我通过https使用iis7上托管的wcf服务,当我在Windows 8应用程序中调用服务时,它返回错误
" HTTP请求未经授权使用客户端身份验证方案' Anonymous'。从服务器收到的身份验证标头是“NTLM'。"
此服务web.config
<configuration>
<system.serviceModel>
<services>
<service behaviorConfiguration="CellStorageServiceBehavior" name="Microsoft.SharePoint.SoapServer.CellStorages">
<endpoint address="CellStorageService" binding="basicHttpBinding"
bindingConfiguration="StreamBinding" contract="MOL.Service.ISAPI.MOL.IServiceHosted" />
<endpoint address="CellStorageServiceBasic" binding="basicHttpBinding"
bindingConfiguration="StreamBindingBasic" contract="MOL.Service.ISAPI.MOL.IServiceHosted" />
<endpoint address="CellStorageServiceDigest" binding="basicHttpBinding"
bindingConfiguration="StreamBindingDigest" contract="MOL.Service.ISAPI.MOL.IServiceHosted" />
<endpoint address="CellStorageServiceNtlm" binding="basicHttpBinding"
bindingConfiguration="StreamBindingNtlm" contract="MOL.Service.ISAPI.MOL.IServiceHosted" />
</service>
<service behaviorConfiguration="CellStorageServiceHttpsBehavior" name="Microsoft.SharePoint.SoapServer.CellStoragesHttps">
<endpoint address="CellStorageService" binding="basicHttpBinding"
bindingConfiguration="StreamBindingHttps" contract="MOL.Service.ISAPI.MOL.IServiceHosted" />
<endpoint address="CellStorageServiceBasic" binding="basicHttpBinding"
bindingConfiguration="StreamBindingHttpsBasic" contract="MOL.Service.ISAPI.MOL.IServiceHosted" />
<endpoint address="CellStorageServiceDigest" binding="basicHttpBinding"
bindingConfiguration="StreamBindingHttpsDigest" contract="MOL.Service.ISAPI.MOL.IServiceHosted" />
<endpoint address="CellStorageServiceNtlm" binding="basicHttpBinding"
bindingConfiguration="StreamBindingHttpsNtlm" contract="MOL.Service.ISAPI.MOL.IServiceHosted" />
</service>
<service behaviorConfiguration="ClaimProviderWebServiceBehavior" name="Microsoft.SharePoint.SoapServer.SPClaimProviderWebService">
<endpoint address=""
binding="basicHttpBinding"
bindingConfiguration="TextStreamBindingNoSecurity"
bindingNamespace="http://schemas.microsoft.com/sharepoint/claims/"
behaviorConfiguration="HttpBinding.LargeDataEndpointBehavior"
contract="MOL.Service.ISAPI.MOL.IServiceHosted" />
</service>
<service behaviorConfiguration="HttpsClaimProviderWebServiceBehavior" name="Microsoft.SharePoint.SoapServer.SPClaimProviderWebServiceHttps">
<endpoint address=""
binding="basicHttpBinding"
bindingConfiguration="TextStreamBindingHttpsNoSecurity"
bindingNamespace="http://schemas.microsoft.com/sharepoint/claims/"
behaviorConfiguration="HttpBinding.LargeDataEndpointBehavior"
contract="MOL.Service.ISAPI.MOL.IServiceHosted" />
</service>
</services>
<protocolMapping>
<add scheme="https" binding="webHttpBinding" bindingConfiguration="StreamBindingHttps" />
<add scheme="http" binding="webHttpBinding" bindingConfiguration="StreamBinding" />
</protocolMapping>
<bindings>
<webHttpBinding>
<binding name="webHttpBindingWithJsonP"
crossDomainScriptAccessEnabled="true" />
</webHttpBinding>
<basicHttpBinding>
<binding name="StreamBinding" closeTimeout="00:01:00" openTimeout="00:01:00"
receiveTimeout="00:10:00" sendTimeout="00:01:00" allowCookies="true"
maxBufferSize="4194304" maxReceivedMessageSize="4194304" messageEncoding="Mtom"
