从Silverlight 4调用HTTPS-WCF服务时的SecurityError [英] SecurityError when calling a HTTPS-WCF Service from Silverlight 4

问题描述

我创建了一个简单的WCF服务，我想通过https访问它。 WCF服务使用UserNamePasswordValidator，customBinding和UserNameOverTransport作为身份验证模式。我在IIS7.5中运行它，在那里我创建了一个自签名服务器证书。

I have created a simple WCF-Service which I want to be accessible via https. The WCF-Service uses a UserNamePasswordValidator, customBinding and UserNameOverTransport as authentication mode. I run it in the IIS7.5 where I have created a self-signed server certificate.

我尝试使用Silverlight 4应用程序连接到该服务。我在Silverlight 4应用程序中创建了一个服务引用，VS 2010会自动创建所需的代码（显然它能够连接到服务并获取信息）。

I try to connect to that service with an Silverlight 4 application. I create a Service Reference in my Silverlight 4 app, and VS 2010 automatically creates the needed code (so obviously it is able to connect to the service and get the information).

当我调用WCF时，我得到一个没有关于原因的信息的SecurityException。

When I call the WCF, I get a SecurityException with no infos about the reason.

我有小提琴跑来看看发生了什么。

I have fiddler running to see what is happening.

获取 https://my.server:8099 /clientaccesspolicy.xml 未找到404（text / html）

获取 https ：//my.server：8099 / crossdomain.xml 200 OK（text / xml）

GET https://my.server:8099/clientaccesspolicy.xml 404 Not Found (text/html)
GET https://my.server:8099/crossdomain.xml 200 OK (text/xml)

所以GET for crossdomain.xml似乎是对服务器的最后一次调用。

So the GET for the crossdomain.xml seems to be the last call to the server.

crossdomain.xml如下所示：

The crossdomain.xml looks as follows:

<?xml version="1.0"?> 
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>  
  <allow-access-from domain="*" />  
  <allow-http-request-headers-from domain="*" headers="*" />
</cross-domain-policy>

当在客户端和ExceptionMessage上调用base.EndInvoke（...）时发生异常如下：

The exception happens, when base.EndInvoke(...) is called on the client and the ExceptionMessage is the following:

{System.Security.SecurityException ---> System.Security.SecurityException：Sicherheitsfehler
bei System.Net.Browser.BrowserHttpWebRequest.InternalEndGetResponse （IAsyncResult asyncResult）
bei System.Net.Browser.BrowserHttpWebRequest。<> c_ DisplayClass5.b _4（Object sendState）
bei System.Net.Browser.AsyncHelper。< ;> c_ DisplayClass2.b _0（Object sendState）
--- Ende der internenAusnahmestapelüberwachung---
bei System.Net.Browser.AsyncHelper.BeginOnUI（SendOrPostCallback beginMethod，对象状态）
bei System.Net.Browser.BrowserHttpWebRequest.EndGetResponse（IAsyncResult asyncResult）
bei System.ServiceModel.Channels.HttpChannelFactory.HttpRequestChannel.HttpChannelAsyncRequest.CompleteGetResponse（IAsyncResult result）}

{System.Security.SecurityException ---> System.Security.SecurityException: Sicherheitsfehler bei System.Net.Browser.BrowserHttpWebRequest.InternalEndGetResponse(IAsyncResult asyncResult) bei System.Net.Browser.BrowserHttpWebRequest.<>c_DisplayClass5.b_4(Object sendState) bei System.Net.Browser.AsyncHelper.<>c_DisplayClass2.b_0(Object sendState) --- Ende der internen Ausnahmestapelüberwachung --- bei System.Net.Browser.AsyncHelper.BeginOnUI(SendOrPostCallback beginMethod, Object state) bei System.Net.Browser.BrowserHttpWebRequest.EndGetResponse(IAsyncResult asyncResult) bei System.ServiceModel.Channels.HttpChannelFactory.HttpRequestChannel.HttpChannelAsyncRequest.CompleteGetResponse(IAsyncResult result)}

