azure 应用服务上托管的 WCF 未响应客户端应用服务 [英] Hosted WCF on azure app service not responding to client app service

问题描述

我面临着 WCF 服务作为 Azure 上的应用服务托管的奇怪问题.不知何故，此客户端应用服务无法与 Azure 应用服务进行通信.

I am facing the strange problem of WCF service hosted as an app service over Azure. Somehow this client app service is not able to communicate with the Azure App service.

我已经部署了测试(示例)应用服务和测试示例客户端应用服务，并且它们的通信完美无缺.

I already deployed the test ( sample ) app service and test sample client app service and they are communicating perfectly.

以下是例外:

"管理前端组件注册过程中的问题！2021/09/12 08:59:08.111 [ERROR] System.ServiceModel.CommunicationException:向 https://ahponeserver.azurewebsites.net/AHPFrontendService.svc/FES3.这可能是由于在 HTTPS 情况下未使用 HTTP.SYS 正确配置服务器证书这一事实.这也可能是由于客户端和服务器之间的安全绑定不匹配造成的.--->System.Net.WebException:基础连接已关闭:发送时发生意外错误.--->System.IO.IOException:无法从传输连接读取数据:远程主机强行关闭了现有连接.--->System.Net.Sockets.SocketException: 一个现有的连接被远程主机强行关闭"

" Problem during mgmt frontend component registration! 2021/09/12 08:59:08.111 [ERROR] System.ServiceModel.CommunicationException: An error occurred while making the HTTP request to https://ahponeserver.azurewebsites.net/AHPFrontendService.svc/FES3. This could be due to the fact that the server certificate is not configured properly with HTTP.SYS in the HTTPS case. This could also be caused by a mismatch of the security binding between the client and the server. ---> System.Net.WebException: The underlying connection was closed: An unexpected error occurred on a send. ---> System.IO.IOException: Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host. ---> System.Net.Sockets.SocketException: An existing connection was forcibly closed by the remote host"

以下是WCF Server的Web.config.

Following is the Web.config of WCF Server.

    <?xml version="1.0"?>
<configuration>
  <appSettings>
    <add key="aspnet:UseTaskFriendlySynchronizationContext" value="true" />
    <add key="CryptoKey" value="9878237hsde8zh3299h43h" />
    <add key="AppTitle" value="Service in DEV" />
    <add key="ahpDefaultISOCode" value="EN" />
    <add key="ahpExposeTestController" value="true"/>
    <!--Database Settings-->
    <add key="databaseServer" value="APDV0710" />
    <add key="database" value="AHPOneConfig" />
    <add key="databaseUser" value="AHPOneConfigD13" />
    <add key="databaseUserPassword" value="qx5ZB2xVfEf5gnDtIdzRGAxcpA9g6fNvNdv63gxR2Bo=" />
    <add key="AllowActivation" value="uzuftuGUH3H6bvn41IB7x1Xo/v72atlXdE543qcSRlI=" />
  </appSettings>
 
 
  <system.web>
    <compilation debug="true" targetFramework="4.7.2" />
    <httpRuntime targetFramework="4.7.2" />
  </system.web>

  <system.serviceModel>
    <diagnostics>
      <messageLogging logMalformedMessages="true" logMessagesAtServiceLevel="true" logMessagesAtTransportLevel="true" />
    </diagnostics>
    <bindings>
      <basicHttpBinding>
        <binding name="BasicHttpBindingWindows">
          <security mode="TransportCredentialOnly">
            <transport clientCredentialType="Windows" />
          </security>
        </binding>
      </basicHttpBinding>

          <wsHttpBinding>
            <binding name="wsHttpBindingUsername">
              <reliableSession enabled="true" inactivityTimeout="00:30:00" />
              <security mode="Message">
                <message clientCredentialType="UserName" />
              </security>
            </binding>

            <binding name="wsHttpBindingWindows">
              <security mode="Transport">
                <transport clientCredentialType="None"></transport>
                <!--message clientCredentialType="Windows" establishSecurityContext="false" negotiateServiceCredential="false" /-->
              </security>
            </binding>