transferMode="StreamedResponse">
<security mode="TransportCredentialOnly">
<transport clientCredentialType="Windows"/>
</security>
</binding>
<binding name="StreamBindingBasic" closeTimeout="00:01:00" openTimeout="00:01:00"
receiveTimeout="00:10:00" sendTimeout="00:01:00" allowCookies="true"
maxBufferSize="4194304" maxReceivedMessageSize="4194304" messageEncoding="Mtom"
transferMode="StreamedResponse">
<security mode="TransportCredentialOnly">
<transport clientCredentialType="Basic"/>
</security>
</binding>
<binding name="StreamBindingDigest" closeTimeout="00:01:00" openTimeout="00:01:00"
receiveTimeout="00:10:00" sendTimeout="00:01:00" allowCookies="true"
maxBufferSize="4194304" maxReceivedMessageSize="4194304" messageEncoding="Mtom"
transferMode="StreamedResponse">
<security mode="TransportCredentialOnly">
<transport clientCredentialType="Digest"/>
</security>
</binding>
<binding name="StreamBindingNtlm" closeTimeout="00:01:00" openTimeout="00:01:00"
receiveTimeout="00:10:00" sendTimeout="00:01:00" allowCookies="true"
maxBufferSize="4194304" maxReceivedMessageSize="4194304" messageEncoding="Mtom"
transferMode="StreamedResponse">
<security mode="TransportCredentialOnly">
<transport clientCredentialType="Ntlm"/>
<message clientCredentialType="UserName" algorithmSuite="Default" />
</security>
</binding>
<binding name="TextStreamBindingNoSecurity" closeTimeout="00:01:00" openTimeout="00:01:00"
receiveTimeout="00:10:00" sendTimeout="00:01:00" allowCookies="true"
maxBufferSize="4194304" maxReceivedMessageSize="4194304" messageEncoding="Text"
transferMode="StreamedResponse">
</binding>
<binding name="StreamBindingHttps" closeTimeout="00:01:00" openTimeout="00:01:00"
receiveTimeout="00:10:00" sendTimeout="00:01:00" allowCookies="true"
maxBufferSize="4194304" maxReceivedMessageSize="4194304" messageEncoding="Mtom"
transferMode="StreamedResponse">
<security mode="Transport">
<transport clientCredentialType="Windows"/>
</security>
</binding>
<binding name="StreamBindingHttpsBasic" closeTimeout="00:01:00" openTimeout="00:01:00"
receiveTimeout="00:10:00" sendTimeout="00:01:00" allowCookies="true"
maxBufferSize="4194304" maxReceivedMessageSize="4194304" messageEncoding="Mtom"
transferMode="StreamedResponse">
<security mode="Transport">
<transport clientCredentialType="Basic"/>
</security>
</binding>
<binding name="StreamBindingHttpsDigest" closeTimeout="00:01:00" openTimeout="00:01:00"
receiveTimeout="00:10:00" sendTimeout="00:01:00" allowCookies="true"
maxBufferSize="4194304" maxReceivedMessageSize="4194304" messageEncoding="Mtom"
transferMode="StreamedResponse">
<security mode="Transport">
<transport clientCredentialType="Digest"/>
</security>
</binding>
<binding name="StreamBindingHttpsNtlm" closeTimeout="00:01:00" openTimeout="00:01:00"
receiveTimeout="00:10:00" sendTimeout="00:01:00" allowCookies="true"
maxBufferSize="4194304" maxReceivedMessageSize="4194304" messageEncoding="Mtom"
transferMode="StreamedResponse">
<security mode="Transport">
<transport clientCredentialType="Ntlm"/>
<message clientCredentialType="UserName" algorithmSuite="Default" />
</security>
</binding>
<binding name="TextStreamBindingHttpsNoSecurity" closeTimeout="00:01:00" openTimeout="00:01:00"
