访问IIS 7中托管的WCF服务器的Windows服务代理客户端

时间:2011-07-20 04:11:27

标签: wcf iis-7 windows-services

我想要实现的目标是,我的Windows服务将在有/无用户登录的机器中定期运行,并将更新发送到远程机器(原始值)。在远程计算机上,WCF服务将回复格式化的值(如结果)并使用原始输入异步更新数据库。

Windows服务客户端(WCF客户端)=> IIS(WCF服务)=>数据库(异步) Windows服务客户端(WCF客户端)< = IIS(WCF服务)

我现在在做什么,我在IIS中托管了WCF服务但是我的Windows服务(WCF客户端)在验证和连接到WCF时遇到了问题。我知道Windows服务正在“LOCALSYSTEM”帐户下运行。但在我打电话之前,我冒充“网络服务”。

  • 这种情况在WCF中是否可行?

  • 我应该使用什么帐户?我可以在WCF客户端中对凭证进行硬编码吗?

  • 我尝试了自签名证书,但在浏览器中打开WSDL时,我在IIS端出现“未找到密钥集”的错误

我目前的绑定: * netTcpBinding * wsHttpBinding

  • 如何设置支持我目标的每个绑定?

在IIS中托管的WCF web.config:

<system.serviceModel>    
<bindings>
  <netTcpBinding>
    <binding name="CustomNetTcpBinding" closeTimeout="00:02:30" openTimeout="00:02:30"
      sendTimeout="00:02:30" listenBacklog="20" maxConnections="20">
      <readerQuotas maxDepth="512" maxStringContentLength="50000" maxArrayLength="50000"
        maxBytesPerRead="50000" maxNameTableCharCount="512" />
      <security mode="Transport" />
    </binding>
  </netTcpBinding>
  <wsHttpBinding>
    <binding name="CustomWsHttpBinding" closeTimeout="00:02:30" openTimeout="00:02:30"
      sendTimeout="00:02:30">
      <readerQuotas maxDepth="512" maxStringContentLength="50000" maxArrayLength="50000"
        maxBytesPerRead="50000" maxNameTableCharCount="512" />
    </binding>
  </wsHttpBinding>
</bindings>
<diagnostics>
  <messageLogging logMalformedMessages="false" logMessagesAtServiceLevel="false"
    logMessagesAtTransportLevel="false" />
</diagnostics>
<services>
  <service behaviorConfiguration="TestAppWcfServiceApp.Service1Behavior"
    name="TestAppWcfServerLib.TestAppServiceComposite2">
    <endpoint address="mexhttp" binding="mexHttpBinding" contract="IMetadataExchange" />
    <endpoint address="nettcp" binding="netTcpBinding" bindingConfiguration="CustomNetTcpBinding"
      contract="TestAppWcfServerLib.ITestAppServiceContract2" />
    <endpoint address="wshttp" binding="wsHttpBinding" bindingConfiguration="CustomWsHttpBinding"
      contract="TestAppWcfServerLib.ITestAppServiceContract2" />
    <host>
      <baseAddresses>
        <add baseAddress="net.tcp://localhost:8005/TestApp" />
        <add baseAddress="http://localhost/TestApp" />
      </baseAddresses>
      <timeouts openTimeout="00:02:30" />
    </host>
  </service>
</services>
<behaviors>
  <serviceBehaviors>
    <behavior name="TestAppWcfServiceApp.Service1Behavior">
      <serviceMetadata httpGetEnabled="true" httpsGetEnabled="false" />
      <serviceDebug includeExceptionDetailInFaults="true" />
    </behavior>
  </serviceBehaviors>
</behaviors>

Windows服务中的WCF客户端:

 <system.serviceModel>
    <bindings>
        <netTcpBinding>
            <binding name="NetTcpBinding_ITestAppServiceContract2" closeTimeout="00:01:00"
                openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00"
                transactionFlow="false" transferMode="Buffered" transactionProtocol="OleTransactions"
                hostNameComparisonMode="StrongWildcard" listenBacklog="10"
                maxBufferPoolSize="524288" maxBufferSize="65536" maxConnections="10"
                maxReceivedMessageSize="65536">
                <readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
                    maxBytesPerRead="4096" maxNameTableCharCount="16384" />
                <reliableSession ordered="true" inactivityTimeout="00:10:00"
                    enabled="false" />
                <security mode="Transport">
                    <transport clientCredentialType="Windows" protectionLevel="EncryptAndSign" />
                    <message clientCredentialType="Windows" />
                </security>
            </binding>
        </netTcpBinding>
        <wsHttpBinding>
            <binding name="WSHttpBinding_ITestAppServiceContract2" closeTimeout="00:01:00"
                openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00"
                bypassProxyOnLocal="false" transactionFlow="false" hostNameComparisonMode="StrongWildcard"
                maxBufferPoolSize="524288" maxReceivedMessageSize="65536"
                messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true"
                allowCookies="false">
                <readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
                    maxBytesPerRead="4096" maxNameTableCharCount="16384" />
                <reliableSession ordered="true" inactivityTimeout="00:10:00"
                    enabled="false" />
                <security mode="Message">
                    <transport clientCredentialType="Windows" proxyCredentialType="None"
                        realm="" />
                    <message clientCredentialType="Windows" negotiateServiceCredential="true"
                        algorithmSuite="Default" />
                </security>
            </binding>
        </wsHttpBinding>
    </bindings>
    <client>
        <endpoint address="net.tcp://ServerName/testtools/TestAppServApp.svc/nettcp"
            binding="netTcpBinding" bindingConfiguration="NetTcpBinding_ITestAppServiceContract2"
            contract="proxyClient.ITestAppServiceContract2" name="NetTcpBinding_ITestAppServiceContract2">
            <identity>
                <servicePrincipalName value="host/ServerName" />
            </identity>
        </endpoint>
        <endpoint address="http://ServerName/testtools/TestAppServApp.svc/wshttp"
            binding="wsHttpBinding" bindingConfiguration="WSHttpBinding_ITestAppServiceContract2"
            contract="proxyClient.ITestAppServiceContract2" name="WSHttpBinding_ITestAppServiceContract2">
            <identity>
                <servicePrincipalName value="host/ServerName" />
            </identity>
        </endpoint>
    </client>
</system.serviceModel>

我的设置:

  • 开发机器: •Windows 7 x64企业版 •VS2010 SP1 Ultimate

  • Windows 2008 SP2 x86企业版 •已激活WAS的IIS 7.0

1 个答案:

答案 0 :(得分:1)

您无法在不同域中的两台计算机之间可靠地使用Windows身份验证。实现这一目标的唯一方法是在两台机器上使用相同的密码调用相同的帐户。问题是他们没有可以保证凭据正确的共享可信安全机构

您应该切换到使用证书或用户名进行身份验证

相关问题
最新问题