WCF AllowNTLM .net 3.5sp1和IIS7.5

时间:2011-02-08 09:11:34

标签: wcf kerberos

我使用WCF收到以下错误,在另一台服务器上调用WCF服务。

  

错误(请求已取消)   在传输数据时发生   HTTP频道。

以下服务在.net3上的IIS7 Box上运行,但我们最近已升级到IIS7.5和.net 3.5sp1,如果我从Config中删除AllowNtlm属性,则调用会进一步但不会通过允许对数据库进行双跳的服务,然后我得到了跟随错误。

  

'NT AUTHORITY \ ANONYMOUS LOGON'。

我附上了客户端app.config的副本,该副本使用iis7,但

<?xml version="1.0" encoding="UTF-8"?>
<configuration>

  <system.serviceModel>
    <behaviors>
      <endpointBehaviors>
        <behavior name="Windows">
          <clientCredentials>
            <windows allowNtlm="false" allowedImpersonationLevel="Delegation"/>
          </clientCredentials>
          <dataContractSerializer maxItemsInObjectGraph="4194304"></dataContractSerializer>
        </behavior>
      </endpointBehaviors>
    </behaviors>
    <bindings>
      <basicHttpBinding>
        <binding allowCookies="false" bypassProxyOnLocal="false" closeTimeout="00:01:00" hostNameComparisonMode="StrongWildcard" maxBufferPoolSize="524288" maxBufferSize="4194304" maxReceivedMessageSize="4194304" messageEncoding="Text" name="BasicHttpBinding_CalculationWebService" openTimeout="00:01:00" receiveTimeout="00:30:00" sendTimeout="00:10:00" textEncoding="utf-8" transferMode="Buffered" useDefaultWebProxy="true">
          <readerQuotas maxArrayLength="16384" maxBytesPerRead="4096" maxDepth="32" maxNameTableCharCount="16384" maxStringContentLength="8192"></readerQuotas>
          <security mode="TransportCredentialOnly">
            <message algorithmSuite="Default" clientCredentialType="UserName"></message>
            <transport clientCredentialType="Windows" proxyCredentialType="None" realm=""></transport>
          </security>
        </binding>
      </basicHttpBinding>
    </bindings>
    <client>
      <endpoint address="http://server1.domain/WebServices/CacheManagement/CacheBusinessService.svc" behaviorConfiguration="Windows" binding="basicHttpBinding" bindingConfiguration="BasicHttpBinding_CacheWebService" contract="CacheWCFService.CacheWebService" name="BasicHttpBinding_CacheWebService">
        <identity>
          <servicePrincipalName value="http/server1.domain"></servicePrincipalName>
        </identity>
      </endpoint>
    </client>
  </system.serviceModel>
</configuration>

这是Server Config,有什么想法吗?

<?xml version="1.0"?>
<configuration>
  <system.serviceModel>
    <services>
      <service behaviorConfiguration="CacheManagementBehavior" name="Iris.WebServices.CacheManagement.CacheWebService">
        <endpoint address="" behaviorConfiguration="" binding="basicHttpBinding"
         bindingConfiguration="basicHttpBinding_CacheManagement" contract="Iris.WebServices.CacheManagement.CacheWebService" />
        <endpoint address="mex" behaviorConfiguration="" binding="basicHttpBinding"
         bindingConfiguration="basicHttpBinding_CacheManagement" contract="IMetadataExchange" />
      </service>
    </services>
    <bindings>
      <basicHttpBinding>
        <binding name="basicHttpBinding_CacheManagement" maxReceivedMessageSize="4194304" receiveTimeout="00:30:00">
          <security mode="TransportCredentialOnly">
            <transport clientCredentialType="Windows"/>
            <message clientCredentialType="UserName"/>
          </security>
        </binding>
      </basicHttpBinding>
    </bindings>
    <behaviors>
      <serviceBehaviors>
        <behavior name="CacheManagementBehavior">
          <dataContractSerializer maxItemsInObjectGraph="4194304" ignoreExtensionDataObject="True"/>
          <serviceMetadata httpGetEnabled="True"/>
          <serviceDebug httpHelpPageEnabled="true" includeExceptionDetailInFaults="true"/>
          <serviceAuthorization impersonateCallerForAllOperations="true"/>
        </behavior>a
      </serviceBehaviors>
    </behaviors>
  </system.serviceModel>
</configuration>

1 个答案:

答案 0 :(得分:2)

我们设法通过从配置

中删除ServicePrincipleName来解决此问题 
<?xml version="1.0" encoding="UTF-8"?>
<configuration>

  <system.serviceModel>
    <behaviors>
      <endpointBehaviors>
        <behavior name="Windows">
          <clientCredentials>
            <windows allowNtlm="false" allowedImpersonationLevel="Delegation"/>
          </clientCredentials>
          <dataContractSerializer maxItemsInObjectGraph="4194304"></dataContractSerializer>
        </behavior>
      </endpointBehaviors>
    </behaviors>
    <bindings>
      <basicHttpBinding>
        <binding allowCookies="false" bypassProxyOnLocal="false" closeTimeout="00:01:00" hostNameComparisonMode="StrongWildcard" maxBufferPoolSize="524288" maxBufferSize="4194304" maxReceivedMessageSize="4194304" messageEncoding="Text" name="BasicHttpBinding_CalculationWebService" openTimeout="00:01:00" receiveTimeout="00:30:00" sendTimeout="00:10:00" textEncoding="utf-8" transferMode="Buffered" useDefaultWebProxy="true">
          <readerQuotas maxArrayLength="16384" maxBytesPerRead="4096" maxDepth="32" maxNameTableCharCount="16384" maxStringContentLength="8192"></readerQuotas>
          <security mode="TransportCredentialOnly">
            <message algorithmSuite="Default" clientCredentialType="UserName"></message>
            <transport clientCredentialType="Windows" proxyCredentialType="None" realm=""></transport>
          </security>
        </binding>
      </basicHttpBinding>
    </bindings>
    <client>
      <endpoint address="http://server1.domain/WebServices/CacheManagement/CacheBusinessService.svc" behaviorConfiguration="Windows" binding="basicHttpBinding" bindingConfiguration="BasicHttpBinding_CacheWebService" contract="CacheWCFService.CacheWebService" name="BasicHttpBinding_CacheWebService" />
    </client>
  </system.serviceModel>
</configuration>
相关问题
最新问题