我有一个用户使用ASP.NET Forms身份验证登录的Web应用程序。在Web应用程序中有一个Silverlight应用程序。 Silverlight应用程序在同一服务器上调用WCF Web服务。 WCF服务不允许匿名访问,因此每个服务功能都具有:
[PrincipalPermission(SecurityAction.Demand, Authenticated = true)]
当我在IIS上部署并使用HTTP时,所有这些都有效。
但是我想使用SSL,所以我尝试配置它。我在IIS中使用https绑定创建了一个网站。我可以使用https和ASP.NET Forms身份验证登录该站点。我可以下载Silverlight应用程序,但是当Silverlight尝试调用WCF Web服务(在同一服务器上,在/ Services下)时,我现在得到拒绝访问(我在使用http时没有得到这个)。
Aspx页面位于根目录中,.svc文件位于/ Services下,/ Img下的图像和/ Styles下的.css 我的web.config:
<location path="Img">
<system.web>
<authorization>
<allow users="*"/>
</authorization>
</system.web>
</location>
<location path="Styles">
<system.web>
<authorization>
<allow users="*"/>
</authorization>
</system.web>
</location>
<location path="Services">
<system.web>
<authorization>
<allow users="*"/>
</authorization>
</system.web>
</location>
<system.web>
<authentication mode="Forms">
<forms name=".COOKIEDEMO"
loginUrl="~/Login.aspx"
protection="All"
timeout="30"
path="/"/>
</authentication>
<authorization>
<deny users="?" />
</authorization>
<compilation strict="true" debug="true" explicit="true" targetFramework="4.0" />
<!-- Customizing the membership provider-->
<membership defaultProvider="SaverpMesProvider" userIsOnlineTimeWindow="30">
<providers>
<add name="SaverpMesProvider" type="System.Web.Security.SqlMembershipProvider" connectionStringName="LocalSqlServer" applicationName="SaverpMES" />
</providers>
</membership>
<roleManager enabled="true" defaultProvider="SaverpMesRoleProvider">
<providers>
<add name="SaverpMesRoleProvider"
connectionStringName="LocalSqlServer"
applicationName="SaverpMes"
type="System.Web.Security.SqlRoleProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"/>
</providers>
</roleManager>
<profile inherits="SaverpMes.Web.MesProfile" defaultProvider="SaverpMesProfileProvider">
<providers>
<add name="SaverpMesProfileProvider"
connectionStringName="LocalSqlServer"
applicationName="SaverpMes"
type="System.Web.Profile.SqlProfileProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"/>
</providers>
</profile>
</system.web>
<system.serviceModel>
<bindings>
<customBinding>
<binding name="CustomBinaryBinding">
<binaryMessageEncoding/>
<httpsTransport/>
</binding>
</customBinding>
</bindings>
<extensions>
<behaviorExtensions>
<add name="silverlightFaultExtension" type="SaverpMes.Web.Wcf.SilverlightFaultBehavior, SaverpMes.Web, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null" />
<add name="wcfFaultExtension" type="SaverpMes.Web.Wcf.WcfFaultBehaviorExtensionElement, SaverpMes.Web, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null" />
</behaviorExtensions>
</extensions>
<services>
<service behaviorConfiguration="ServiceBehavior" name="Product.FrontEnd.WcfService.ProductService">
<endpoint address="" behaviorConfiguration="SilverlightFaultsBehavior"
binding="customBinding" bindingConfiguration="CustomBinaryBinding"
name="ProductServiceEndpoint" contract="Product.FrontEnd.Contract.IProductService" />
</service>
<service behaviorConfiguration="ServiceBehavior" name="Product.FrontEnd.WcfService.PublicProductService">
<endpoint address="" behaviorConfiguration="SilverlightFaultsBehavior"
binding="customBinding" bindingConfiguration="CustomBinaryBinding"
name="PublicProductServiceEndpoint" contract="Product.SG.IPublicProductService" />
</service>
<service behaviorConfiguration="ServiceBehavior" name="Identification.FrontEnd.WcfService.FrontEndService">
<endpoint address="" behaviorConfiguration="SilverlightFaultsBehavior"
binding="customBinding" bindingConfiguration="CustomBinaryBinding"
name="IdentificationServcieEndpoint" contract="Identification.FrontEnd.Contract.IFrontEndService" />
</service>
<service behaviorConfiguration="ServiceBehavior" name="Common.WcfService.CommonService">
<endpoint address="" behaviorConfiguration="SilverlightFaultsBehavior"
binding="customBinding" bindingConfiguration="CustomBinaryBinding"
name="CommonServiceEndpoint" contract="Common.Contract.ICommonService" />
</service>
</services>
<behaviors>
<endpointBehaviors>
<behavior name="SilverlightFaultsBehavior">
<silverlightFaultExtension/>
</behavior>
</endpointBehaviors>
<serviceBehaviors>
<behavior name="ServiceBehavior">
<serviceMetadata httpsGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
<wcfFaultExtension/>
</behavior>
</serviceBehaviors>
</behaviors>
<serviceHostingEnvironment multipleSiteBindingsEnabled="true" aspNetCompatibilityEnabled="true"/>
</system.serviceModel>
<system.webServer>
<validation validateIntegratedModeConfiguration="false"/>
</system.webServer>
基本上,http网站和https网站之间我在web.config中所做的更改是customBinding下的httpsTransport和serviceMetadata下的httpsGetEnabled。
任何喜欢的人都非常感激!
答案 0 :(得分:3)
我只需添加serviceAuthorization principalPermissionMode =&#34; None&#34;在web.config中。
<serviceBehaviors>
<behavior name="ServiceBehavior">
<serviceMetadata httpsGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
<serviceAuthorization principalPermissionMode="None" />
<wcfFaultExtension />
</behavior>
</serviceBehaviors>