WCF双工-客户端无法在配置的超时时间内完成安全协商 [英] WCF Duplex - Client is unable to finish the security negotiation within the configured timeout

问题描述

我有一个双工WCF，它在本地主机上运行完美(当它在本地运行时，将我的应用程序连接到此WCF).

I have a duplex WCF, it work perfect in local host (connect my application to this WCF when it run locally).

现在，我尝试将其托管在IIS(Server 2008 R2标准)中，创建一个Windows帐户"GOD"，并使用"GOD"标识在IIS中进行应用程序轮询.

Now I tried to hosted it in my IIS (Server 2008 R2 standard), I create a windows account "GOD", and an application poll in IIS using the "GOD" identity.

我可以从Web浏览器从我的PC(服务器除外)访问此WCF，并查看合同的XML，(单击显示的页面内的链接)

I can access this WCF from my pc (other than the server) from web browser and see the XML of the contract, (click on the link inside the page displayed)

当尝试从我的应用程序访问时，出现异常:

When try to access from my application I get the exception:

客户端无法完成内部的安全协商配置的超时时间(00:00:00).目前的谈判距离是1(00:00:00).

Client is unable to finish the security negotiation within the configured timeout (00:00:00). The current negotiation leg is 1 (00:00:00).

再次在WCF本地运行时，我的应用程序正常运行.

Again when the WCF run locally my app work OK.

我尝试使用跟踪，但我成功看到的只是关于超时的异常.

I tried to use the trace but all I successful to see is the exception about the time out.

我的app.config是:

My app.config is:

<?xml version="1.0" encoding="utf-8" ?>
<configuration>
  <system.diagnostics>
    <sources>
      <source name="System.ServiceModel" switchValue="Information, ActivityTracing" propagateActivity="true">
        <listeners>
          <add name="traceListener" type="System.Diagnostics.XmlWriterTraceListener" initializeData="c:\log\Traces.svclog"/>
        </listeners>
      </source>
    </sources>
  </system.diagnostics>
  <system.serviceModel>
    <bindings>
      <wsDualHttpBinding>
        <binding name="WSDualHttpBinding_I_BridgeWCFService" closeTimeout="00:01:00"
          openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00"
          bypassProxyOnLocal="false" transactionFlow="false" hostNameComparisonMode="StrongWildcard"
          maxBufferPoolSize="2147483646" maxReceivedMessageSize="2147483646"
          messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true">
          <readerQuotas maxDepth="256" maxStringContentLength="2147483646"
            maxArrayLength="2147483646" maxBytesPerRead="2147483646" maxNameTableCharCount="2147483646" />
          <reliableSession ordered="true" inactivityTimeout="01:10:00" />
          <security mode="Message" />
        </binding>
      </wsDualHttpBinding>
    </bindings>
    <client>
      <endpoint address="http://win-jj/_Bridge1/_BridgeWcfService.svc"
        binding="wsDualHttpBinding" bindingConfiguration="WSDualHttpBinding_I_BridgeWCFService"
        contract="_BridgeWcfServiceReference.I_BridgeWCFService"
        name="WSDualHttpBinding_I_BridgeWCFService">
        <identity>
          <dns value="localhost"/>
        </identity>
      </endpoint>
    </client>
  </system.serviceModel>
  <startup>
    <supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.0,Profile=Client"/>
  </startup>
</configuration>

我还尝试将上面的标识部分更改为:< userPrincipalName value ="GOD"/> ，但是随后又出现了另一个异常.

I also tried to change the identity section above to: <userPrincipalName value="GOD" />, but then I got another exception.

我的服务配置文件:web.config:

My service config file: web.config:

<?xml version="1.0"?>
<configuration>
  <system.serviceModel>
    <bindings>
      <wsDualHttpBinding>
        <binding name="WSDualHttpBinding_I_BridgeWCFService" closeTimeout="01:01:00" openTimeout="01:01:00" receiveTimeout="01:10:00" sendTimeout="01:01:00" bypassProxyOnLocal="false" transactionFlow="false" hostNameComparisonMode="StrongWildcard" maxBufferPoolSize="2147483646" maxReceivedMessageSize="2147483646" messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true">
          <readerQuotas maxDepth="256" maxStringContentLength="2147483646" maxArrayLength="2147483646" maxBytesPerRead="2147483646" maxNameTableCharCount="2147483646"/>
          <reliableSession ordered="true" inactivityTimeout="01:10:00"/>
          <security mode="Message">
            <message clientCredentialType="Windows" negotiateServiceCredential="true" algorithmSuite="Default"/>
          </security>
        </binding>
      </wsDualHttpBinding>
    </bindings>
    <services>
      <service behaviorConfiguration="_BridgeNameSpace.Service1Behavior" name="_BridgeNameSpace._BridgeWCFService">
        <endpoint address="" binding="wsDualHttpBinding" bindingConfiguration="WSDualHttpBinding_I_BridgeWCFService" contract="_BridgeNameSpace.I_BridgeWCFService">
          <identity>
            <userPrincipalName value="GOD" />
          </identity>
        </endpoint>
        <endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange"/>
      </service>
    </services>
    <behaviors>
      <serviceBehaviors>
        <behavior name="_BridgeNameSpace.Service1Behavior">
          <!-- To avoid disclosing metadata information, set the value below to false and remove the metadata endpoint above before deployment -->
          <serviceMetadata httpGetEnabled="true"/>
          <dataContractSerializer maxItemsInObjectGraph="2147483647"/>
          <!-- To receive exception details in faults for debugging purposes, set the value below to true.  Set to false before deployment to avoid disclosing exception information -->
          <serviceDebug includeExceptionDetailInFaults="false"/>
        </behavior>
      </serviceBehaviors>
    </behaviors>
  </system.serviceModel>
  <system.web>
    <compilation debug="true"/>
  </system.web>
</configuration>

我还尝试将上面的标识部分更改为:< dns value ="localhost"/> ，但没有任何改变

I also tried to change the identity section above to: <dns value="localhost"/>, but nothing change

我按如下所示连接到我的应用程序中的服务:

I connect to my service in my application as following:

MyServiceClientProxy Proxy = null;
MyCallbackProxy myCallbackProxy = null;

myCallbackProxy = new MyCallbackProxy();
InstanceContext cntx = new InstanceContext(myCallbackProxy);
Proxy = new MyServiceClientProxy(cntx, "WSDualHttpBinding_I_BridgeWCFService");
Proxy.ClientCredentials.Windows.ClientCredential.UserName = "GOD";
Proxy.ClientCredentials.Windows.ClientCredential.Password = "yy";
try
{
Proxy.Open();
}
catch { return; }

BTW，当尝试将安全性更改为"时，收到以下异常(无论是否使用ClientCredential.Username& Password作为上面的代码):

BTW, when tried to change the security to '' got the following exception (wither or not use the ClientCredential.Username&Password as the code above):

The open operation did not complete within the allotted timeout of 00:00:59.1689524. The time allotted to this operation may have been a portion of a longer timeout.

任何想法?，请PLS帮助！

ANY IDEA ?, PLS help!

推荐答案

wsDualHttpBinding尝试打开从服务器到客户端的连接，该连接将被防火墙阻止

wsDualHttpBinding tries to open a connection from server to client which will be blocked by firewalls

我的建议是切换到netTcpBinding-在我写

My advice would be to switch to netTcpBinding - its much simpler for duplex messaging as I blogged here

这篇关于WCF双工-客户端无法在配置的超时时间内完成安全协商的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！