首页 新闻 赞助 找找看

WCF消息安全模式下的验证问题

0
悬赏园豆:10 [已解决问题] 解决于 2012-10-13 11:31

wcf服务端配置:

<system.serviceModel>

    <bindings>
      <wsHttpBinding>
        <binding name="EndpointBinding">
          <security mode="Message">
            <message clientCredentialType="UserName"/>
          </security>
        </binding>
      </wsHttpBinding>
    </bindings>

    <services>
      <service name="WcfService.Service1" behaviorConfiguration="httpBehavior">
        <host>
          <baseAddresses>
            <add baseAddress="http://localhost:8732/Design_Time_Addresses/WcfService/Service1/"/>
          </baseAddresses>
        </host>
        
        <endpoint address="http://202.196.96.105:8888/Service1" binding="wsHttpBinding" contract="WcfService.IService1" bindingConfiguration="EndpointBinding">

          <!--<identity>
            <dns value="WCFTest"/>
          </identity>-->
          
        </endpoint>
        <endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange"/>
      </service>
    </services>
    <behaviors>
      <serviceBehaviors>
        <behavior name="httpBehavior">
          <serviceMetadata httpGetEnabled="True"/>
          <serviceDebug includeExceptionDetailInFaults="False"/>
          
          <serviceCredentials>
            <!--指定验证方式为Custom,表示自定义,既然是自定义的,就要指出用哪个类进行用户名密码验证,这里指定了Server程序集中的Server.Validator类,注意这里类完整名称的写法-->
            <userNameAuthentication userNamePasswordValidationMode="Custom" customUserNamePasswordValidatorType="WcfService.Validator, WcfService" />
            <!--指定用于数据加密的证书,LocalMachine表示本地计算机,Root表示受信任根证书颁发机构,192.168.90.81是证书标题(因为做证书时没指定标题,所以使用者默认就是标题),FindBySubjectName表示按标题查找-->
            <serviceCertificate storeLocation="LocalMachine" storeName="Root" findValue="WCFTest" x509FindType="FindBySubjectName" />
          </serviceCredentials>
          
          
        </behavior>
      </serviceBehaviors>
    </behaviors>
  </system.serviceModel>

 

客户端代码:

WSHttpBinding bind = new WSHttpBinding();
            EndpointIdentity identity = EndpointIdentity.CreateDnsIdentity("WCFTest");
            Uri uri = new Uri("http://202.196.96.2:8888/Service1");
            EndpointAddress address = new EndpointAddress(uri, identity);
            //EndpointAddress address = new EndpointAddress("http://202.196.96.105:8888/Service1");
            ChannelFactory<IService1> cf = new ChannelFactory<IService1>(bind, address);
            cf.Credentials.UserName.UserName = "lr";
            cf.Credentials.UserName.Password = "liuran123-";
            IService1 iservice = cf.CreateChannel();
            string str = iservice.GetData("测试成功!");
            Console.Write(str);
            Console.Read();

服务端服务能监听成功,但是在客户端调用时会抛出这个异常信息:

Secure channel cannot be opened because security negotiation with the remote endpoint has failed. This may be due to absent or incorrectly specified EndpointIdentity in the EndpointAddress used to create the channel. Please verify the EndpointIdentity specified or implied by the EndpointAddress correctly identifies the remote endpoint

 

希望有遇到这个问题或者知道原因的帮忙看下吧,谢谢了,纠结了好多天了,就是没找出问题!感激不尽!

路遥天的主页 路遥天 | 初学一级 | 园豆:111
提问于:2012-10-12 10:33
< >
分享
最佳答案
0

原因找到了,我客户端访问的时候都用的是代码加入的配置信息,但是少了message模式下客户端验证类型:Username(自定义用户名密码),所以需要加上一句代码

bind.Security.Message.ClientCredentialType = MessageCredentialType.UserName;

这样就ok了,希望对有同样错误的朋友有所帮助。当然如果你客户端访问是不是用代码加入的代码信息,是在配置文件里就不会有这个问题。

路遥天 | 初学一级 |园豆:111 | 2012-10-13 11:31
清除回答草稿
   您需要登录以后才能回答,未注册用户请先注册