您的位置: 首页  >  技术问答  >  访问 WCF 服务时获取安全设置异常

访问 WCF 服务时获取安全设置异常

分类: 技术问答 2022-05-31 19:20:49
问题描述:

以下是我的 WCF 服务的绑定配置.

Following are binding configurations of my WCF service.

  • 匿名访问:关闭
  • 基本身份验证:开启
  • 集成 Windows 身份验证:关闭!

支持HTTP协议.

我在访问 WCF 服务时遇到以下异常:

I am getting an following exception while accessing my WCF service:

此服务的安全设置需要匿名"身份验证,但未为托管此服务的 IIS 应用程序启用. 

<system.serviceModel>

    <bindings>

          <basicHttpBinding>

                <binding name="MyBinding">

                      <security mode="TransportCredentialOnly">                           

                            <transport clientCredentialType ="Basic" />

                      </security>

                </binding>

          </basicHttpBinding>

    </bindings>

<services>

        <service behaviorConfiguration="WMWcfWebServiceLib.Service1Behavior"

          name="WMWcfWebServiceLib.WMWcfWebService">

              <endpoint address="" binding="basicHttpBinding" bindingConfiguration="MyBinding"

                contract="WMWcfWebServiceLib.IWMWebService">                    



              </endpoint>

              <endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" />

              <host>

                    <baseAddresses>

                          <add baseAddress="http://localhost:8731/Design_Time_Addresses/WMWcfWebServiceLib/Service1/" />

                    </baseAddresses>

              </host>

        </service>

  </services>

<behaviors>

  <serviceBehaviors>

    <behavior name="WMWcfWebServiceLib.Service1Behavior">

      <!-- To avoid disclosing metadata information, 

      set the value below to false and remove the metadata endpoint above before deployment -->

      <serviceMetadata httpGetEnabled="True"/>

      <!-- To receive exception details in faults for debugging purposes, 

      set the value below to true.  Set to false before deployment 

      to avoid disclosing exception information -->

      <serviceDebug includeExceptionDetailInFaults="False" />

    </behavior>

  </serviceBehaviors>

</behaviors>

请帮忙!!

编辑

我可以通过 Web 浏览器访问 WCF 服务,并进行以下更改:

I am able to access the WCF service through the web browser with the following changes:

将安全模式更改为 TransportCredentialOnly 并删除了 Mex 端点,但现在很明显我无法在客户端创建代理.

Changes the security mode to TransportCredentialOnly and Removed the Mex Endpoint, but now as obvious I am not able to create the proxy on the client side.

请告诉我我错在哪里?

如果您只想支持 HTTP,则根本不使用您的配置,因为 mode="Transport" 需要 HTTPS.首先找出不使用 config 的原因(可能是 service 元素中的错误类型名称).接下来将安全模式更改为 TransportCredentialOnly.但请注意,TransportCredentialOnly + 基本身份验证意味着 HTTP 请求将包含纯文本 Windows 用户名和密码.在大多数情况下,此类实施不会通过任何安全审核.

If you want to support HTTP only your configuration is not used at all because mode="Transport" demands HTTPS. First find why config is not used (probably wrong type name in service element). Next change security mode to TransportCredentialOnly. But be aware that TransportCredentialOnly + Basic authentication means that HTTP requests will contain plain text Windows user name and password. In most cases such implementation will not pass any security audit.

如果您在服务元数据行为中仍然支持 httpGetEnabled,您可以在没有 mex 端点的情况下创建代理.

You can create proxy without mex endpoint if you still support httpGetEnabled in service metadata behavior.

相关推荐