receiveTimeout="00:10:00" sendTimeout="00:01:00" allowCookies="true"
maxBufferSize="4194304" maxReceivedMessageSize="4194304" messageEncoding="Text"
transferMode="StreamedResponse">
<security mode="Transport">
<transport clientCredentialType="None"/>
</security>
</binding>
<binding name="mexHttpBinding">
<security mode="TransportCredentialOnly">
<transport clientCredentialType="Windows" proxyCredentialType="Windows"/>
</security>
</binding>
<binding name="mexNtlmHttpBinding">
<security mode="TransportCredentialOnly">
<transport clientCredentialType="Ntlm" proxyCredentialType="Ntlm"/>
</security>
</binding>
</basicHttpBinding>
</bindings>
<!--For debugging purposes set the includeExceptionDetailInFaults attribute to true-->
<behaviors>
<serviceBehaviors>
<behavior name="CellStorageServiceBehavior">
<serviceMetadata httpGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
</behavior>
<behavior name="CellStorageServiceHttpsBehavior">
<serviceMetadata httpsGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
</behavior>
<behavior name="ClaimProviderWebServiceBehavior" >
<serviceMetadata httpGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="false" />
</behavior>
<behavior name="HttpsClaimProviderWebServiceBehavior" >
<serviceMetadata httpsGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="false" />
</behavior>
</serviceBehaviors>
<endpointBehaviors>
<behavior name="HttpBinding.LargeDataEndpointBehavior">
<dataContractSerializer maxItemsInObjectGraph="2147483647" />
</behavior>
</endpointBehaviors>
</behaviors>
这种从Windows 8应用程序调用服务的方式
private async void ConfigureHttpsProxy()
{
try
{
SecurityBindingElement securityElement = SecurityBindingElement.CreateUserNameOverTransportBindingElement();
HttpsTransportBindingElement httpsTransport = new HttpsTransportBindingElement();
httpsTransport.AuthenticationScheme = System.Net.AuthenticationSchemes.Ntlm;
CustomBinding binding = new CustomBinding(securityElement, httpsTransport);
binding.Name = "StreamBindingHttps";
EndpointAddress remoteAddress = new EndpointAddress(addressHttps);
var client = new ServiceHosted.ServiceHostedClient(binding, remoteAddress);
client.ClientCredentials.UserName.UserName = "UserName";
client.ClientCredentials.Windows.ClientCredential = CredentialCache.DefaultNetworkCredentials;
var result = await client.GetUserAsync("ahmed", "123456");
var x = result.DepartmentName;
}
catch { }
}
答案 0 :(得分:1)
经过数周的搜索结果如下:
NTLM解决方案步骤: 1-从中心管理员: 中心管理: NT Authority \ local - &gt;完全控制 当前用户 - &gt;完全控制
身份验证提供程序 声明基于身份验证 - &gt;默认 启用匿名访问 启用窗口 - &gt; Kerberos的
2-来自网络配置: 将以下节点添加到服务的serviceBehaviors行为节点。
3-从客户端: _serviceClient.ClientCredentials.Windows.ClientCredential = new System.Net.NetworkCredential(&#34; username&#34;,&#34; password&#34;); _serviceClient.ClientCredentials.Windows.AllowedImpersonationLevel = System.Security.Principal.TokenImpersonationLevel.Delegation;
4-从服务方面: 在网站上启用模拟。要么为整个站点启用ASP.NET模拟,要么使用WindowsIdentity.Impersonate(令牌)临时在网站内模拟用户。 将以下属性添加到需要模拟的WCF服务中的每个方法。 [OperationBehavior(Impersonation = ImpersonationOption.Allowed)]
更多详情返回链接: http://blogs.msdn.com/b/knowledgecast/archive/2007/01/31/the-double-hop-problem.aspx