在.NET 4上,WCF调用通过HTTPS获取“访问被拒绝”

时间:2010-11-22 21:03:26

标签: wcf https wcf-binding wcf-security asp.net-4.0

之前从未出现过问题,但在升级到.NET 4之后,我在尝试通过HTTPS调用WCF方法时收到“Access is Denied”。如果我使用HTTP而不是HTTPS,一切正常。任何可能的解决方案?如果需要,我可以提供更具体的信息。

的web.config

    <system.serviceModel>
            <behaviors>
              <serviceBehaviors>
                <behavior name="some_product.SomeServiceAspNetAjaxBehavior">
                  <serviceDebug includeExceptionDetailInFaults="true" />
                </behavior>
              </serviceBehaviors>
              <endpointBehaviors>
                <behavior name="some_product.SomeServiceAspNetAjaxBehavior">
                  <enableWebScript />
                </behavior>
              </endpointBehaviors>
            </behaviors>
            <serviceHostingEnvironment aspNetCompatibilityEnabled="true"/>
            <services>
              <service name="some_product.SomeService">
                <endpoint address="" behaviorConfiguration="some_product.SomeServiceAspNetAjaxBehavior" bindingConfiguration="BasicHttpBinding_SomeService" binding="webHttpBinding" contract="some_product.SomeService"/>
              </service>
            </services>
            <bindings>
              <basicHttpBinding>        
<binding name="BasicHttpsBinding_SomeService" closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00" allowCookies="true" bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard" maxBufferSize="65536" maxBufferPoolSize="524288" maxReceivedMessageSize="65536" messageEncoding="Text" textEncoding="utf-8" transferMode="Buffered" useDefaultWebProxy="true">
       <readerQuotas maxDepth="32" maxStringContentLength="8192" 
                     maxArrayLength="16384" maxBytesPerRead="4096" 
                     maxNameTableCharCount="16384"/>
       <security mode="Transport">
          <transport clientCredentialType="Windows" 
                     proxyCredentialType="None" realm=""/>
        </security>
     </binding>
                <binding name="BasicHttpBinding_SomeService" closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00" allowCookies="true" bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard" maxBufferSize="65536" maxBufferPoolSize="524288" maxReceivedMessageSize="65536" messageEncoding="Text" textEncoding="utf-8" transferMode="Buffered" useDefaultWebProxy="true">
                  <readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384" maxBytesPerRead="4096" maxNameTableCharCount="16384"/>
                  <security mode="None">
                    <transport clientCredentialType="None" proxyCredentialType="None" realm=""/>
                    <message clientCredentialType="UserName" algorithmSuite="Default"/>
                  </security>
                </binding>
              </basicHttpBinding>
              <webHttpBinding>
                <binding name="BasicHttpBinding_SomeService" maxReceivedMessageSize="300000" allowCookies="true"  >
                  <readerQuotas maxStringContentLength="300000" />
                </binding>
              </webHttpBinding>
            </bindings>
            <client>
              <endpoint address="/someurl/SomeService.svc" binding="webHttpBinding" bindingConfiguration="BasicHttpBinding_SomeService" contract="some_product.SomeService" name="BasicHttpBinding_SomeService"/>
<endpoint address="/someurl/SomeService.svc" binding="webHttpBinding" bindingConfiguration="BasicHttpsBinding_SomeService" contract="some_product.SomeService" name="BasicHttpsBinding_SomeService"/>
            </client>
          </system.serviceModel>

注意:通过HTTP完美地工作。问题仅存在于HTTPS下。

1 个答案:

答案 0 :(得分:1)

使用您的设置,您没有定义安全性 - 因此您只能使用http:

进行连接
<basicHttpBinding>        
    <binding name="BasicHttpBinding_SomeService" .....>
       <readerQuotas maxDepth="32" maxStringContentLength="8192" 
                     maxArrayLength="16384" maxBytesPerRead="4096" 
                     maxNameTableCharCount="16384"/>
       <security mode="None">
          <transport clientCredentialType="None" proxyCredentialType="None" realm=""/>
          <message clientCredentialType="UserName" algorithmSuite="Default"/>
        </security>
     </binding>
 </basicHttpBinding>

如果您想使用https,则需要启用传输安全性:

<basicHttpBinding>        
    <binding name="BasicHttpBinding_Secure" .....>
       <readerQuotas ..../>
       <security mode="Transport">
          <transport clientCredentialType="Windows" 
                     proxyCredentialType="None" realm=""/>
        </security>
     </binding>
 </basicHttpBinding>

更新现在您已经定义了您的安全HTTPS绑定配置:

<bindings>
   <basicHttpBinding>
        <binding name="BasicHttpsBinding_SomeService" ......>
            <readerQuotas ......../>
            <security mode="Transport">
                <transport clientCredentialType="Windows" 
                           proxyCredentialType="None" realm=""/>
            </security>

当然,您还需要配置端点以使用该绑定配置!

<services>
   <service name="some_product.SomeService">
      <endpoint 
           address="" 
           behaviorConfiguration="some_product.SomeServiceAspNetAjaxBehavior" 
           binding="webHttpBinding" 
           bindingConfiguration="BasicHttpBinding_SomeService" 
           contract="some_product.SomeService"/>

      <!-- add this endpoint !! -->       
      <endpoint 
           address="secure" 
           binding="basicHttpBinding" 
           bindingConfiguration="BasicHttpsBinding_SomeService" 
           contract="some_product.SomeService"/>
    </service>
 </services>

仅定义绑定配置而没有实际引用它的端点并没有真正帮助......