WCF“活动安全协商过多”生产错误
我们有超过 100 个客户端站点调用的 WCF 服务。今天我们开始得到
Exception: Server 'http://[url]/services/[service].svc/ws' sent back a
fault indicating it is too busy to process the request. Please retry later. Please see the
inner exception for fault details.
System.ServiceModel.FaultException: There are too many active security negotiations or
secure conversations at the service. Please retry later.
我能找到的唯一信息是我需要增大 maxPendingSessions 。但这需要将端点更改为 CustomBinding,这将很困难,因为我必须将其推送到我的所有客户端站点。
有什么方法可以“重置”安全谈判的数量等吗?这将使我们有时间更改客户端程序以使用自定义绑定,因为目前我们的站点无法与我们的服务器通信。
我尝试对配置文件进行一些小更改并保存,这应该会重新启动服务,但我们仍然收到错误。
或者我还有其他方法可以处理这个问题吗?
编辑这是我的配置:
<?xml version="1.0"?>
<configuration>
<configSections>
<section name="dataConfiguration" type="Microsoft.Practices.EnterpriseLibrary.Data.Configuration.DatabaseSettings, Microsoft.Practices.EnterpriseLibrary.Data"/>
</configSections>
<connectionStrings>
</connectionStrings>
<system.web>
<compilation debug="true" targetFramework="4.0"/>
<authorization>
<allow users="?"/>
</authorization>
</system.web>
<system.diagnostics>
<sources>
<source name="System.ServiceModel" switchValue="Error" propagateActivity="true">
<listeners>
<add name="xml" />
</listeners>
</source>
</sources>
<sharedListeners>
<add name="xml" type="System.Diagnostics.XmlWriterTraceListener" initializeData="D:\logs\log.txt" />
</sharedListeners>
</system.diagnostics>
<system.serviceModel>
<diagnostics performanceCounters="All" />
<services>
<service name="WCFServiceLibrary.WCFService">
<endpoint address="ws" binding="wsHttpBinding" bindingConfiguration="WSHttpBinding_IWCFService"
name="WSHttpEndpoint_IWCFService" contract="WCFServiceLibrary.IWCFService" />
<endpoint address="basic" binding="basicHttpBinding"
name="BasicHttpEndpoint_IWCFService" contract="WCFServiceLibrary.IWCFService" />
<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange"/>
</service>
</services>
<bindings>
<wsHttpBinding>
<binding name="WSHttpBinding_IWCFService"
maxBufferPoolSize="524288" maxReceivedMessageSize="1048576">
<readerQuotas maxDepth="32" maxStringContentLength="65536" maxArrayLength="16384"
maxBytesPerRead="4096" maxNameTableCharCount="16384" />
<security mode="Message">
<message clientCredentialType="Certificate" negotiateServiceCredential="true"
algorithmSuite="Default" />
</security>
</binding>
</wsHttpBinding>
</bindings>
<behaviors>
<serviceBehaviors>
<behavior>
<serviceCredentials>
<serviceCertificate findValue="CN=[url]" storeLocation="LocalMachine" storeName="TrustedPeople" />
<clientCertificate>
<authentication revocationMode="NoCheck" certificateValidationMode="PeerTrust" />
</clientCertificate>
</serviceCredentials>
<serviceThrottling maxConcurrentCalls ="1001" maxConcurrentSessions="1001" maxConcurrentInstances="1000" />
<serviceMetadata httpGetEnabled="true"/>
<serviceDebug includeExceptionDetailInFaults="false"/>
</behavior>
</serviceBehaviors>
</behaviors>
<serviceHostingEnvironment multipleSiteBindingsEnabled="true"/>
</system.serviceModel>
</configuration>
编辑
我们尝试了 iisreset 甚至重新启动了服务器,但它仍然抛出相同的错误。
We have a WCF service that over 100 client sites make calls to. Today we started getting the
Exception: Server 'http://[url]/services/[service].svc/ws' sent back a
fault indicating it is too busy to process the request. Please retry later. Please see the
inner exception for fault details.
System.ServiceModel.FaultException: There are too many active security negotiations or
secure conversations at the service. Please retry later.
The only information I could find is that I need to make the maxPendingSessions larger. But that would require changing the endpoint to a CustomBinding, which will be difficult because I'd have to push that to all of my client sites.
Is there some way I can just "reset" the number of security negotiations and such? This would give us time to change the client program to use the custom binding, because at the moment, our sites cannot talk to our server.
I've tried making a small change to the config file and saving, which should have restarted the service, but we're still getting errors.
Or is there some other way I could handle this?
