceCertificate.Authentication.CertificateValidationMode  = X509CertificateValidationMode.None;
        ds.ClientCredentials.UserName.UserName = UserName;
        ds.ClientCredentials.UserName.Password = Password;

工作正常。

相关问题
最新问题