我如何用我的app.config的system.net部分在部分信任的环境? [英] How can I use the system.net section of my app.config in a partial trust environment?
问题描述
我已经使用ClickOnce部署WCF应用程序。 它连接到我的服务器使用https,和一切工作正常。
I've a WCF application deployed using clickonce. It connects to my server using https, and everything works fine
需要感谢以下code当我用默认代理:
I use the default proxy when needed thanks to the following code:
<configSections>
<sectionGroup name="system.net" type="System.Net.Configuration.NetSectionGroup, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
<section name="defaultProxy" type="System.Net.Configuration.DefaultProxySection, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"/>
</sectionGroup>
</configSections>
<system.net>
<defaultProxy useDefaultCredentials="true"/>
</system.net>
在完全信任模式下,一切工作正常。
In Full Trust mode, everything works fine
现在,如果我把我的安全设置,部分信任,它的工作很好,如果没有代理参与,但如果我尝试推出我的软件在企业环境中,代理 不再被自动检测到。
Now, if I set my security settings to partial trust, it does work fine if there's no proxy involved, but if I try to launch my software in a corporate environment, the proxy is not autodetected anymore.
这是我的理解:
在configSections不再被解析在部分信任的环境中,除非requirePermission属性设置,如下所示:
The configSections are not parsed anymore in partial trust environments, unless the requirePermission attribute is set, like this :
<section requirePermission="false" name="defaultProxy">
设置该属性抛出与以下错误消息System.Configuration.ConfigurationException:
Setting this attribute throw a System.Configuration.ConfigurationException with the following error message :
节或组名defaultProxy 已定义。更新此 可能只出现在配置 式中,规定的水平。
Section or group name 'defaultProxy' is already defined. Updates to this may only occur at the configuration level where it is defined.
在'defaultproxy部分确实已经在machine.config文件中定义的:
The 'defaultproxy' section is indeed already defined in the machine.config file :
<section name="defaultProxy" type="System.Net.Configuration.DefaultProxySection, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"/>
然而,这似乎不是一个问题,只要requirePermission未设置。换句话说,它似乎是错误消息,而应改为:
However, this doesn't seem to be a problem as long as the requirePermission is not set. In other words, it seems that the error message should rather read :
节或组名defaultProxy 已被定义与另一requirePermission设置。更新此 可能只出现在配置 式中,规定的水平。
Section or group name 'defaultProxy' is already defined with another requirePermission setting. Updates to this may only occur at the configuration level where it is defined.
已经有人遇到同样的问题?是否有可能以静默方式使用默认代理从部分信任模式下的WCF应用程序? 我也试着通过编程设置代理,都没有成功。
Has somebody run into the same problem? Is it possible to silently use the default proxy from a WCF application in partial trust mode? I've also tried to set the proxy programatically, without success
System.Net.WebProxy proxy = new WebProxy();
proxy.UseDefaultCredentials = true;
WebRequest.DefaultWebProxy = proxy;
在的WSHttpBinding的useDefaultWebProxy属性从一开始就设定直,但似乎并没有工作,无论是在部分或完全信任的环境中,没有system.net.defaultProxy部分正确定义的:
The useDefaultWebProxy attribute of the wshttpbinding is set straight from the beginning, but doesn't seem to work, either in a partial or full trust environment, without the 'system.net.defaultProxy' section correctly defined :
<binding name="WebBinding" useDefaultWebProxy="true">
我想我可以问我的客户端更新本地的machine.config文件来添加所需的defaultProxy useDefaultCredentials =真,但它绝对不是要易于部署。
I guess I could ask my clients to update their local machine.config files to add the needed defaultProxy useDefaultCredentials="true", but it's definitely not gonna ease deployment.
推荐答案
我相信这是一个已知问题,可能与私人密钥传输。这里有一个MS连接条目:
I believe this is a known issue, possibly related to private key transport. There is an MS Connect entry here:
的https://connect.microsoft.com/VisualStudio/feedback/ViewFeedback.aspx?FeedbackID=354646
我希望我正确地理解这一问题。如果你的问题是这个错误的结果,那么它看起来像有一个修复不埃塔只是还没有。但是,有可能是与手动请求证书的解决方法。显然,这是不理想,但它可能给你另一种选择,你部署到生产系统之前。
I hope I have understood the issue correctly. If your issues are the result of this bug, then it looks like there's no ETA on a fix just yet. However, there may be a workaround related to manually requesting credentials. Obviously this isn't ideal, but it may give you another option before you deploy to production systems.
目前在MSDN论坛上进一步讨论此:
There is additional discussion on the MSDN forums here:
<一个href="http://social.msdn.microsoft.com/Forums/en-US/wcf/thread/c19b726b-573b-4157-91fd-051724f04180/" rel="nofollow">http://social.msdn.microsoft.com/Forums/en-US/wcf/thread/c19b726b-573b-4157-91fd-051724f04180/
这篇关于我如何用我的app.config的system.net部分在部分信任的环境?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
