SVC WebService 通过 HTTP 工作,故障通过 HTTPS
我的一位同事在对 .NET WebService 进行 AJAX 调用时遇到问题。该调用在 HTTP 下工作,但同一调用在 HTTPS 下出现问题。 Web 服务是在 IIS 7 服务器上使用 C# 用 .NET 4.0 编写的。
安全网站位于 https://sql.data-rx.com/grouppharmdrugsearch/ 。 http://sql.data-rx.com/grouppharmdrugsearch/。页面本身没有任何敏感信息。它嵌入(我相信在框架中)在使用 HTTPS 的客户端网站上,并且我们的页面需要采用 HTTPS,以便浏览器不会给出混合的安全/不安全元素呈现消息。
要在网站上测试该问题,您首先必须在第二个文本框中输入邮政编码(我一直使用 90210 进行测试),然后您可以在第三个文本框中输入药物的前几个字母。等待一秒钟左右的其他字母后,页面会调用网络服务来填充以提供的字母开头的可能药物选择的下拉列表。安全 Web 服务调用是 https://sql.data-rx。 com/grouppharmdrugsearch/Service/drugNameAutocomplete.svc/GetDrugList,其中包含“prefixText”和“count”的 POST 数据。在 HTTP 下,服务调用成功并填充下拉列表;在 HTTPS 下,调用会收到 404 错误。如果您将浏览器指向 https://sql,则可以访问 HTTPS Web 服务。 data-rx.com/grouppharmdrugsearch/Service/drugNameAutocomplete.svc,但该方法在附加到服务时无法识别。
我一直在使用 Firefox 的 Tamper Data 插件来比较服务调用,它们看起来完全相同,除了一个是 HTTPS 站点,一个是 HTTP 站点,并且引荐来源网址适当更改。 HTTPS 调用收到 404 错误,而 HTTP 调用收到 JSON 数据。
我相信 Web 服务中可能缺少一些允许在 HTTPS 下进行调用的功能(尽管我想不出在这种情况下应该重要的任何内容),或者 HTTPS 网站本身在设置时配置错误。任何帮助将不胜感激。
One of my colleagues is having a problem with an AJAX call to a .NET WebService. The call works under HTTP, but the same call is having a problem under HTTPS. The webservice is written in .NET 4.0 with C# on an IIS 7 server.
The secure website is at https://sql.data-rx.com/grouppharmdrugsearch/. There is an unsecured version at http://sql.data-rx.com/grouppharmdrugsearch/. There isn't any sensitive information on the page itself. It is embedded (I believe in a frame) on a client's website that does use HTTPS, and our page needs to be in HTTPS so browsers don't give a mixed secured/unsecured elements present message.
To test the problem on the site you first have to enter a zip code in the second textbox (I have been using 90210 for testing) and then you can enter the first few letters of a drug into the third textbox. After waiting a second or so for additional letters the page calls the webservice to populate a drop down list of possible drug choices beginning with the supplied letters. The secure webservice call is to https://sql.data-rx.com/grouppharmdrugsearch/Service/drugNameAutocomplete.svc/GetDrugList with POST data for 'prefixText' and 'count'. Under HTTP the service call succeeds and populates the drop down; under HTTPS the call gets a 404 error. The HTTPS web service is reachable if you point a browser to https://sql.data-rx.com/grouppharmdrugsearch/Service/drugNameAutocomplete.svc, but the method isn't recognized when it is appended to the service.
I have been using Firefox's Tamper Data addon to compare the service calls and they appear to be exactly the same, except one is to the HTTPS site and one is to the HTTP site, with the referrers changing appropriately. The HTTPS call receives the 404 error, while the HTTP call receives the JSON data.
I believe there may either be something missing from the webservice that would allow the call to function under HTTPS (though I can't think of anything that should matter in this case), or the HTTPS web site itself was misconfigured when it was setup. Any help would be appreciated.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
我们终于从 这个网站。基本上,绑定仅配置为 HTTP,而不是 HTTPS,我们需要创建自定义绑定以允许 Web 服务通过 HTTPS 运行。
We finally figured out the solution from this site. Basically the binding was only configured for HTTP, not HTTPS, and we need to create a custom binding to allow the webservice to function over HTTPS.