            <binding name="wsHttpEndpointBinding" maxBufferPoolSize="2147483647" maxReceivedMessageSize="2147483647">
              <security mode="TransportWithMessageCredential">
                <transport clientCredentialType="None" />
                <message clientCredentialType="UserName" />
              </security>
            </binding>

            <!-- old -->
            <!--<binding name="wsHttpBindingWindows">
              <security mode="Transport">
                <transport clientCredentialType="Windows"/>
              </security>
            </binding>-->
          </wsHttpBinding>

      <!-- Start new entry for external interface -->
      <webHttpBinding>
        <binding>
          <security mode="Transport" />
        </binding>
      </webHttpBinding>
      <!-- End new entry for external interface -->

    </bindings>   
    
    <behaviors>

      <!-- Start new entry for external interface  -->
      <endpointBehaviors>
        <behavior name="restfulBehavior">
          <webHttp />
        </behavior>
      </endpointBehaviors>
      <!-- End new entry for external interface -->

      <serviceBehaviors>
        <!-- Start new entry for external interface -->
        <behavior name="restfullServiceBehavior">
          <serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />
          <serviceDebug includeExceptionDetailInFaults="false" />
        </behavior>
        <!-- End new entry for external interface -->

        <!-- Custom Authentication Windows -->
        <behavior name="windowsValidation2">
          <serviceThrottling maxConcurrentCalls="300" maxConcurrentSessions="2000" maxConcurrentInstances="2000" />
          <serviceMetadata httpGetEnabled="True" httpsGetEnabled="true" />
          <serviceDebug includeExceptionDetailInFaults="true" />
        </behavior>

        <!-- Custom Authentication UsernamePassword -->
        <behavior name="CustomUsernameValidation2">
          <serviceThrottling maxConcurrentCalls="300" maxConcurrentSessions="2000" maxConcurrentInstances="2000" />
          <serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />
          <serviceDebug includeExceptionDetailInFaults="true" />
          <serviceCredentials>
            <!--Specify the Custom Authentication policy that will be used and add the policy location-->
            <userNameAuthentication userNamePasswordValidationMode="Custom" customUserNamePasswordValidatorType="ahpFrontendWCFService.ServiceImplementation.UserAuthentication,ahpFrontendWCFService" />
          </serviceCredentials>
        </behavior>

        <behavior>
          <!-- To avoid disclosing metadata information, set the values below to false before deployment -->
          <serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />
          <!-- To receive exception details in faults for debugging purposes, set the value below to true.  Set to false before deployment to avoid disclosing exception information -->
          <serviceDebug includeExceptionDetailInFaults="true" />
        </behavior>
      </serviceBehaviors>
    </behaviors>

    <services>
      
       <service name="ahpFrontendWCFService.AHPFrontendServiceWindows" 
               behaviorConfiguration="windowsValidation2">
        <endpoint name="FES2"
                  address="FES2"
                  binding="wsHttpBinding"
                  contract="ahpFrontendWCFService.IAHPFrontendServiceV1"
                  bindingConfiguration="wsHttpBindingWindows"/>
      </service>

      <service name="ahpFrontendWCFService.AHPFrontendService"
               behaviorConfiguration="CustomUsernameValidation2">
        <endpoint name="FES3"
                  address="FES3"
                  binding="wsHttpBinding"
                  bindingConfiguration="wsHttpEndpointBinding"
                  contract="ahpFrontendWCFService.IAHPFrontendServiceV1"/>
      </service>

       <!--Start new entry for reporting interface--> 
     <service name="ahpFrontendWCFService.AHPReportingService" 
               behaviorConfiguration="CustomUsernameValidation2">
        <endpoint name="FES3"
                  address="FES3"
                  binding="wsHttpBinding"
                  contract="ahpFrontendWCFService.IAHPReportingService"
                  bindingConfiguration="wsHttpEndpointBinding" />
      </service>
       <!--End new entry for reporting interface 

