Silverlight 客户端身份并不总是传递到服务器?
我有一个 Silverlight 客户端,在通过 WCF basicHttpBinding 与其源自的服务器进行通信时遇到一些问题。服务配置如下:
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="silverlightBinding">
<security mode="TransportCredentialOnly">
<transport clientCredentialType="Windows" />
</security>
</binding>
</basicHttpBinding>
</bindings>
<services>
<service name="MyServices.ImportService">
<endpoint address="" binding="basicHttpBinding"
contract="MyServices.IImportService"
bindingConfiguration="silverlightBinding" />
</service>
</services>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true"/>
</system.serviceModel>
服务器是配置为使用集成身份验证的 IIS6 Web 服务器。应用程序池标识是域帐户。
现在,有些从 Silverlight 客户端到 Web 服务器的调用包含客户端身份(访问客户端的域用户),有些则不包含!我已经包含了 IIS 日志的一部分来显示这一点:
2009-12-09 14:10:00 W3SVC1490499214 10.0.0.113 GET /ClientBin/MySLApp.xap - 80 BROWNIE\TestUser 10.0.0.216 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1) 304 0 0
2009-12-09 14:12:33 W3SVC1490499214 10.0.0.113 POST /Services/ImportService.svc - 80 - 10.0.0.216 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1) 401 2 2148074254
2009-12-09 14:12:33 W3SVC1490499214 10.0.0.113 POST /Services/ImportService.svc - 80 - 10.0.0.216 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1) 401 2 2148074254
2009-12-09 14:12:33 W3SVC1490499214 10.0.0.113 POST /Services/ImportService.svc - 80 - 10.0.0.216 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1) 401 1 0
2009-12-09 14:12:33 W3SVC1490499214 10.0.0.113 POST /Services/ImportService.svc - 80 BROWNIE\TestUser 10.0.0.216 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1) 200 0 0
2009-12-09 14:12:33 W3SVC1490499214 10.0.0.113 POST /Services/ImportService.svc - 80 - 10.0.0.216 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1) 401 1 0
2009-12-09 14:12:34 W3SVC1490499214 10.0.0.113 POST /Services/ImportService.svc - 80 BROWNIE\TestUser 10.0.0.216 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1) 200 0 0
2009-12-09 14:12:34 W3SVC1490499214 10.0.0.113 POST /Services/ImportService.svc - 80 - 10.0.0.216 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1) 401 1 0
2009-12-09 14:12:34 W3SVC1490499214 10.0.0.113 POST /Services/ImportService.svc - 80 BROWNIE\TestUser 10.0.0.216 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1) 200 0 0
如果向右滚动一点,您会看到对于某些请求,身份是已知的 (BROWNIE\TestUser)。然而,对于大多数请求来说,情况并非如此。就好像客户端“随机”选择何时发送身份。
有没有人见过这种行为并找到解决方案?
I have a Silverlight client that has some problems talking to the server it originates from via a WCF basicHttpBinding. The service configuration is as follows:
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="silverlightBinding">
<security mode="TransportCredentialOnly">
<transport clientCredentialType="Windows" />
</security>
</binding>
</basicHttpBinding>
</bindings>
<services>
<service name="MyServices.ImportService">
<endpoint address="" binding="basicHttpBinding"
contract="MyServices.IImportService"
bindingConfiguration="silverlightBinding" />
</service>
</services>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true"/>
</system.serviceModel>
The server is an IIS6 web server that is configured to use integrated authentication. The application pool identity is a domain account.
Now some calls from the Silverlight client to the web server include the client identity (the domain user that accesses the client) and some do not! I have included a part of the IIS log to show this:
2009-12-09 14:10:00 W3SVC1490499214 10.0.0.113 GET /ClientBin/MySLApp.xap - 80 BROWNIE\TestUser 10.0.0.216 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1) 304 0 0
2009-12-09 14:12:33 W3SVC1490499214 10.0.0.113 POST /Services/ImportService.svc - 80 - 10.0.0.216 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1) 401 2 2148074254
2009-12-09 14:12:33 W3SVC1490499214 10.0.0.113 POST /Services/ImportService.svc - 80 - 10.0.0.216 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1) 401 2 2148074254
2009-12-09 14:12:33 W3SVC1490499214 10.0.0.113 POST /Services/ImportService.svc - 80 - 10.0.0.216 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1) 401 1 0
2009-12-09 14:12:33 W3SVC1490499214 10.0.0.113 POST /Services/ImportService.svc - 80 BROWNIE\TestUser 10.0.0.216 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1) 200 0 0
2009-12-09 14:12:33 W3SVC1490499214 10.0.0.113 POST /Services/ImportService.svc - 80 - 10.0.0.216 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1) 401 1 0
2009-12-09 14:12:34 W3SVC1490499214 10.0.0.113 POST /Services/ImportService.svc - 80 BROWNIE\TestUser 10.0.0.216 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1) 200 0 0
2009-12-09 14:12:34 W3SVC1490499214 10.0.0.113 POST /Services/ImportService.svc - 80 - 10.0.0.216 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1) 401 1 0
2009-12-09 14:12:34 W3SVC1490499214 10.0.0.113 POST /Services/ImportService.svc - 80 BROWNIE\TestUser 10.0.0.216 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1) 200 0 0
If you scroll a little to the right, you see that for some requests an identity is known (BROWNIE\TestUser). For most requests, however, this is not the case. It's as if the client 'randomly' chooses when to send an identity along.
Has anyone ever seen this behavior and found a solution?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
我在 silverlight 应用程序中遇到过类似的行为..结果是以下问题之一:
WCF 错误 1
WCF 错误 2
博客信息支持
它不会在 Windows 7 中发生,但在某些 Windows Server 版本上会发生..不记得是哪个。
I've experienced similar behaviour with a silverlight app.. turned out to be one of these problems:
WCF bug 1
WCF bug 2
Blog infosupport
It does not happen in Windows 7, but on some windows Server versions it does.. can't remember which.
在我看来,就像 3 次标准身份验证握手(每次 2 401 次),然后是成功的访问 (200)。如果您快速连续地看到很多这样的情况,那么这表明与服务器的连接没有被重新用于后续访问。我不是 wcf 专家,这可能是正常的,尽管如果不能以某种方式配置它,我会感到失望。
Looks to me like 3 standard authentication handshakes (2 401's each) followed by a succesful access (200). If you are seeing a lot of these in quick succession then this indicates that connections to the server are not being re-used for subsequent access. I'm not a wcf expert it could be that this is normal, although I'd be disappointed if this could not be configured away some how.