当使用者尝试调用虚拟机上托管的WCF服务调用时,WCF的访问被拒绝 [英] WCF gets Access denied when the consumer try invoke a WCF service calls hosted on Virtual Machine
问题描述
问题
System.ServiceModel.Security.SecurityAccessDeniedException : Access is denied.
相关堆栈行(减少)
Server stack trace:
at System.ServiceModel.Channels.ServiceChannel.ThrowIfFaultUnderstood(Message reply, MessageFault fault, String action, MessageVersion version, FaultConverter faultConverter)
Exception rethrown at [0]:
at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)
环境
开发人员计算机(主机):Windows Vista,Visual Studio 2008,nUnit
测试机(来宾):Windows 2003,IIS,Windows 2003防火墙(已禁用)
虚拟机:Virtual PC
网络:Microsoft回送适配器
Environment
Developer Machine (host): Windows Vista, Visual Studio 2008, nUnit
Test Machine (guest): Windows 2003, IIS, Windows 2003 Firewall (disabled)
Virtual Machine: Virtual PC
Network: Microsoft Loopback Adapter
说明
Windows 2003承载WCF服务清单,其中的服务都经过了良好的测试.
当应用程序使用者在Windows 2003中运行时-一切正常.
当应用程序使用者从Windows Vista(在此虚拟网络下)运行时,会出现安全问题.因此,需要调整服务质量并包括证书.已遵循文档,但访问仍被拒绝.
Description
The Windows 2003 hosts a WCF service inventory, services within are well tested.
When an application consumer runs inside windows 2003 - everything works fine.
When an application consumer runs from Windows Vista (under this virtual network) - security problems appears. So it was needed to adjust de service and include a certificate. Documentation was followed but the access still denied.
目的
无需复杂的安全措施-只需一台笔记本电脑和虚拟机即可.
我试图复制这种官方方案: http://msdn.microsoft.com/zh-CN/library/ms733938.aspx
我想使用单元测试应用程序(nunit)从Windows Vista OS下的应用程序调用Windows 2003上托管的服务.在Windows 2003上部署的服务是经过良好测试的.
Purpose
No sophisticated security arrangements is needed - its simply a laptop and virtual machine.
I tried to replicate this official scenario: http://msdn.microsoft.com/en-us/library/ms733938.aspx
I want make calls to services hosted on windows 2003 from my application under Windows Vista OS using the Unit Test application (nunit). The deployed services on windows 2003 is a well tested ones.
工作原理
任何使用(或过去的.asmx webservices)服务均可正常运行.
WHAT WORKS
Any service using (or past .asmx webservices) works properly.
怀疑
我相信它必须与该死的Windows Vista一起使用. Windows 2003事件日志具有成功的审核条目.
Suspicion
I believe it has to be with this dammed Windows Vista. The Windows 2003 event log has successful auditing entries.
服务设置
在Windows Vista上运行的使用者-nunit应用程序:
The consumer - nunit application running on Windows Vista:
<system.serviceModel>
<client>
<endpoint address="http://soa.homolog.com/RemoteService/RemoteService.svc"
binding="wsHttpBinding"
behaviorConfiguration="InternetEndpointBehavior"
bindingConfiguration="AnonymousBindingConfiguration"
contract="RemoteService.IRemoteService"
name="WSHttpBinding_IEmpresaService">
<identity>
<dns value="homologCertificate" />
</identity>
</endpoint>
</client>
<bindings>
<wsHttpBinding>
<binding name="AnonymousBindingConfiguration">
<security mode="Message">
<message clientCredentialType="None" />
</security>
</binding>
</bindings>
<behaviors>
<endpointBehaviors>
<behavior name="InternetEndpointBehavior">
<clientCredentials>
<serviceCertificate>
<authentication certificateValidationMode="None" />
</serviceCertificate>
</clientCredentials>
</behavior>
</endpointBehaviors>
</behaviors>
</system.serviceModel>
该服务托管在IIS/Windows 2003上:
The service, hosted on IIS/Windows 2003:
<system.serviceModel>
<serviceHostingEnvironment>
<baseAddressPrefixFilters>
<add prefix="http://soa.homolog.com" />
</baseAddressPrefixFilters>
</serviceHostingEnvironment>
<bindings>
<wsHttpBinding>
<binding name="BindingNoSecurity">
<security mode="Message">
<message clientCredentialType="None"/>
</security>
</binding>
</wsHttpBinding>
</bindings>
<behaviors>
<serviceBehaviors>
<behavior name="CompanyCoreBehavior">
<serviceMetadata httpGetEnabled="true" />
<serviceDebug
includeExceptionDetailInFaults="true" />
<serviceThrottling
maxConcurrentCalls="500"
maxConcurrentInstances="500"
maxConcurrentSessions="500" />
<serviceTimeouts
transactionTimeout="00:10:00" />
<serviceCredentials>
<serviceCertificate
findValue="homologCertificate"
storeLocation="LocalMachine"
x509FindType="FindBySubjectName"
storeName="My"/>
</serviceCredentials>
</behavior>
</serviceBehaviors>
</behaviors>
推荐答案
由在服务器上启用WCF跟踪.跟踪日志可能包含有意义的错误消息.启用消息日志记录,然后查看是否有明显的区别.接受和不接受.虽然,老实说,我不知道您的情况如何发生.
Start by enabling WCF tracing on the server. The trace log may contain a meaningful error message. Enable message logging and see if there any obvious differences between the messages that are accepted and those that are not. Although, honestly, I don't see how this can happen in your case.
这篇关于当使用者尝试调用虚拟机上托管的WCF服务调用时,WCF的访问被拒绝的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!