我有一个WCF服务,在提供适当的凭据时可以正常工作。
当我尝试使用错误凭据来使用该服务时,该服务会按预期发出MessageSecurityException错误,并收到错误:"MessageSecurityException was unhandled by user code"。
我不确定如何处理此异常,因为它是在Reference.cs文件中引发的,该文件是自动生成的,而不是我实际控制的:
References.cs
public string EndLogin(System.IAsyncResult result) {
object[] _args = new object[0];
string _result = ((string)(base.EndInvoke("Login", _args, result))); //Here is the error raised
return _result;
}
理想的做法是检查service是否已接受凭据,而不是依赖于引发的错误,但不知道如何检查此错误。
希望有人可以帮助我,所以我的应用程序不必在每次错误的登录时崩溃;)
Web.config:服务:
<?xml version="1.0"?>
<configuration>
<appSettings>
<add key="aspnet:UseTaskFriendlySynchronizationContext" value="true" />
</appSettings>
<system.web>
<compilation debug="true" targetFramework="4.5" />
<httpRuntime targetFramework="4.5"/>
</system.web>
<system.serviceModel>
<services>
<service name="BiBasicService.SalesMarketingService">
<endpoint address="" binding="basicHttpBinding" bindingConfiguration="basicHttpBinding"
contract="BiBasicService.ISalesMarketingService" />
<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" />
</service>
</services>
<bindings>
<basicHttpBinding>
<binding name="basicHttpBinding">
<security mode="TransportWithMessageCredential">
<message clientCredentialType="UserName" />
</security>
</binding>
</basicHttpBinding>
</bindings>
<behaviors>
<serviceBehaviors>
<behavior>
<!-- To avoid disclosing metadata information, set the values below to false before deployment -->
<serviceMetadata httpsGetEnabled="true" httpGetEnabled="true" />
<!-- To receive exception details in faults for debugging purposes, set the value below to true. Set to false before deployment to avoid disclosing exception information -->
<serviceDebug includeExceptionDetailInFaults="false"/>
<!-- To enable custom Role validation -->
<serviceAuthorization principalPermissionMode="Custom">
<authorizationPolicies>
<add policyType="BiBasicService.Security.AuthorizationPolicy, BiBasicService" />
</authorizationPolicies>
</serviceAuthorization>
<!-- To enable custom Username and Password validator-->
<serviceCredentials>
<userNameAuthentication userNamePasswordValidationMode="Custom" customUserNamePasswordValidatorType="BiBasicService.Security.CustomValidator, BiBasicService"/>
</serviceCredentials>
</behavior>
</serviceBehaviors>
</behaviors>
<protocolMapping>
<add binding="basicHttpsBinding" scheme="https" />
</protocolMapping>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="false" />
</system.serviceModel>
<system.webServer>
<modules runAllManagedModulesForAllRequests="true"/>
<!--
To browse web app root directory during debugging, set the value below to true.
Set to false before deployment to avoid disclosing web app folder information.
-->
<directoryBrowse enabled="true"/>
</system.webServer>
</configuration>
ServiceReferences.ClientConfig:客户端:
<configuration>
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="BasicHttpBinding_ISalesMarketingService" maxBufferSize="2147483647"
maxReceivedMessageSize="2147483647">
<security mode="TransportWithMessageCredential" />
</binding>
</basicHttpBinding>
</bindings>
<client>
<endpoint address="https://PUBLICDOMAIN/BasicHttp/SalesMarketingService.svc"
binding="basicHttpBinding" bindingConfiguration="BasicHttpBinding_ISalesMarketingService"
contract="ServiceReference1.ISalesMarketingService" name="BasicHttpBinding_ISalesMarketingService" />
</client>
</system.serviceModel>
</configuration>
答案 0 :(得分:0)
MessageSecurityException:它是绑定错误。
确保binding configuration和server side上的client side必须匹配。
请发布server方 web.config 和client方 web.config
答案 1 :(得分:0)
您可能希望查看IErrorHandler接口,这将允许您在更“全局级别”处理异常。 IErrorHandler是一个扩展,允许在抛出异常时显式控制应用程序的行为,实现IErrorHandler接口并将其添加到Dispatcher的ErrorHandlers属性中。 IErrorHandler使您能够显式控制生成的SOAP错误,决定是将其发送回客户端,还是执行相关的任务,例如日志记录。错误处理程序按它们添加到ErrorHandlers属性的顺序调用。
http://msdn.microsoft.com/en-us/library/system.servicemodel.dispatcher.ierrorhandler.aspx
http://blogs.msdn.com/b/carlosfigueira/archive/2011/06/07/wcf-extensibility-ierrorhandler.aspx