我尝试创建使用MembershipProvider进行身份验证的WCF服务。因为它是一项内部服务,我目前对应用传输级别安全性(HTTPS)并不感兴趣,我想(现在)在没有证书的情况下执行此操作。此外,这将使推出服务变得复杂,我希望稍后这样做。我已经构建了一个基本配置(即使没有配置MembershipProvider,但WCF仍然向我提出以下异常:
未提供服务证书。指定服务证书 在ServiceCredentials中。
这是我的配置:
<system.serviceModel>
<bindings>
<ws2007HttpBinding>
<binding name="Service1WS2007HttpBindingConfig">
<security mode="Message">
<transport clientCredentialType="None" />
<message clientCredentialType="UserName" />
</security>
</binding>
</ws2007HttpBinding>
</bindings>
<services>
<service name="WcfService1.Service1">
<endpoint address="http://localhost:9800/Service1.svc"
binding="ws2007HttpBinding"
bindingConfiguration="Service1WS2007HttpBindingConfig"
contract="WcfService1.IService1" />
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="">
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="false" />
<serviceDebug includeExceptionDetailInFaults="false" />
</behavior>
</serviceBehaviors>
</behaviors>
<serviceHostingEnvironment multipleSiteBindingsEnabled="false">
<serviceActivations>
<add relativeAddress="Service1.svc" service="WcfService1.Service1" />
</serviceActivations>
</serviceHostingEnvironment>
</system.serviceModel>
例外的Stacktrace:
[InvalidOperationException:未提供服务证书。 在ServiceCredentials中指定服务证书。 ]
System.ServiceModel.Security.ServiceCredentialsSecurityTokenManager.CreateServerX509TokenProvider() +12382737 System.ServiceModel.Security.ServiceCredentialsSecurityTokenManager.CreateLocalSecurityTokenProvider(RecipientServiceModelSecurityTokenRequirement 收件人要求)+63
System.ServiceModel.Security.ServiceCredentialsSecurityTokenManager.CreateSecurityTokenProvider(SecurityTokenRequirement 要求)+48
System.ServiceModel.Security.ServiceCredentialsSecurityTokenManager.CreateTlsnegoServerX509TokenProvider(RecipientServiceModelSecurityTokenRequirement 收件人要求)+191
System.ServiceModel.Security.ServiceCredentialsSecurityTokenManager.CreateTlsnegoSecurityTokenAuthenticator(RecipientServiceModelSecurityTokenRequirement recipientRequirement,Boolean requireClientCertificate, SecurityTokenResolver&安培; sctResolver)+683
System.ServiceModel.Security.ServiceCredentialsSecurityTokenManager.CreateSecurityTokenAuthenticator(SecurityTokenRequirement tokenRequirement,SecurityTokenResolver&amp; outOfBandTokenResolver) +12383208 System.ServiceModel.Security.SessionRenewSecurityTokenManager.CreateSecurityTokenAuthenticator(SecurityTokenRequirement tokenRequirement,SecurityTokenResolver&amp; outOfBandTokenResolver)+81
System.ServiceModel.Security.SymmetricSecurityProtocolFactory.OnOpen(时间跨度 超时)+181
System.ServiceModel.Security.WrapperSecurityCommunicationObject.OnOpen(时间跨度 超时)+21
System.ServiceModel.Channels.CommunicationObject.Open(时间跨度 超时)+318
System.ServiceModel.Security.SecurityListenerSettingsLifetimeManager.Open(时间跨度 超时)+94
System.ServiceModel.Channels.SecurityChannelListener`1.OnOpen(时间跨度 超时)+240
System.ServiceModel.Channels.CommunicationObject.Open(时间跨度 超时)+318
System.ServiceModel.Dispatcher.ChannelDispatcher.OnOpen(时间跨度 超时)+72[InvalidOperationException:ChannelDispatcher at &#39; HTTP://本地主机:9800 / Service1.svc&#39;与合同 &#39;&#34; IssueAndRenewSession&#34;&#39;无法打开其IChannelListener。] System.ServiceModel.Dispatcher.ChannelDispatcher.OnOpen(时间跨度 超时)+118