Edit Here's my config:
<?xml version="1.0"?>
<configuration>
<configSections>
<section name="dataConfiguration" type="Microsoft.Practices.EnterpriseLibrary.Data.Configuration.DatabaseSettings, Microsoft.Practices.EnterpriseLibrary.Data"/>
</configSections>
<connectionStrings>
</connectionStrings>
<system.web>
<compilation debug="true" targetFramework="4.0"/>
<authorization>
<allow users="?"/>
</authorization>
</system.web>
<system.diagnostics>
<sources>
<source name="System.ServiceModel" switchValue="Error" propagateActivity="true">
<listeners>
<add name="xml" />
</listeners>
</source>
</sources>
<sharedListeners>
<add name="xml" type="System.Diagnostics.XmlWriterTraceListener" initializeData="D:\logs\log.txt" />
</sharedListeners>
</system.diagnostics>
<system.serviceModel>
<diagnostics performanceCounters="All" />
<services>
<service name="WCFServiceLibrary.WCFService">
<endpoint address="ws" binding="wsHttpBinding" bindingConfiguration="WSHttpBinding_IWCFService"
name="WSHttpEndpoint_IWCFService" contract="WCFServiceLibrary.IWCFService" />
<endpoint address="basic" binding="basicHttpBinding"
name="BasicHttpEndpoint_IWCFService" contract="WCFServiceLibrary.IWCFService" />
<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange"/>
</service>
</services>
<bindings>
<wsHttpBinding>
<binding name="WSHttpBinding_IWCFService"
maxBufferPoolSize="524288" maxReceivedMessageSize="1048576">
<readerQuotas maxDepth="32" maxStringContentLength="65536" maxArrayLength="16384"
maxBytesPerRead="4096" maxNameTableCharCount="16384" />
<security mode="Message">
<message clientCredentialType="Certificate" negotiateServiceCredential="true"
algorithmSuite="Default" />
</security>
</binding>
</wsHttpBinding>
</bindings>
<behaviors>
<serviceBehaviors>
<behavior>
<serviceCredentials>
<serviceCertificate findValue="CN=[url]" storeLocation="LocalMachine" storeName="TrustedPeople" />
<clientCertificate>
<authentication revocationMode="NoCheck" certificateValidationMode="PeerTrust" />
</clientCertificate>
</serviceCredentials>
<serviceThrottling maxConcurrentCalls ="1001" maxConcurrentSessions="1001" maxConcurrentInstances="1000" />
<serviceMetadata httpGetEnabled="true"/>
<serviceDebug includeExceptionDetailInFaults="false"/>
</behavior>
</serviceBehaviors>
</behaviors>
<serviceHostingEnvironment multipleSiteBindingsEnabled="true"/>
</system.serviceModel>
</configuration>
EDIT
We tried an iisreset and even restarted the server and it's still throwing the same error.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
http://social.msdn.microsoft.com/Forums/en-GB/wcf/thread/a8f82f1d-e824-474e-84ef-b5e9ba7eca18
问题是创建客户端但不使用它(不调用任何方法)。
http://litemedia .info/there-are-too-many-active-security-negotiations-or-secure-conversations-at-the-service
我花了 4 天在 .NET 4.0 中调查这个问题,发现它没有得到修复。
重现很简单:
调用 128 次后,您会收到错误消息。
我不知道为什么它没有修复,但解决方案是在您确定需要调用代理时创建代理。增加 maxPending noy 确实有用,因为您可能仍会达到阈值。
http://social.msdn.microsoft.com/Forums/en-GB/wcf/thread/a8f82f1d-e824-474e-84ef-b5e9ba7eca18
Problem is creating client but not using it (not calling any method on it).
http://litemedia.info/there-are-too-many-active-security-negotiations-or-secure-conversations-at-the-service
I spent 4 days investigating this in .NET 4.0 to realise it is NOT fixed.
Repro is easy:
After 128 calls you get the error.
I do not know why it is not fixed but solution is to create the proxy when you are sure you need to call it. Increasing maxPending noy really useful as you might still hit the threashold.
由于您似乎没有使用自定义服务工厂,因此您没有创建托管在 IIS 中的单例服务。该问题可能与将服务设置为多线程运行有关。除非您的服务包含依赖/管理多个线程的代码,否则您应该将服务实例配置为单线程。设置 ConcurrencyMode = Single 并从配置中删除 serviceThrotdling 元素以使用内置的 WCF 默认值。如果异常消失,那么您就完成了。否则,您就会知道这不是多线程配置或服务限制设置。
Since it seems you're not using a custom service factory then you're not creating a singleton service hosted in IIS. The issue may be related to setting your service to run multi-threaded. Unless your service contains code that depends/manages multiple threads, you should configure the service instanciation to be single threaded. Set ConcurrencyMode = Single and remove the serviceThrottling element from the config to use the built-in WCF defaults for these. If the exceptions go away then you're done. Otherwise, you'll know it wasn't the multi-threaded configuration or the service throttling settings.