WCF双工-客户端无法在配置的超时时间内完成安全协商 [英] WCF Duplex - Client is unable to finish the security negotiation within the configured timeout
问题描述
我有一个双工WCF,它在本地主机上运行完美(当它在本地运行时,将我的应用程序连接到此WCF).
I have a duplex WCF, it work perfect in local host (connect my application to this WCF when it run locally).
现在,我尝试将其托管在IIS(Server 2008 R2标准)中,创建一个Windows帐户"GOD",并使用"GOD"标识在IIS中进行应用程序轮询.
Now I tried to hosted it in my IIS (Server 2008 R2 standard), I create a windows account "GOD", and an application poll in IIS using the "GOD" identity.
我可以从Web浏览器从我的PC(服务器除外)访问此WCF,并查看合同的XML,(单击显示的页面内的链接)
I can access this WCF from my pc (other than the server) from web browser and see the XML of the contract, (click on the link inside the page displayed)
当尝试从我的应用程序访问时,出现异常:
When try to access from my application I get the exception:
客户端无法完成内部的安全协商配置的超时时间(00:00:00).目前的谈判距离是1(00:00:00).
Client is unable to finish the security negotiation within the configured timeout (00:00:00). The current negotiation leg is 1 (00:00:00).
再次在WCF本地运行时,我的应用程序正常运行.
Again when the WCF run locally my app work OK.
我尝试使用跟踪,但我成功看到的只是关于超时的异常.
I tried to use the trace but all I successful to see is the exception about the time out.
我的app.config是:
My app.config is:
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<system.diagnostics>
<sources>
<source name="System.ServiceModel" switchValue="Information, ActivityTracing" propagateActivity="true">
<listeners>
<add name="traceListener" type="System.Diagnostics.XmlWriterTraceListener" initializeData="c:\log\Traces.svclog"/>
</listeners>
</source>
</sources>
</system.diagnostics>
<system.serviceModel>
<bindings>
<wsDualHttpBinding>
<binding name="WSDualHttpBinding_I_BridgeWCFService" closeTimeout="00:01:00"
openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00"
bypassProxyOnLocal="false" transactionFlow="false" hostNameComparisonMode="StrongWildcard"
maxBufferPoolSize="2147483646" maxReceivedMessageSize="2147483646"
messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true">
<readerQuotas maxDepth="256" maxStringContentLength="2147483646"
maxArrayLength="2147483646" maxBytesPerRead="2147483646" maxNameTableCharCount="2147483646" />
<reliableSession ordered="true" inactivityTimeout="01:10:00" />
<security mode="Message" />
</binding>
</wsDualHttpBinding>
</bindings>
<client>
<endpoint address="http://win-jj/_Bridge1/_BridgeWcfService.svc"
binding="wsDualHttpBinding" bindingConfiguration="WSDualHttpBinding_I_BridgeWCFService"
contract="_BridgeWcfServiceReference.I_BridgeWCFService"
name="WSDualHttpBinding_I_BridgeWCFService">
<identity>
<dns value="localhost"/>
</identity>
</endpoint>
</client>
</system.serviceModel>
<startup>
<supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.0,Profile=Client"/>
</startup>
</configuration>
我还尝试将上面的标识部分更改为:< userPrincipalName value ="GOD"/>
,但是随后又出现了另一个异常.
I also tried to change the identity section above to: <userPrincipalName value="GOD" />
, but then I got another exception.
我的服务配置文件:web.config:
My service config file: web.config:
<?xml version="1.0"?>
<configuration>
<system.serviceModel>
<bindings>
<wsDualHttpBinding>
<binding name="WSDualHttpBinding_I_BridgeWCFService" closeTimeout="01:01:00" openTimeout="01:01:00" receiveTimeout="01:10:00" sendTimeout="01:01:00" bypassProxyOnLocal="false" transactionFlow="false" hostNameComparisonMode="StrongWildcard" maxBufferPoolSize="2147483646" maxReceivedMessageSize="2147483646" messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true">
<readerQuotas maxDepth="256" maxStringContentLength="2147483646" maxArrayLength="2147483646" maxBytesPerRead="2147483646" maxNameTableCharCount="2147483646"/>
<reliableSession ordered="true" inactivityTimeout="01:10:00"/>
<security mode="Message">
<message clientCredentialType="Windows" negotiateServiceCredential="true" algorithmSuite="Default"/>
</security>
</binding>
</wsDualHttpBinding>
</bindings>
<services>
<service behaviorConfiguration="_BridgeNameSpace.Service1Behavior" name="_BridgeNameSpace._BridgeWCFService">
<endpoint address="" binding="wsDualHttpBinding" bindingConfiguration="WSDualHttpBinding_I_BridgeWCFService" contract="_BridgeNameSpace.I_BridgeWCFService">
<identity>
<userPrincipalName value="GOD" />
</identity>
</endpoint>
<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange"/>
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="_BridgeNameSpace.Service1Behavior">
<!-- To avoid disclosing metadata information, set the value below to false and remove the metadata endpoint above before deployment -->
<serviceMetadata httpGetEnabled="true"/>
<dataContractSerializer maxItemsInObjectGraph="2147483647"/>
<!-- To receive exception details in faults for debugging purposes, set the value below to true. Set to false before deployment to avoid disclosing exception information -->
<serviceDebug includeExceptionDetailInFaults="false"/>
</behavior>
</serviceBehaviors>
</behaviors>
</system.serviceModel>
<system.web>
<compilation debug="true"/>
</system.web>
</configuration>
我还尝试将上面的标识部分更改为:< dns value ="localhost"/>
,但没有任何改变
I also tried to change the identity section above to: <dns value="localhost"/>
, but nothing change
我按如下所示连接到我的应用程序中的服务:
I connect to my service in my application as following:
MyServiceClientProxy Proxy = null;
MyCallbackProxy myCallbackProxy = null;
myCallbackProxy = new MyCallbackProxy();
InstanceContext cntx = new InstanceContext(myCallbackProxy);
Proxy = new MyServiceClientProxy(cntx, "WSDualHttpBinding_I_BridgeWCFService");
Proxy.ClientCredentials.Windows.ClientCredential.UserName = "GOD";
Proxy.ClientCredentials.Windows.ClientCredential.Password = "yy";
try
{
Proxy.Open();
}
catch { return; }
BTW,当尝试将安全性更改为"时,收到以下异常(无论是否使用ClientCredential.Username& Password作为上面的代码):
BTW, when tried to change the security to '' got the following exception (wither or not use the ClientCredential.Username&Password as the code above):
The open operation did not complete within the allotted timeout of 00:00:59.1689524. The time allotted to this operation may have been a portion of a longer timeout.
任何想法?,请PLS帮助!
ANY IDEA ?, PLS help!
推荐答案
wsDualHttpBinding尝试打开从服务器到客户端的连接,该连接将被防火墙阻止
wsDualHttpBinding tries to open a connection from server to client which will be blocked by firewalls
My advice would be to switch to netTcpBinding - its much simpler for duplex messaging as I blogged here
这篇关于WCF双工-客户端无法在配置的超时时间内完成安全协商的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!