部分信任环境中的 WCF
我已通过 WCF 部署到主机,并且我的 ASP.NET 站点正在尝试使用相同的服务。
我收到此错误:
名为 BasicHttpBinding 的绑定 验证失败,因为它包含 具有类型的 BindingElement System.ServiceModel.Channels.MtomMessageEncodingBindingElement 部分不支持 相信。考虑使用 BasicHttpBinding 或 WSHttpBinding,或者 将您的应用程序托管在 完全信任的环境。描述: 期间发生未处理的异常 当前网络的执行 要求。请检查堆栈跟踪 有关错误的更多信息 以及它在代码中的起源。
异常详细信息: System.InvalidOperationException: 使用名称 BasicHttpBinding 进行绑定 验证失败,因为它包含 具有类型的 BindingElement System.ServiceModel.Channels.MtomMessageEncodingBindingElement 部分不支持 相信。考虑使用 BasicHttpBinding 或 WSHttpBinding,或托管您的 完全信任的应用 环境。
我该如何解决这个问题?
I have deployed by WCF to a host and my ASP.NET site is trying to consume the same service.
I get this error:
The Binding with name BasicHttpBinding
failed validation because it contains
a BindingElement with type
System.ServiceModel.Channels.MtomMessageEncodingBindingElement
which is not supported in partial
trust. Consider using
BasicHttpBinding or WSHttpBinding, or
hosting your application in a
full-trust environment. Description:
An unhandled exception occurred during
the execution of the current web
request. Please review the stack trace
for more information about the error
and where it originated in the code.Exception Details:
System.InvalidOperationException: The
Binding with name BasicHttpBinding
failed valiadation because it contains
a BindingElement with type
System.ServiceModel.Channels.MtomMessageEncodingBindingElement
which is not supported in partial
trust. Consider using BasicHttpBinding
or WSHttpBinding, or hosting your
application in a full-trust
environment.
How do I get around this?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(3)
正如它所说:不要使用 MTOM,或在完全信任的环境中托管。
文本消息编码:
大多数共享托管提供商仅提供部分信任的 .NET 托管。您将需要一台(半)专用机器来获得完全信任,或者在互联网上寻找想要冒险的共享托管提供商。
Exactly what it says: do not use MTOM, or host in a full trust environment.
Text message encoding:
Most shared hosting providers will only provide partial trust .NET hosting. You will need a (semi-)dedicated machine for full trust, or look around on the internet for a shared hosting provider that wants to risk it.
您无法“绕过”部分信任的主机来运行需要完全信任的代码。
你有两个选择。首先,遵循错误消息的建议并使用不需要完全信任的绑定。或者,其次,您可以找到一个将完全信任地运行您的代码的主机。
You can't "get around" a partial trust host in order to run code that requires full trust.
You have two options. First, follow the recommendations of the error message and use a binding that doesn't require full trust. Or, second, you could locate a host that will run your code in full trust.
您可以使用不同的选项
让我用一个例子来详细说明第三个选项。假设您有一个方法调用 MakeServiceCallToDangerousSite(string siteUrl)。您需要从部分受信任的代码中调用它,您不希望它被滥用。该怎么办?
首先,您可以避免从调用者处获取“危险站点”URL,即 MakeServiceCallToDangerousSite()。
其次,既然您完全控制了该调用,您就可以声明代表调用者进行该调用所需的 CLR 权限,无论是声明式(在方法级别)还是命令式(即permission.Assert(); try{ DangerousCall() ; }最后{CodeAccessPermission.RevertAssert();}
第三,程序集需要完全受信任,为此,您需要将其置于 GAC 中,GAC 还需要对程序集进行强命名。
我希望这会有所帮助,至少作为 MSDN 上更好解释的指针:-)
You have different options
Let me elaborate on the third option with an example. Say you have a method call MakeServiceCallToDangerousSite(string siteUrl). You need this to be called from partially trusted code, you don't want this to be misued. What to do?
First, you could avoid getting the 'dangerous site' url from your caller i.e. MakeServiceCallToDangerousSite().
Second, now that you fully control that call, you can Assert the CLR permissions needed to make that call on behalf of your callers, either declaratively (at the method level) or imperatively (i.e. permission.Assert(); try{ DangerousCall(); }finally{CodeAccessPermission.RevertAssert();}
Third, the assembly needs to be fully trusted, and for that, you need it to be in the GAC, which also needs the assembly to be strong named.
I hope this helps, at least as a pointer to better explanations on MSDN :-)