WCF-TransportWithMessageCredential使用客户端身份验证方案“匿名"的HTTP请求是未授权的 [英] WCF-TransportWithMessageCredential The HTTP request is unauthorized with client authentication scheme 'Anonymous'

问题描述

我正在尝试使用UserName配置WCF身份验证，但是没有成功，我尝试了很多已经发现的解决方案，但是似乎没有任何用处.

I'm trying to configure WCF authentication with UserName but without success, I have tried a a lot of solution that I found already, but nothing seem to work for me.

HTTP请求未经客户端身份验证方案授权 '匿名的'.从服务器收到的身份验证标头为 协商，NTLM，基本领域="localhost"".

The HTTP request is unauthorized with client authentication scheme 'Anonymous'. The authentication header received from the server was 'Negotiate,NTLM,Basic realm="localhost"'.

服务器设置

<system.serviceModel>
<bindings>
  <wsHttpBinding>
    <binding name="basicHttpBindingConfiguration">
      <security mode="TransportWithMessageCredential">
        <message clientCredentialType="UserName" negotiateServiceCredential="false" />
        <transport clientCredentialType="None" />
      </security>
    </binding>
  </wsHttpBinding>
</bindings>
<services>
  <service name="Namespace.Service" behaviorConfiguration="wsHttpBehavior">
    <endpoint binding="wsHttpBinding" bindingConfiguration="basicHttpBindingConfiguration" name="Soap" bindingNamespace="/WebServices" contract="Namespace.IService">
    </endpoint>
    <endpoint address="mex" binding="mexHttpsBinding" contract="IMetadataExchange" name="mex" />
  </service>
</services>
<behaviors>
  <serviceBehaviors>
    <behavior name="wsHttpBehavior">
      <serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />
      <serviceDebug includeExceptionDetailInFaults="false" />
      <serviceCredentials>
        <userNameAuthentication userNamePasswordValidationMode="Custom" customUserNamePasswordValidatorType="UserNamePasswordValidator, WebApplication" />
        <!--<serviceCertificate findValue="ServiceModelSamples-HTTPS-Server" storeLocation="LocalMachine" storeName="My" x509FindType="FindBySubjectName" />-->
      </serviceCredentials>
    </behavior>
  </serviceBehaviors>
</behaviors>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" />
</system.serviceModel>

在客户端

<system.serviceModel>
    <bindings>
        <wsHttpBinding>
            <binding name="Soap">
                <security mode="TransportWithMessageCredential">
                    <transport clientCredentialType="None" />
                    <message clientCredentialType="UserName" />
                </security>
            </binding>
        </wsHttpBinding>
    </bindings>
    <client>
        <endpoint address="https://localhost:85/WebServices/Service.svc"
            binding="wsHttpBinding" bindingConfiguration="Soap" contract="ServiceReference1.IService"
            name="Soap" />
    </client>
</system.serviceModel>

这是我的IIS配置

Here is my IIS config

我找到的大多数解决方案都使用Windows传输，我只需要通过用户名进行身份验证.

Most of solution that I found use Windows Transport, I need Authentication only through Username.

我检查一下:

• https://blog. sandervanlooveren.be/posts/securing-a-wcf-service-with-username-and-password/
• https://docs.microsoft.com/zh-CN/dotnet/framework/wcf/samples/ws-transport-with-message-credential

• https://blog.sandervanlooveren.be/posts/securing-a-wcf-service-with-username-and-password/
• https://docs.microsoft.com/en-us/dotnet/framework/wcf/samples/ws-transport-with-message-credential

我尝试了安全性 mode ="Message" 和安全性 mode ="TransportWithMessageCredential" ，但未成功

I have tried security mode="Message" and security mode="TransportWithMessageCredential" without success

我的客户代码如下:

 // Instantiate the proxy  
 var  proxy = new ServiceClient();

 proxy.ClientCredentials.UserName.UserName = "username";
 proxy.ClientCredentials.UserName.Password = "password";

任何人都可以检查我的配置并告诉我我设置错了吗?

Please can anyone check my config and tell what I'm setting wrong ?

这是ASP.Net MVC5应用程序内的服务，这也可能是问题吗?

This is a Service inside an ASP.Net MVC5 App, Can this also be a problem ?

推荐答案

customUserNamePasswordValidatorType 属性字符串可能存在问题，通常采用以下格式

There might be something amiss with the customUserNamePasswordValidatorType property string.It is usually in the following form

customUserNamePasswordValidatorType="Namespace.MyCustUserNamePasswordVal,Namespace"

您可以访问托管服务的WSDL吗?另外，打开匿名身份验证就足够了，不需要启用其他身份验证.
这是我的配置，我使用了WCF4.5支持的简化配置，希望它对您有用.

Can you access the WSDL of hosting service? Also, turning on the anonymous authentication is enough, unnecessary to enable others authentication.
Here is my configuration, I used simplified configuration which be supported in WCF4.5, wish it is useful to you.

<system.serviceModel>
    <behaviors>
      <serviceBehaviors>
        <behavior>
          <serviceMetadata httpGetEnabled="true" httpsGetEnabled="true"/>
          <serviceDebug includeExceptionDetailInFaults="false"/>
          <serviceCredentials>
            <userNameAuthentication customUserNamePasswordValidatorType="WcfService1.CustUserNamePasswordVal,WcfService1" userNamePasswordValidationMode="Custom"/>
          </serviceCredentials>
        </behavior>
      </serviceBehaviors>
    </behaviors>
    <bindings>
      <wsHttpBinding>
        <binding>
          <security mode="TransportWithMessageCredential">
            <message clientCredentialType="UserName"/>
          </security>
        </binding>
      </wsHttpBinding>
    </bindings>
    <protocolMapping>
      <add binding="wsHttpBinding" scheme="https" />
    </protocolMapping>    
    <serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" />
  </system.serviceModel>

请随时告诉我是否有什么可以帮忙的.

Feel free to let me know If there is anything I can help with.

这篇关于WCF-TransportWithMessageCredential使用客户端身份验证方案“匿名"的HTTP请求是未授权的的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！