System.ServiceModel.Channels.CommunicationObject.Open(时间跨度 timeout)+318 System.ServiceModel.ServiceHostBase.OnOpen(TimeSpan 超时)+111
System.ServiceModel.Channels.CommunicationObject.Open(时间跨度 超时)+318
System.ServiceModel.Security.SecuritySessionSecurityTokenAuthenticator.OnOpen(时间跨度 超时)+131
System.ServiceModel.Security.WrapperSecurityCommunicationObject.OnOpen(时间跨度 超时)+21
System.ServiceModel.Channels.CommunicationObject.Open(时间跨度 超时)+318
System.ServiceModel.Security.CommunicationObjectSecurityTokenAuthenticator.Open(时间跨度 超时)+20
System.ServiceModel.Security.SecuritySessionServerSettings.OnOpen(时间跨度 超时)+792
System.ServiceModel.Security.WrapperSecurityCommunicationObject.OnOpen(时间跨度 超时)+21
System.ServiceModel.Channels.CommunicationObject.Open(时间跨度 超时)+318
System.ServiceModel.Security.SecurityListenerSettingsLifetimeManager.Open(时间跨度 超时)+148
System.ServiceModel.Channels.SecurityChannelListener`1.OnOpen(时间跨度 超时)+240
System.ServiceModel.Channels.CommunicationObject.Open(时间跨度 超时)+318
System.ServiceModel.Dispatcher.ChannelDispatcher.OnOpen(时间跨度 超时)+72[InvalidOperationException:ChannelDispatcher at &#39; HTTP://本地主机:9800 / Service1.svc&#39;与合同&#34;&#34; IService1&#34;&#39;是 无法打开其IChannelListener。] System.ServiceModel.Dispatcher.ChannelDispatcher.OnOpen(时间跨度 超时)+118
System.ServiceModel.Channels.CommunicationObject.Open(时间跨度 timeout)+318 System.ServiceModel.ServiceHostBase.OnOpen(TimeSpan 超时)+111
System.ServiceModel.Channels.CommunicationObject.Open(时间跨度 超时)+318
System.ServiceModel.HostingManager.ActivateService(字符串 normalizedVirtualPath)+206
System.ServiceModel.HostingManager.EnsureServiceAvailable(字符串 normalizedVirtualPath)+651[ServiceActivationException:service&#39; /Service1.svc'不可能是 由于编译期间的异常而激活。例外 消息是:ChannelDispatcher在 &#39; HTTP://本地主机:9800 / Service1.svc&#39;与合同&#34;&#34; IService1&#34;&#39;是 无法打开其IChannelListener ..]
System.Runtime.AsyncResult.End(IAsyncResult result)+688590
System.ServiceModel.Activation.HostedHttpRequestAsyncResult.End(IAsyncResult的 结果)+190
System.ServiceModel.Activation.HostedHttpRequestAsyncResult.ExecuteSynchronous(HttpApplication的 context,String routeServiceVirtualPath,Boolean flowContext,Boolean ensureWFService)+234
System.ServiceModel.Activation.HttpModule.ProcessRequest(对象 发件人,EventArgs e)+359
System.Web.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +148 System.Web.HttpApplication.ExecuteStep(IExecutionStep step,Boolean&amp; completedSynchronously)+75
我的配置有什么问题,我该如何解决?
答案 0 :(得分:18)
您需要使用证书对服务进行签名。您可以通过在配置中添加以下内容来完成此操作:
<serviceBehaviors>
<behavior name="">
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="false" />
<serviceDebug includeExceptionDetailInFaults="false" />
*<serviceCredentials>
<serviceCertificate findValue="certificatename" storeLocation="LocalMachine" storeName="My" x509FindType="FindBySubjectName" />
</serviceCredentials>*
</behavior>
</serviceBehaviors>
certificatename是证书的名称。要创建证书,您可以在此处查看: Create a self signed certificate