这是我的UserNamePa sswordValidator。请注意，出于调试原因，它包含一个记录器。奇怪的是，记录器从不写任何东西，所以似乎甚至没有调用Validate函数。

Here is my UserNamePasswordValidator. Note, that included a logger for debugging reasons. Strange thing is, that the logger never writes anything, so it seems, that the Validate function isn't even called.

namespace ServiceConfiguratorDataSource
{
  public class UserCredentialsValidator : UserNamePasswordValidator
  {
    public override void Validate(string userName, string password)
    {
      if (userName != "xyz" || password != "xyz")
      {
        logging.Logger.instance.StatusRoutine("LogOn Error: " + userName);
        throw new FaultException("Credentials are invalid");
      }
      else
      {
        logging.Logger.instance.StatusRoutine("LogOn Success: " + userName);
      }
    }
  }
}

这里是我的WCF服务的Web.config：

Here is the Web.config of my WCF-Service:

<?xml version="1.0" encoding="utf-8"?>
  <configuration>
    <system.web>
      <compilation debug="true" targetFramework="4.0" />
    </system.web>
    <system.serviceModel>
      <services>
        <service name="ServiceConfiguratorDataSource.Service" behaviorConfiguration="ServiceConfiguratorDataSourceBehaviour">
          <endpoint address="" binding="customBinding" bindingConfiguration="ServiceConfiguratorCustomBinding" contract="ServiceConfiguratorDataSource.IService" />
        </service>
      </services>
      <bindings>
        <customBinding>
          <binding name="ServiceConfiguratorCustomBinding">
            <security authenticationMode="UserNameOverTransport"></security>
            <binaryMessageEncoding></binaryMessageEncoding>
            <httpsTransport/>
          </binding>
        </customBinding>
      </bindings>
      <behaviors>
        <serviceBehaviors>
          <behavior name="ServiceConfiguratorDataSourceBehaviour">
            <serviceMetadata httpsGetEnabled="true" />
            <serviceDebug includeExceptionDetailInFaults="true"/>
            <serviceCredentials>
              <userNameAuthentication userNamePasswordValidationMode="Custom" customUserNamePasswordValidatorType="ServiceConfiguratorDataSource.UserCredentialsValidator,ServiceConfiguratorDataSource" />
            </serviceCredentials>
          </behavior>
        </serviceBehaviors>
      </behaviors>
      <serviceHostingEnvironment multipleSiteBindingsEnabled="true" />
    </system.serviceModel>
    <system.webServer>
      <modules runAllManagedModulesForAllRequests="true"/>
    </system.webServer>
  </configuration>

这里的ServiceReferences.ClientConfig

and here the ServiceReferences.ClientConfig

<configuration>
  <system.serviceModel>
    <bindings>
      <customBinding>
        <binding name="CustomBinding_IService">
          <security authenticationMode="UserNameOverTransport" includeTimestamp="true">
            <secureConversationBootstrap />
          </security>
          <binaryMessageEncoding />
          <httpsTransport maxReceivedMessageSize="2147483647" maxBufferSize="2147483647" />
        </binding>
      </customBinding>
    </bindings>
    <client>
      <endpoint address="https://my.server:8099/ServiceConfiguratorDataSource/Service.svc" binding="customBinding" bindingConfiguration="CustomBinding_IService" contract="WCFDataProvider.IService" name="CustomBinding_IService" />
    </client>
  </system.serviceModel>
</configuration>

我的想法可能是导致问题的原因。

I'm out of ideas what might be the cause of the problem.

提前致谢，

Frank

Thanks in advance,
Frank

推荐答案

你是clientaccesspolicy吗？ xml允许https？

这里的例子就是。

Does you clientaccesspolicy.xml allow https?
Here is example.

这篇关于从Silverlight 4调用HTTPS-WCF服务时的SecurityError的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！