我目前在一个现有的(继承的)系统中遇到了一些问题,这个系统在几个月前没有问题(它最后一次使用)。现在我们再次使用它,它似乎产生了这个错误"安全协议无法验证收到的消息。"
代码库通过UserProxy服务创建连接,用于用户身份验证。
我一直在寻找一些解决方案,但还没有想出任何有助于我的特殊情况的东西。特别令人费解的是,似乎任何一组代码都没有改变,因为它正在工作。有人有什么建议吗?
如前所述,这是一个继承的系统,我通常不会与WCF合作,所以请原谅我的无知。 :)
客户端配置:
<system.serviceModel>
<client>
<endpoint address="http://t5tag.circuitlink.com.au/UserService" binding="clearUsernameBinding" bindingConfiguration="myClearUsernameBinding" contract="UserProxy.IUserService" name="userService_Tcp" />
<endpoint address="http://t5tag.circuitlink.com.au/StaffService" binding="clearUsernameBinding" bindingConfiguration="myClearUsernameBinding" contract="StaffProxy.IStaffService" name="StaffService_Tcp" />
</client>
<extensions>
<bindingExtensions>
<add name="clearUsernameBinding" type="CL.External.Lib.Wcf.BindingExtension.WS.ClearUsernameCollectionElement, CL.External.Lib" />
</bindingExtensions>
</extensions>
<bindings>
<customBinding>
<binding name="userService_Tcp">
<textMessageEncoding messageVersion="Soap12" />
<httpTransport />
</binding>
<binding name="StaffService_Tcp">
<textMessageEncoding messageVersion="Soap12" />
<httpTransport />
</binding>
</customBinding>
<clearUsernameBinding>
<binding name="myClearUsernameBinding" messageVersion="Soap12" />
</clearUsernameBinding>
</bindings>
<!-- Added diagnostics -->
<diagnostics>
<messageLogging logEntireMessage="true" logMalformedMessages="true"
logMessagesAtTransportLevel="true" />
</diagnostics>
</system.serviceModel>
服务器配置:
<system.serviceModel>
<bindings>
<clearUsernameBinding>
<binding name="myClearUsernameBinding" messageVersion="Soap12">
</binding>
</clearUsernameBinding>
</bindings>
<services>
<service behaviorConfiguration="ServiceBehavior" name="CL.Web.Service.StaffService">
<endpoint binding="clearUsernameBinding" bindingConfiguration="myClearUsernameBinding"
name="StaffService_Tcp" contract="CL.Web.Service.IStaffService" />
<host>
<baseAddresses>
<add baseAddress="http://t5tag.circuitlink.com.au/StaffService" />
</baseAddresses>
</host>
</service>
<service behaviorConfiguration="ServiceBehavior" name="CL.Web.Service.UserService">
<endpoint binding="clearUsernameBinding" bindingConfiguration="myClearUsernameBinding"
name="userService_Tcp" contract="CL.Web.Service.IUserService" />
<host>
<baseAddresses>
<add baseAddress="http://t5tag.circuitlink.com.au/UserService" />
</baseAddresses>
</host>
</service>
</services>
<extensions>
<bindingExtensions>
<add name="clearUsernameBinding" type="CL.External.Lib.Wcf.BindingExtension.WS.ClearUsernameCollectionElement, CL.External.Lib" />
</bindingExtensions>
</extensions>
<behaviors>
<serviceBehaviors>
<behavior name="ServiceBehavior">
<serviceDebug httpHelpPageEnabled="true" includeExceptionDetailInFaults="true" />
<serviceMetadata httpGetEnabled="true" />
<serviceCredentials>
<userNameAuthentication userNamePasswordValidationMode="Custom" customUserNamePasswordValidatorType="CL.Web.Service.CustomUserNameValidator, CL.Web.Service" />
</serviceCredentials>
</behavior>
</serviceBehaviors>
</behaviors>
</system.serviceModel>
客户端已发送消息:
<?xml version="1.0" encoding="UTF-8"?>
<E2ETraceEvent xmlns="http://schemas.microsoft.com/2004/06/E2ETraceEvent">
<System xmlns="http://schemas.microsoft.com/2004/06/windows/eventlog/system">
<EventID>0</EventID>
<Type>3</Type>
<SubType Name="Information">0</SubType>
<Level>8</Level>
<TimeCreated SystemTime="2015-08-07T01:45:53.7958411Z" />
<Source Name="System.ServiceModel.MessageLogging" />
<Correlation ActivityID="{4cc6b3ad-4bd2-408a-b28c-ff5bba0e163e}" />
