iis7 wcf：在本地计算机上我得到401 - 未经授权：由于凭据无效，访问被拒绝 [英] iis7 wcf: on local computer I get 401 - Unauthorized: Access is denied due to invalid credentials

问题描述

我是网络服务的新手，我遇到了以下问题。我有一个在IIS 7.5和Windows 2008 R2上以Windows身份验证模式运行的WCF服务。
当我直接从IIS机器调用它时它工作正常。
但是当我尝试从本地计算机呼叫服务时，我收到以下错误：401 - 未经授权：由于凭证无效，访问被拒绝。

I am new to web services and I have following problem. I have a WCF service that is running in Windows Authentication mode on IIS 7.5 and Windows 2008 R2. It works good when I call it directly from the IIS machine. But when I try to call service from local computer then I get following error: 401 - Unauthorized: Access is denied due to invalid credentials.

服务是在本地计算机上工作几天然后突然停止了（我不确定但是有些配置可能已经改变了。）

The service was working on local computers for few days and suddenly it stopped (I am not sure but it is possible that some configuration was changed).

我直接从IExplorer调用服务： http：//serveriis/ssopension/service.svc

I call service directly from IExplorer: http://serveriis/ssopension/service.svc

web.config：

web.config:

 <?xml version="1.0" encoding="UTF-8"?>
<configuration>

  <connectionStrings configProtectionProvider="RsaProtectedConfigurationProvider">
    <EncryptedData Type="http://www.w3.org/2001/04/xmlenc#Element" xmlns="http://www.w3.org/2001/04/xmlenc#">
      <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc" />
      <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
        <EncryptedKey xmlns="http://www.w3.org/2001/04/xmlenc#">
          <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5" />
          <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
            <KeyName>Rsa Key</KeyName>
          </KeyInfo>
          <CipherData>
            <CipherValue>O8jBoF9YUW3sZtSN+L/Xxhzss=</CipherValue>
          </CipherData>
        </EncryptedKey>
      </KeyInfo>
      <CipherData>
        <CipherValue>C+EeTszivHho8Ujk2oIQ==</CipherValue>
      </CipherData>
    </EncryptedData>
  </connectionStrings>


<system.web>
    <compilation targetFramework="4.0" />

    <authentication mode="Windows" />

    <pages controlRenderingCompatibilityVersion="3.5" clientIDMode="AutoID" />
  </system.web>

  <system.serviceModel>

    <bindings>
      <basicHttpBinding>
        <binding name="BasicHttpEndpointBinding">
          <security mode="TransportCredentialOnly">
            <transport clientCredentialType="Windows" />
          </security>
        </binding>
      </basicHttpBinding>
    </bindings>

    <services>
      <service behaviorConfiguration="SSO_Pension.ServiceBehavior" name="SSO_Pension.Service">
        <endpoint address="" binding="basicHttpBinding" bindingConfiguration="BasicHttpEndpointBinding" name="BasicHttpEndpoint" contract="SSO_Pension.IService">
          <identity>
            <dns value="localhost" />
          </identity>
        </endpoint>

      </service>
    </services>

    <behaviors>
      <serviceBehaviors>
        <behavior name="SSO_Pension.ServiceBehavior">
          <!-- To avoid disclosing metadata information, set the value below to false and remove the metadata endpoint above before deployment -->
          <serviceMetadata httpGetEnabled="true" />
          <!-- To receive exception details in faults for debugging purposes, set the value below to true.  Set to false before deployment to avoid disclosing exception information -->
          <serviceDebug includeExceptionDetailInFaults="false" />
        </behavior>
      </serviceBehaviors>
    </behaviors>

    </system.serviceModel>


    <system.webServer>
        <defaultDocument>
            <files>
                <add value="Service.svc" />
            </files>
        </defaultDocument>
    </system.webServer>

</configuration>

推荐答案

我在
http：//social.technet。 microsoft.com/Forums/en-US/winserversecurity/thread/c9239a89-fbee-4adc-b72f-7a6a9648331f/

对于这可能有所帮助的人来说，这节省了我的生命...

To whoever this may help, this saved my life...

IIS 7很难弄清楚为什么我得到401 -
未经授权：访问是由于凭证无效而被拒绝...直到i
这样做...

IIS 7 was difficult for figuring out why i was getting the 401 - Unauthorized: Access is denied due to invalid credentials... until i did this...

1。）打开iis并选择导致401的网站

1.) Open iis and select the website that is causing the 401

2。）打开IIS标题下的身份验证属性

2.) Open the "Authentication" property under the "IIS" header

3。）点击Windows身份验证项目并单击提供商

3.) Click the "Windows Authentication" item and click "Providers"

4。）对我来说，问题是谈判高于NTLM。我假设在幕后发生了某种握手，但我从未真正认证过
。我把NTLM移到了最顶层的位置，并且修改了它的
BAM。

4.) For me the issue was that Negotiate was above NTLM. I assume that there was some kind of handshake going on behind the scenes, but i was never really authenticated. I moved the NTLM to the top most spot, and BAM that fixed it.

这篇关于iis7 wcf：在本地计算机上我得到401 - 未经授权：由于凭据无效，访问被拒绝的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！