主机上配置的身份验证方案('Basic')不允许在绑定'BasicHttpsBinding'('Anonymous')

时间:2016-01-05 17:55:49

标签: c# wcf authentication

我已经创建了一个WCF 4.5服务并进行了部署。此服务是第三方提供的另一项服务的外观。如果我启用匿名身份验证,我可以访问我的服务,它工作正常。当我禁用匿名身份验证(仅启用基本身份)时,我的服务无法进行身份验证。 BTW:此服务器上的网页正在成功使用基本身份验证。

我经历过每篇SO文章都有类似的消息和问题,但没有一篇提供过成功的解决方案。出现此错误:

  

主机上配置的身份验证方案(“基本”)不会   允许在绑定'BasicHttpsBinding'上配置的那些   ('匿名')。请确保将SecurityMode设置为   运输或运输保险仅限。另外,这可能是   通过更改此应用程序的身份验证方案来解决   通过IIS管理工具,通过   ServiceHost.Authentication.AuthenticationSchemes属性,在   应用程序配置文件在   element,通过更新绑定上的ClientCredentialType属性,   或者通过调整AuthenticationScheme属性   HttpTransportBindingElement。

Web.config(括号中的名称描述而不是实际标签)

<configuration>

  <appSettings>
    <add key="aspnet:UseTaskFriendlySynchronizationContext" value="true" />
  </appSettings>

  <system.web>
    <compilation debug="true" targetFramework="4.5" />
    <httpRuntime targetFramework="4.5" />
    <customErrors mode="Off" />
  </system.web>

  <system.serviceModel>
    <client>
      <endpoint
         address="[HTTPS URL to 3rd-party service]"
         binding="basicHttpBinding"
         bindingConfiguration="[Configuration name of 3rd-party service]"
         contract="[Contract of 3rd-party service"
         name="[Name of 3rd-party service]" />
    </client>
    <services>
        <service name="[Name of my service]">
            <endpoint
              address="[HTTPS URL to my service]"
              binding="basicHttpsBinding"
              bindingConfiguration="[Configuration name for my service]"
              contract="[Contract name for my service]"
              name="[Binding name for my service]" />
        </service>
    </services>
    <bindings>
      <basicHttpBinding>
        <binding name="[Binding name for 3rd-party service]">
          <security mode="Transport" />
        </binding>
      </basicHttpBinding>
      <basicHttpsBinding>
        <binding name="[Binding name for my service]">
            <security mode="Transport">
                <transport
                  clientCredentialType="Basic"
                  proxyCredentialType="None"
                  realm="[Realm for my service]" />
            </security>
        </binding>
      </basicHttpsBinding>
    </bindings>
    <behaviors>
      <serviceBehaviors>
        <behavior>
          <!-- To avoid disclosing metadata information, set the values below to false before deployment -->
          <serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />
          <!-- To receive exception details in faults for debugging purposes, set the value below to true.  Set to false before deployment to avoid disclosing exception information -->
          <serviceDebug includeExceptionDetailInFaults="true" />
        </behavior>
      </serviceBehaviors>
    </behaviors>
    <protocolMapping>
        <add binding="basicHttpsBinding" scheme="https" />
    </protocolMapping>    
    <serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" />
  </system.serviceModel>

  <system.webServer>
    <modules runAllManagedModulesForAllRequests="true" />
    <validation validateIntegratedModeConfiguration="false" />
    <security>
       <authentication>
        <basicAuthentication enabled="true" defaultLogonDomain="[Domain for my service]" />
                <anonymousAuthentication enabled="false" />
       </authentication>
    </security>
    <directoryBrowse enabled="false" />
  </system.webServer>

    <system.diagnostics>
        <trace autoflush="true" indentsize="4">
            <listeners>
                <add name="WarrantyReturnService" type="System.Diagnostics.TextWriterTraceListener" initializeData="D:\Temp\WarrantyReturnService.log" />
                <remove name="Default" />
            </listeners>
        </trace>
    </system.diagnostics>

</configuration>

1 个答案:

答案 0 :(得分:0)

正如strictO1所示,问题是web.config和IIS设置不匹配。把它们放在一起解决了这个问题。