       Start new entry for external interface--> 
      <service name="ahpFrontendWCFService.AHPExternalService"
               behaviorConfiguration="restfullServiceBehavior">
        <endpoint binding="webHttpBinding"
                  contract="ahpFrontendWCFService.IAHPExternalService"
                  behaviorConfiguration="restfulBehavior"/>
      </service>
       <!--End new entry for external interface 

       Start new entry for external interface--> 
      <service name="ahpFrontendWCFService.AHPSetupService"
               behaviorConfiguration="restfullServiceBehavior">
        <endpoint binding="webHttpBinding"
                  contract="ahpFrontendWCFService.IAHPSetupService"
                  behaviorConfiguration="restfulBehavior"/>
      </service>
      <!-- End new entry for external interface -->


    </services>

  
    <protocolMapping>
      <add binding="basicHttpsBinding" scheme="https" />
    </protocolMapping>

    <serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" />
  </system.serviceModel>
  <system.webServer>
    <modules runAllManagedModulesForAllRequests="true" />
    <!--
        To browse web app root directory during debugging, set the value below to true.
        Set to false before deployment to avoid disclosing web app folder information.
      -->
    <directoryBrowse enabled="true" />
  </system.webServer>

  <location path="AHPOne/Proxy">
    <system.webServer>
      <handlers>
        <remove name="ExtensionlessUrlHandler-Integrated-4.0" />
        <remove name="OPTIONSVerbHandler" />
        <add name="ExtensionlessUrlHandler-Integrated-4.0" path="*." verb="*" type="System.Web.Handlers.TransferRequestHandler" preCondition="integratedMode,runtimeVersionv4.0" />
      </handlers>
      <httpProtocol>
        <customHeaders>
          <!-- <add name="Access-Control-Allow-Origin" value="*" />  this header is added through api controller class -->
          <add name="Access-Control-Allow-Headers" value="Authorization" />
          <add name="Access-Control-Allow-Credentials" value="true" />
        </customHeaders>
      </httpProtocol>
    </system.webServer>
  </location>

  <runtime>
    <assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
      <dependentAssembly>
        <assemblyIdentity name="Newtonsoft.Json" publicKeyToken="30ad4fe6b2a6aeed" culture="neutral" />
        <bindingRedirect oldVersion="0.0.0.0-12.0.0.0" newVersion="12.0.0.0" />
      </dependentAssembly>
    </assemblyBinding>
  </runtime>
</configuration>

以下是客户端应用服务的 web.config(仅粘贴来自该 web.config 的相关部分)

Following is the web.config for the client app service ( Only pasting relavent part from that web.config )

 <system.serviceModel>
<!-- username binding-->
<bindings>
  <wsHttpBinding>
    <binding name="FES3" maxBufferPoolSize="500000000" maxReceivedMessageSize="500000000" sendTimeout="00:20:00">
      <security mode="TransportWithMessageCredential">
        <transport clientCredentialType="None"/>
        <message clientCredentialType="UserName"/>
      </security>
    </binding>
  </wsHttpBinding>
</bindings>
<client>
  <endpoint address="https://ahponeserver.azurewebsites.net/AHPFrontendService.svc/FES3" binding="wsHttpBinding" bindingConfiguration="FES3"
    contract="Ahp.Frontend.Shared.WCFProxyClasses.ahpFrontendService" name="FES3"/>
</client>

</system.serviceModel>

我不知道如何找出问题所在.有什么办法可以摆脱这个问题?

I don't know how to figure out what's the issue. What could be the way to get rid of this problem?

是否需要设置一些证书?配置有问题吗?

Are some certificates needed to set up? is there any issue in configuration?

如果有一些想法会很高兴.

Would be ahppy to have some ideas.

推荐答案

如果您的服务器已更新到 TLS V1.2 并使用 SSL 标准连接，您可以尝试执行以下步骤:

If your server has been updated to TLS V1.2 and uses SSL standard connections, you can try following these steps:

if (System.Net.ServicePointManager.SecurityProtocol == (SecurityProtocolType.Ssl3 | SecurityProtocolType.Tls))
    System.Net.ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls | SecurityProtocolType.Tls11 | SecurityProtocolType.Tls12;

这篇关于azure 应用服务上托管的 WCF 未响应客户端应用服务的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！