您的位置: 首页  >  技术问答  >  IIS在IIS + TransportCredentialOnly / Windows auth的basicHttpBinding中托管了WCF服务+ Windows身份验证

IIS在IIS + TransportCredentialOnly / Windows auth的basicHttpBinding中托管了WCF服务+ Windows身份验证

分类: 技术问答 2022-06-12 15:26:42
问题描述:

我想创建一个在IIS6中托管的WCF服务,并在IIS中禁用匿名身份验证。并且不要使用SSL。

I want to create a WCF-service hosted in IIS6 and disable anonymous authentication in IIS. And don't use SSL.

所以我唯一的方法是使用basicHttpBinging和 TransportCredentialOnly ,它不是它?

So only way I have is to use basicHttpBinging with TransportCredentialOnly, itsn't it?

我创建了一个虚拟目录,设置了Windows Integrated Auth并取消选中启用匿名访问。

I create a virtual directory, set Windows Integrated Auth and uncheck "Enable Anonymous Access".

这是我的web.config:

Here's my web.config:

<system.serviceModel>
        <bindings>
            <basicHttpBinding>
                <binding name="MyBinding">
                    <security mode="TransportCredentialOnly">
                        <transport clientCredentialType="Windows" />
                    </security>
                </binding>
            </basicHttpBinding>
        </bindings>
        <services>
            <service name="Samples.ServiceFacadeService" behaviorConfiguration="ServiceFacadeServiceBehavior">
                <endpoint address="" binding="basicHttpBinding" bindingName="MyBinding"
                          contract="Samples.IServiceFacadeService">
                </endpoint>
            </service>
        </services>
    <behaviors>
        <serviceBehaviors>
            <behavior name="ServiceFacadeServiceBehavior">
                <serviceDebug includeExceptionDetailInFaults="true"/>
            </behavior>
        </serviceBehaviors>
    </behaviors>
</system.serviceModel>

您可以看到我甚至没有将MEX-enpoint包含在元数据交换中。使用TransportCredentialOnly安全性只有一个端点和一个绑定。

You can see that I even haven't included MEX-enpoint for metadata exchange. Just one endpoint and one binding for it with TransportCredentialOnly security.

但是当我尝试启动服务(通过客户端代理调用方法)时,我在EventLog中遇到了这样的异常:

But when I tries to start service (invoking a method throught client proxy) I got such exception in the EventLog:


异常:
System.ServiceModel.ServiceActivationException:
服务
'/ wcftest / ServiceFacadeService。由于编译期间的
异常,无法激活svc'

异常消息是:此服务的安全
设置需要
'匿名'身份验证,但是对于承载此服务的IIS应用程序
,未启用
.. --->
System.NotSupportedException:此服务的安全
设置需要
'匿名'身份验证,但是没有为IIS应用程序启用

托管此服务服务。

Exception: System.ServiceModel.ServiceActivationException: The service '/wcftest/ServiceFacadeService.svc' cannot be activated due to an exception during compilation. The exception message is: Security settings for this service require 'Anonymous' Authentication but it is not enabled for the IIS application that hosts this service.. ---> System.NotSupportedException: Security settings for this service require 'Anonymous' Authentication but it is not enabled for the IIS application that hosts this service.

我不知道为什么我的服务需要Anonymous auth?为什么?

I have no idea why my service require Anonymous auth? Why?

查看WCF团队的Nicholas Allen关于这个问题的帖子:

Check out this post by Nicholas Allen from the WCF team about this exact issue:

http:/ /blogs.msdn.com/drnick/archive/2007/03/23/preventing-anonymous-access.aspx

相关推荐