WCF 服务移至 SSL 后，PrincipalPermission.Demand() 失败

发布于 2024-11-09 02:53:20 字数 2709 浏览 0 评论 0原文

我的 Silverlight/WCF 应用程序在每个服务方法中使用 PrimaryPermission 来确保用户经过身份验证。当我将所有内容配置为 HTTP 时，这一切都很好，但是一旦我将服务端点/绑定配置为支持 HTTPS (SSL)，当我调用 PrimaryPermission 对象的 Demand() 方法时，就会抛出异常。

编辑：我应该提到我正在使用 IIS 7.5 Express 来托管和调试该项目。

这是检查以确保用户经过身份验证的方法。它是从我的每个服务方法中调用的：

 protected void SecurityCheck(string roleName, bool authenticated)
{
  System.ServiceModel.Web.WebOperationContext.Current.OutgoingResponse.StatusCode = System.Net.HttpStatusCode.OK;

  PrincipalPermission p = new PrincipalPermission(null, roleName, authenticated);
  try
  {
    p.Demand();
  }
  catch (Exception ex) 
  {        
    /* wrap the exception so that Silverlight can consume it */        
    ServiceException fault = new ServiceException() 
    {                 
      /* Code = 1 will mean "unauthenticated!" */                 
      Code = 1, Message = ex.Message 
    }; 
    throw new FaultException<ServiceException>(fault); }
}

}

抛出的异常是“请求主体失败”。

以下是我的 web.config 文件的重要部分：

<behavior name="BinarySSL">
          <serviceMetadata httpsGetEnabled="true"  />
          <serviceDebug includeExceptionDetailInFaults="true" />
          <dataContractSerializer maxItemsInObjectGraph="6553600"/>
          <serviceTimeouts transactionTimeout="00:10:00"/>
        </behavior>
<binding name="MyApp.Web.Services.ProjectService.customBinding0" 
          receiveTimeout="00:10:00" sendTimeout="00:10:00">
          <binaryMessageEncoding />
          <httpsTransport  authenticationScheme="Basic"/>
        </binding>
<service name="MyApp.Web.Services.ProjectService"  behaviorConfiguration="BinarySSL">
        <endpoint address="" binding="customBinding" bindingConfiguration="MyApp.Web.Services.ProjectService.customBinding0"
          contract="MyApp.Web.Services.ProjectService" />        
      </service>

这是 ClientConfig：

<binding name="CustomBinding_ProjectService">
                        <binaryMessageEncoding />
                        <httpsTransport maxReceivedMessageSize="2147483647" maxBufferSize="2147483647"  />
                    </binding>

    <endpoint address="https://localhost:44300/Services/ProjectService.svc"
                    binding="customBinding" bindingConfiguration="CustomBinding_ProjectService"
                    contract="ProjectProxy.ProjectService" name="CustomBinding_ProjectService" />

我希望有人能在这里指出正确的方向。 同样，在我为 SSL 配置服务之前，此配置工作正常。有什么想法吗？

谢谢，

-斯科特，

我以为我找到了问题，并回答了我自己的问题-但我错了。仍然有同样的问题。

原文

My Silverlight/WCF application uses PrincipalPermission in each service method to ensure the user is Authenticated. This works just fine when I have everything configured to HTTP, but once I configured my service endpoints/bindings to support HTTPS (SSL), I get an exception thrown when I call the Demand() method of my PrincipalPermission object.

EDIT: I should mention I am using IIS 7.5 Express to host and debug this project.

Here is the method that checks to make sure the user is authendicated. It's called from each of my service methods:

 protected void SecurityCheck(string roleName, bool authenticated)
{
  System.ServiceModel.Web.WebOperationContext.Current.OutgoingResponse.StatusCode = System.Net.HttpStatusCode.OK;

  PrincipalPermission p = new PrincipalPermission(null, roleName, authenticated);
  try
  {
    p.Demand();
  }
  catch (Exception ex) 
  {        
    /* wrap the exception so that Silverlight can consume it */        
    ServiceException fault = new ServiceException() 
    {                 
      /* Code = 1 will mean "unauthenticated!" */                 
      Code = 1, Message = ex.Message 
    }; 
    throw new FaultException<ServiceException>(fault); }
}

}

The execption thown is "Request for principal failed."

Here are the important bits of my web.config file:

<behavior name="BinarySSL">
          <serviceMetadata httpsGetEnabled="true"  />
          <serviceDebug includeExceptionDetailInFaults="true" />
          <dataContractSerializer maxItemsInObjectGraph="6553600"/>
          <serviceTimeouts transactionTimeout="00:10:00"/>
        </behavior>
<binding name="MyApp.Web.Services.ProjectService.customBinding0" 
          receiveTimeout="00:10:00" sendTimeout="00:10:00">
          <binaryMessageEncoding />
          <httpsTransport  authenticationScheme="Basic"/>
        </binding>
<service name="MyApp.Web.Services.ProjectService"  behaviorConfiguration="BinarySSL">
        <endpoint address="" binding="customBinding" bindingConfiguration="MyApp.Web.Services.ProjectService.customBinding0"
          contract="MyApp.Web.Services.ProjectService" />        
      </service>

Here is the ClientConfig:

<binding name="CustomBinding_ProjectService">
                        <binaryMessageEncoding />
                        <httpsTransport maxReceivedMessageSize="2147483647" maxBufferSize="2147483647"  />
                    </binding>

    <endpoint address="https://localhost:44300/Services/ProjectService.svc"
                    binding="customBinding" bindingConfiguration="CustomBinding_ProjectService"
                    contract="ProjectProxy.ProjectService" name="CustomBinding_ProjectService" />

I'm hoping someone can point in in the right direction here. Again, this configuration works just fine until I configure my services for SSL. Any thoughts?

Thanks,

-Scott

I thought I found the problem, and answered my own question - but I was wrong. Still have the same issue.

分享到QQ

分享到微博