为什么我的本地 WCF 客户端 IP 不是 127.0.0.1?
我有一个 WCF 客户端和服务,通过 wsHttpBinding 使用 HTTPS。
一种常见的设置是将客户端和服务器组件放在同一台计算机上。出于 SSL 原因,客户端必须设置端点地址以包含服务器的计算机名称,而不是 localhost,即 https://mymachine/myservice/service.svc
问题是,默认 IIS 有一个IP 限制白名单仅限 127.0.0.1。如果我在 IE7 中浏览 svc 文件,这是可行的,但是当使用 WCF 客户端时,我可以在 IIS 日志中看到,WCF 服务器从 WCF 客户端的网络/真实 IP 地址接收消息,而不是 127.0.0.1,并且因此客户被拒绝。
有谁知道为什么 WCF 客户端在本地进行通信,使用网络 IP,而不是 127.0.0.1,这可以更改吗?
任何其他解决方法都值得赞赏,但我真的希望避免更改 SSL 设置或彻底修改绑定。最简单的解决方案似乎是在系统重新启动时使用客户端的新 IP 更新白名单。
请注意,我尝试在主机文件中添加我的机器名(IP 127.0.0.1),但这没有效果。
I have a WCF client and service using HTTPS over the wsHttpBinding.
One common setup has the client and server components on the same machine. The client has to set the endpoint address to include the server's machine name, rather than localhost for SSL reasons i.e. https://mymachine/myservice/service.svc
The problem is, that the default IIS has an IP restriction whitelist to 127.0.0.1 only. If I browse the svc file in IE7, this works, but when using the WCF client I can see in the IIS logs, that the the WCF server receives messages from the WCF client's network/real IP address, rather than 127.0.0.1, and therefore the client is rejected.
Does anyone know why the WCF client is communicating locally, using the network IP, rather 127.0.0.1, and can this be changed?
Any other workarounds are appreciated, but I'm really looking to avoid changing the SSL setup, or overhauling the bindings. The simplest solution appears to be to update the whitelist on system restart with the clients new IP.
Note that I have tried adding my machinename, with IP 127.0.0.1 in the hosts file, but this hasn't had an effect.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
我对旧版本 Windows 的回忆是,Windows 在这一类别中有点烦人,因为它似乎是自我命名的。换句话说,Windows 似乎认为它可以为自己的主机名提供信息(即使它可能与外部命名服务所说的不同),而不是让所有命名服从您对 DNS 和 /etc/hosts 的配置选择。
因此,您可能会看到 Windows 正在将主机名与主界面的 IP 地址进行匹配。这可以解释为什么您无法使用 /etc/hosts 映射主机名。
(仅供参考:这是我对我过去的个人经历和问题描述的解释。我没有花时间使用此配置,因此可能比我提到的更多。)
My recollection with older versions of windows is that Windows is a little annoying in this category, because it seems to be self-naming. In other words, rather than letting ALL naming obey your configuration choices for DNS and /etc/hosts, Windows seems to think it can server the information for its own hostname (even if it might be different than what the external naming service says).
So, what you might be seeing is that Windows is matching the hostname to the IP address of the main interface. That would explain why you cannot map the hostname with /etc/hosts.
(FYI: This is my interpretation of my past personal experiences and the problem description. I did not spend time working with this configuration, so there could be more to this than I mentioned.)
替换
有
作用吗?
Does replacing
with
work?