WCF-TransportWithMessageCredential使用客户端身份验证方案“匿名"的HTTP请求是未授权的 [英] WCF-TransportWithMessageCredential The HTTP request is unauthorized with client authentication scheme 'Anonymous'
问题描述
我正在尝试使用UserName配置WCF身份验证,但是没有成功,我尝试了很多已经发现的解决方案,但是似乎没有任何用处.
I'm trying to configure WCF authentication with UserName but without success, I have tried a a lot of solution that I found already, but nothing seem to work for me.
HTTP请求未经客户端身份验证方案授权 '匿名的'.从服务器收到的身份验证标头为 协商,NTLM,基本领域="localhost"".
The HTTP request is unauthorized with client authentication scheme 'Anonymous'. The authentication header received from the server was 'Negotiate,NTLM,Basic realm="localhost"'.
服务器设置
<system.serviceModel>
<bindings>
<wsHttpBinding>
<binding name="basicHttpBindingConfiguration">
<security mode="TransportWithMessageCredential">
<message clientCredentialType="UserName" negotiateServiceCredential="false" />
<transport clientCredentialType="None" />
</security>
</binding>
</wsHttpBinding>
</bindings>
<services>
<service name="Namespace.Service" behaviorConfiguration="wsHttpBehavior">
<endpoint binding="wsHttpBinding" bindingConfiguration="basicHttpBindingConfiguration" name="Soap" bindingNamespace="/WebServices" contract="Namespace.IService">
</endpoint>
<endpoint address="mex" binding="mexHttpsBinding" contract="IMetadataExchange" name="mex" />
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="wsHttpBehavior">
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="false" />
<serviceCredentials>
<userNameAuthentication userNamePasswordValidationMode="Custom" customUserNamePasswordValidatorType="UserNamePasswordValidator, WebApplication" />
<!--<serviceCertificate findValue="ServiceModelSamples-HTTPS-Server" storeLocation="LocalMachine" storeName="My" x509FindType="FindBySubjectName" />-->
</serviceCredentials>
</behavior>
</serviceBehaviors>
</behaviors>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" />
</system.serviceModel>
在客户端
<system.serviceModel>
<bindings>
<wsHttpBinding>
<binding name="Soap">
<security mode="TransportWithMessageCredential">
<transport clientCredentialType="None" />
<message clientCredentialType="UserName" />
</security>
</binding>
</wsHttpBinding>
</bindings>
<client>
<endpoint address="https://localhost:85/WebServices/Service.svc"
binding="wsHttpBinding" bindingConfiguration="Soap" contract="ServiceReference1.IService"
name="Soap" />
</client>
</system.serviceModel>
这是我的IIS配置
Here is my IIS config
我找到的大多数解决方案都使用Windows传输,我只需要通过用户名进行身份验证.
Most of solution that I found use Windows Transport, I need Authentication only through Username.
我检查一下:
- https://blog. sandervanlooveren.be/posts/securing-a-wcf-service-with-username-and-password/
- https://docs.microsoft.com/zh-CN/dotnet/framework/wcf/samples/ws-transport-with-message-credential
- https://blog.sandervanlooveren.be/posts/securing-a-wcf-service-with-username-and-password/
- https://docs.microsoft.com/en-us/dotnet/framework/wcf/samples/ws-transport-with-message-credential
我尝试了安全性 mode ="Message" 和安全性 mode ="TransportWithMessageCredential" ,但未成功
I have tried security mode="Message" and security mode="TransportWithMessageCredential" without success
我的客户代码如下:
// Instantiate the proxy
var proxy = new ServiceClient();
proxy.ClientCredentials.UserName.UserName = "username";
proxy.ClientCredentials.UserName.Password = "password";
任何人都可以检查我的配置并告诉我我设置错了吗?
Please can anyone check my config and tell what I'm setting wrong ?
这是ASP.Net MVC5应用程序内的服务,这也可能是问题吗?
This is a Service inside an ASP.Net MVC5 App, Can this also be a problem ?
推荐答案
customUserNamePasswordValidatorType 属性字符串可能存在问题,通常采用以下格式
There might be something amiss with the customUserNamePasswordValidatorType property string.It is usually in the following form
customUserNamePasswordValidatorType="Namespace.MyCustUserNamePasswordVal,Namespace"
您可以访问托管服务的WSDL吗?另外,打开匿名身份验证就足够了,不需要启用其他身份验证.
这是我的配置,我使用了WCF4.5支持的简化配置,希望它对您有用.
Can you access the WSDL of hosting service? Also, turning on the anonymous authentication is enough, unnecessary to enable others authentication.
Here is my configuration, I used simplified configuration which be supported in WCF4.5, wish it is useful to you.
<system.serviceModel>
<behaviors>
<serviceBehaviors>
<behavior>
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true"/>
<serviceDebug includeExceptionDetailInFaults="false"/>
<serviceCredentials>
<userNameAuthentication customUserNamePasswordValidatorType="WcfService1.CustUserNamePasswordVal,WcfService1" userNamePasswordValidationMode="Custom"/>
</serviceCredentials>
</behavior>
</serviceBehaviors>
</behaviors>
<bindings>
<wsHttpBinding>
<binding>
<security mode="TransportWithMessageCredential">
<message clientCredentialType="UserName"/>
</security>
</binding>
</wsHttpBinding>
</bindings>
<protocolMapping>
<add binding="wsHttpBinding" scheme="https" />
</protocolMapping>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" />
</system.serviceModel>
请随时告诉我是否有什么可以帮忙的.
Feel free to let me know If there is anything I can help with.
这篇关于WCF-TransportWithMessageCredential使用客户端身份验证方案“匿名"的HTTP请求是未授权的的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!