WCF-TransportWithMessageCredential使用客户端身份验证方案“匿名”的HTTP请求未经授权

时间:2019-04-23 18:43:32

标签: c# .net wcf authentication iis

我正在尝试使用UserName配置WCF身份验证,但是没有成功,我尝试了很多已经找到的解决方案,但是似乎没有任何用处。

  

HTTP请求未经客户端身份验证方案授权   '匿名'。从服务器收到的身份验证标头为   “协商,NTLM,基本领域=“ localhost””。

服务器设置

<system.serviceModel>
<bindings>
  <wsHttpBinding>
    <binding name="basicHttpBindingConfiguration">
      <security mode="TransportWithMessageCredential">
        <message clientCredentialType="UserName" negotiateServiceCredential="false" />
        <transport clientCredentialType="None" />
      </security>
    </binding>
  </wsHttpBinding>
</bindings>
<services>
  <service name="Namespace.Service" behaviorConfiguration="wsHttpBehavior">
    <endpoint binding="wsHttpBinding" bindingConfiguration="basicHttpBindingConfiguration" name="Soap" bindingNamespace="/WebServices" contract="Namespace.IService">
    </endpoint>
    <endpoint address="mex" binding="mexHttpsBinding" contract="IMetadataExchange" name="mex" />
  </service>
</services>
<behaviors>
  <serviceBehaviors>
    <behavior name="wsHttpBehavior">
      <serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />
      <serviceDebug includeExceptionDetailInFaults="false" />
      <serviceCredentials>
        <userNameAuthentication userNamePasswordValidationMode="Custom" customUserNamePasswordValidatorType="UserNamePasswordValidator, WebApplication" />
        <!--<serviceCertificate findValue="ServiceModelSamples-HTTPS-Server" storeLocation="LocalMachine" storeName="My" x509FindType="FindBySubjectName" />-->
      </serviceCredentials>
    </behavior>
  </serviceBehaviors>
</behaviors>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" />
</system.serviceModel>

在客户端

<system.serviceModel>
    <bindings>
        <wsHttpBinding>
            <binding name="Soap">
                <security mode="TransportWithMessageCredential">
                    <transport clientCredentialType="None" />
                    <message clientCredentialType="UserName" />
                </security>
            </binding>
        </wsHttpBinding>
    </bindings>
    <client>
        <endpoint address="https://localhost:85/WebServices/Service.svc"
            binding="wsHttpBinding" bindingConfiguration="Soap" contract="ServiceReference1.IService"
            name="Soap" />
    </client>
</system.serviceModel>

这是我的IIS配置 enter image description here

我找到的大多数解决方案都使用Windows传输,我只需要通过用户名进行身份验证。

我检查一下:

我尝试了安全性 mode =“ Message” 和安全性 mode =“ TransportWithMessageCredential” ,但未成功

我的客户代码如下:

 // Instantiate the proxy  
 var  proxy = new ServiceClient();

 proxy.ClientCredentials.UserName.UserName = "username";
 proxy.ClientCredentials.UserName.Password = "password";

任何人都可以检查我的配置并告诉我我设置错了吗?

编辑: 这是ASP.Net MVC5应用程序内部的服务,这也可能是问题吗?

1 个答案:

答案 0 :(得分:0)

customUserNamePasswordValidatorType 属性字符串可能存在问题,通常采用以下格式

customUserNamePasswordValidatorType="Namespace.MyCustUserNamePasswordVal,Namespace"

您可以访问托管服务的WSDL吗?另外,打开匿名身份验证就足够了,不需要启用其他身份验证。
这是我的配置,我使用WCF4.5支持的简化配置,希望它对您有用。

<system.serviceModel>
    <behaviors>
      <serviceBehaviors>
        <behavior>
          <serviceMetadata httpGetEnabled="true" httpsGetEnabled="true"/>
          <serviceDebug includeExceptionDetailInFaults="false"/>
          <serviceCredentials>
            <userNameAuthentication customUserNamePasswordValidatorType="WcfService1.CustUserNamePasswordVal,WcfService1" userNamePasswordValidationMode="Custom"/>
          </serviceCredentials>
        </behavior>
      </serviceBehaviors>
    </behaviors>
    <bindings>
      <wsHttpBinding>
        <binding>
          <security mode="TransportWithMessageCredential">
            <message clientCredentialType="UserName"/>
          </security>
        </binding>
      </wsHttpBinding>
    </bindings>
    <protocolMapping>
      <add binding="wsHttpBinding" scheme="https" />
    </protocolMapping>    
    <serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" />
  </system.serviceModel>

请随时告诉我是否有什么需要帮助的地方。