好的,我真的需要帮助来获得这个设置。目前我已经安装了ssl证书。我在iis中安装了一个wcf服务作为应用程序。我已将其设置为需要ssl,我能够连接到该服务。问题是我想要Windows身份验证。我想禁用匿名安全。很快我禁用匿名并保持Windows身份验证。我收到一个错误: "在主机上配置的身份验证方案(' IntegratedWindowsAuthentication')不允许在绑定' BasicHttpBinding'上配置的身份验证方案。 ('匿名&#39)。请确保将SecurityMode设置为Transport或TransportCredentialOnly.etc等...."
当我用Windows身份验证恢复匿名时。是的我可以访问该服务,但它没有使用Windows身份验证..它很奇怪,因为其他文件,如test.html,例如仍然需要用户名/密码。我不知道如何使用ssl正确限制Windows身份验证的Web服务...任何人都可以帮助我?请
<?xml version="1.0"?>
<configuration>
<system.web>
<compilation debug="true" strict="false" explicit="true" targetFramework="4.0" />
<customErrors mode="Off"/>
</system.web>
<system.serviceModel>
<bindings>
<wsHttpBinding>
<binding name="TransportSecurity">
<security mode="Transport">
<transport clientCredentialType="Windows" />
</security>
<readerQuotas maxDepth="2147483647"
maxStringContentLength="2147483647"
maxArrayLength="2147483647"
maxBytesPerRead="2147483647"
maxNameTableCharCount="2147483647" />
</binding>
</wsHttpBinding>
</bindings>
<services>
<service name="WcfConcur.ConcurService">
<endpoint address=""
binding="wsHttpBinding"
bindingConfiguration="TransportSecurity"
contract="WcfConcur.IConcurService"/>
<endpoint address="mex"
binding="mexHttpsBinding"
contract="IMetadataExchange" />
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior>
<!-- To avoid disclosing metadata information, set the value below to false and remove the metadata endpoint above before deployment -->
<serviceMetadata httpsGetEnabled="true"/>
<!-- To receive exception details in faults for debugging purposes, set the value below to true. Set to false before deployment to avoid disclosing exception information -->
<serviceDebug includeExceptionDetailInFaults="true"/>
</behavior>
</serviceBehaviors>
</behaviors>
<serviceHostingEnvironment multipleSiteBindingsEnabled="true" />
</system.serviceModel>
<system.webServer>
<modules runAllManagedModulesForAllRequests="true"/>
</system.webServer>
</configuration>
在客户端,我添加了对wcf的引用。它会自动下载。事情是我托管的初始wcf地址是https://address/whatever.svc,当它下载时会显示http://internal地址,我不知道这是不是问题
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<startup>
<supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.0,Profile=Client" />
</startup>
<system.serviceModel>
<client>
<endpoint address="http://internal address/wcfConcurService/ConcurService.svc"
binding="basicHttpBinding" bindingConfiguration="BasicHttpBinding_IConcurService"
contract="wcfConcurRef.IConcurService" name="BasicHttpBinding_IConcurService" />
</client>
<bindings>
<basicHttpBinding>
<binding name="BasicHttpBinding_IConcurService" />
</basicHttpBinding>
</bindings>
</system.serviceModel>
</configuration>
答案 0 :(得分:0)
当禁用匿名访问时,抛出的错误消息似乎表明客户端配置存在问题。
客户端配置似乎使用的basicHttpBinding
与使用wsHttpBinding
的服务器配置不同。要解决绑定问题,应将服务器绑定配置复制到客户端配置文件,然后更新客户端端点以使用新的绑定配置。
您的客户端配置应如下所示:
<system.serviceModel>
<client>
<endpoint address="https://enter-external-address-here/wcfConcurService/ConcurService.svc"
binding="wsHttpBinding" bindingConfiguration="TransportSecurity"
contract="wcfConcurRef.IConcurService" name="BasicHttpBinding_IConcurService" />
</client>
<bindings>
<wsHttpBinding>
<binding name="TransportSecurity">
<security mode="Transport">
<transport clientCredentialType="Windows" />
</security>
</binding>
</wsHttpBinding>
</bindings>
</system.serviceModel>