我已将一个WCF服务发布到IIS,以便可以使用正确的凭据公开访问它。在过去的几天里,我一直在努力让服务在我公司的网络之外工作。但我所做的一切都没有效果。
在我的公司网络中,我可以调用该服务并使用它而不会出现问题。我可以通过浏览器在外部找到服务。当我尝试在网络外的代码中使用该服务时,我收到错误消息:
The HTTP request is unauthorized with client authentication scheme 'Ntlm'. The authentication header received from the server was 'NTLM'.
在我将身份验证提供程序重新排序为Ntlm然后进行协商后,出现了该错误。
我缺少什么,以便公司网络外的客户可以访问该服务?
控制台应用程序中的测试App.Config
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<startup>
<supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.5" />
</startup>
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="BasicHttpEndpoint">
<security mode="Transport">
<transport clientCredentialType="Ntlm" />
</security>
</binding>
</basicHttpBinding>
</bindings>
<client>
<endpoint address="https://<iis server>/services/360Review/ReviewSvc.svc"
binding="basicHttpBinding" bindingConfiguration="BasicHttpEndpoint"
contract="WebSTGReviewReference.IReviewSvc" name="BasicHttpEndpoint" />
</client>
</system.serviceModel>
</configuration>
控制台应用程序中的测试程序
enter code here
EndpointAddress endpoint = new EndpointAddress("https://<BizTalk server>/<service folder>/ReviewSvc.svc");
BasicHttpsBinding binding = new BasicHttpsBinding();
binding.Security.Mode = BasicHttpsSecurityMode.Transport;
binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Ntlm;
try
{
ServiceReference.ReviewSvcClient client = new ServiceReference.ReviewSvcClient(binding, endpoint);
ServiceReference.ActivityType act = client.GetActivityTypes()[0];
Console.WriteLine("Test 1 Complete");
}
catch (Exception e)
{
Console.WriteLine(e.Message);
if (e.InnerException != null)
Console.WriteLine(e.InnerException.Message);
}
IIS上的WCF服务的Web.Config
<configuration>
<appSettings>
<add key="aspnet:UseTaskFriendlySynchronizationContext" value="true" />
</appSettings>
<system.web>
<compilation targetFramework="4.5" />
<httpRuntime targetFramework="4.5"/>
<authentication mode="Windows"></authentication>
<customErrors mode="Off"/>
</system.web>
<system.serviceModel>
<client>
<endpoint address="https://<BizTalk Server>/<service folder>/ReviewSvc.svc"
binding="basicHttpBinding" bindingConfiguration="BasicHttpsBinding_IReviewSvc"
contract="BTReviewSvc.IReviewSvc" name="BasicHttpsBinding_IReviewSvc" />
</client>
<bindings>
<basicHttpBinding>
<binding name="BasicBinding">
<security mode="TransportCredentialOnly">
<transport clientCredentialType="Ntlm" />
</security>
</binding>
<binding name="SSLBinding">
<security mode="Transport">
<transport clientCredentialType="Ntlm" />
</security>
</binding>
<binding name="BasicHttpsBinding_IReviewSvc">
<security mode="Transport">
<transport clientCredentialType="Ntlm"/>
</security>
</binding>
</basicHttpBinding>
</bindings>
<services>
<service behaviorConfiguration="<namespace>.ReviewSvcBehavior" name="<namespace>.ReviewSvc">
<endpoint address="" binding="basicHttpBinding" bindingConfiguration="SSLBinding" name="BasicHttpEndpoint" contract="<namespace>.IReviewSvc"></endpoint>
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="<namespace>.ReviewSvcBehavior">
<!-- To avoid disclosing metadata information, set the values below to false before deployment -->
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true"/>
<!-- To receive exception details in faults for debugging purposes, set the value below to true. Set to false before deployment to avoid disclosing exception information -->
<serviceDebug includeExceptionDetailInFaults="true"/>
</behavior>
</serviceBehaviors>
</behaviors>
<protocolMapping>
<add binding="basicHttpsBinding" scheme="https" />
</protocolMapping>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" />
</system.serviceModel>
<system.webServer>
<modules runAllManagedModulesForAllRequests="true"/>
<!--
To browse web app root directory during debugging, set the value below to true.
Set to false before deployment to avoid disclosing web app folder information.
-->
<directoryBrowse enabled="true"/>
</system.webServer>
</configuration>