<Execution ProcessName="TagReader" ProcessID="3656" ThreadID="1" />
<Channel />
<Computer>PC70-PETER</Computer>
</System>
<ApplicationData>
<TraceData>
<DataItem>
<MessageLogTraceRecord xmlns="http://schemas.microsoft.com/2004/06/ServiceModel/Management/MessageTrace" Time="2015-08-07T11:45:53.7958411+10:00" Source="TransportSend" Type="System.ServiceModel.Security.SecurityAppliedMessage">
<Addressing>
<Action>http://tempuri.org/IUserService/Login</Action>
<To>http://t5tag.circuitlink.com.au/UserService</To>
</Addressing>
<s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<s:Header>
<ActivityId xmlns="http://schemas.microsoft.com/2004/09/ServiceModel/Diagnostics" CorrelationId="a2314719-a98b-4f07-8a26-c93809fed70f">4cc6b3ad-4bd2-408a-b28c-ff5bba0e163e</ActivityId>
<o:Security xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" s:mustUnderstand="1">
<u:Timestamp u:Id="_0">
<u:Created>2015-08-07T01:45:53.599Z</u:Created>
<u:Expires>2015-08-07T01:50:53.599Z</u:Expires>
</u:Timestamp>
<o:UsernameToken u:Id="uuid-11d6aeee-d0be-4888-868a-bae4c274d9f3-2">
<o:Username>
<!-- Removed-->
</o:Username>
<o:Password>
<!-- Removed-->
</o:Password>
</o:UsernameToken>
</o:Security>
</s:Header>
<s:Body>
<Login xmlns="http://tempuri.org/">
<username>XXXX@XXXX</username>
<password>XXXX</password>
</Login>
</s:Body>
</s:Envelope>
</MessageLogTraceRecord>
</DataItem>
</TraceData>
</ApplicationData>
</E2ETraceEvent>
服务器错误:
<?xml version="1.0" encoding="UTF-8"?>
<E2ETraceEvent xmlns="http://schemas.microsoft.com/2004/06/E2ETraceEvent">
<System xmlns="http://schemas.microsoft.com/2004/06/windows/eventlog/system">
<EventID>458802</EventID>
<Type>3</Type>
<SubType Name="Warning">0</SubType>
<Level>4</Level>
<TimeCreated SystemTime="2015-08-07T01:46:00.1099767Z" />
<Source Name="System.ServiceModel" />
<Correlation ActivityID="{4cc6b3ad-4bd2-408a-b28c-ff5bba0e163e}" />
<Execution ProcessName="CL.Web.Service" ProcessID="14168" ThreadID="9" />
<Channel />
<Computer>CLAPPSERVER</Computer>
</System>
<ApplicationData>
<TraceData>
<DataItem>
<TraceRecord xmlns="http://schemas.microsoft.com/2004/10/E2ETraceEvent/TraceRecord" Severity="Warning">
<TraceIdentifier>http://msdn.microsoft.com/en-US/library/System.ServiceModel.Security.SecurityBindingVerifyIncomingMessageFailure.aspx</TraceIdentifier>
<Description>The security protocol cannot verify the incoming message.</Description>
<AppDomain>CL.Web.Service.exe</AppDomain>
<ExtendedData xmlns="http://schemas.microsoft.com/2006/08/ServiceModel/SecurityProtocolTraceRecord">
<SecurityProtocol>System.ServiceModel.Security.TransportSecurityProtocol</SecurityProtocol>
<Action>http://tempuri.org/IUserService/Login</Action>
<To>http://t5tag.circuitlink.com.au/UserService</To>
</ExtendedData>
</TraceRecord>
</DataItem>
</TraceData>
</ApplicationData>
</E2ETraceEvent>
编辑:以下是自定义绑定的详细信息&lt; clearUsernameBinding&#39; ...
namespace CL.External.Lib.Wcf.BindingExtension.WS
{
public class ClearUsernameBinding : CustomBinding
{
private MessageVersion messageVersion = MessageVersion.None;
public void SetMessageVersion(MessageVersion value)
{
this.messageVersion = value;
}
public override BindingElementCollection CreateBindingElements()
{
var res = new BindingElementCollection();
res.Add(new TextMessageEncodingBindingElement() { MessageVersion = this.messageVersion });
res.Add(SecurityBindingElement.CreateUserNameOverTransportBindingElement());
res.Add(new AutoSecuredHttpTransportElement());
return res;
}
public override string Scheme
{
get
{
return "http";
}
}
}
}