如何在 IIS7 上启用 Windows 身份验证和 NetTCPBinding WCF Web 服务?
我正在尝试在 IIS 7 上设置一个使用 Windows 身份验证和 NetTCPBinding 的 Web 服务。目前,当我尝试访问 wysdl 时,我收到此错误
“此服务的安全设置需要“匿名”身份验证,但未启用该身份验证托管此服务的 IIS 应用程序。“
我的配置文件的相关部分如下所示...
<behaviors>
...
<serviceBehaviors>
<behavior name="WCFHostService.MyServiceBehavior">
<serviceMetadata httpGetEnabled="false" />
<serviceDebug includeExceptionDetailInFaults="false" />
</behavior>
</serviceBehaviors>
</behaviors>
<services>
<service name="UPMC.ISD.EADIS.ACO.ACOServiceConcept">
<endpoint name ="TCP_Binding"
address=""
binding="netTcpBinding"
contract="UPMC.ISD.EADIS.ACO.ACOServiceConcept.IACOService"/>
<endpoint name="mexHttpbinding"
contract="IMetadataExchange"
binding="mexTcpBinding"
address="mex" />
</service>
</services>
如何获取我的服务的“安全设置”以允许我访问此服务?我还刚刚读到,您可以通过删除 mex 绑定端点或启用匿名身份验证来消除错误。但是如果没有 mex 绑定,如何获得 wsdl 呢?好吧,我想我会尝试一下,但如果你有任何其他建议,我肯定会接受。
谢谢。
I am attempting to set up a web service that uses windows authentication and NetTCPBinding on IIS 7. currently I am getting this error when I attempt to access the wysdl
"Security settings for this service require 'Anonymous' Authentication but it is not enabled for the IIS application that hosts this service. "
The relevant sections of my Config file look like this...
<behaviors>
...
<serviceBehaviors>
<behavior name="WCFHostService.MyServiceBehavior">
<serviceMetadata httpGetEnabled="false" />
<serviceDebug includeExceptionDetailInFaults="false" />
</behavior>
</serviceBehaviors>
</behaviors>
<services>
<service name="UPMC.ISD.EADIS.ACO.ACOServiceConcept">
<endpoint name ="TCP_Binding"
address=""
binding="netTcpBinding"
contract="UPMC.ISD.EADIS.ACO.ACOServiceConcept.IACOService"/>
<endpoint name="mexHttpbinding"
contract="IMetadataExchange"
binding="mexTcpBinding"
address="mex" />
</service>
</services>
How do I get the "security settings" for my service to align to allow me to access this service? I also just read that you can get rid of the error by getting rid of your mex binding endpoints or by enabling anonymous authentication. But how do you get your wsdl if you don't have mex binding? Well I guess I will give that a go, but if you have any other advice I will most certainly take it.
Thanks.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
根据 WCF NetTcpBinding Security - how does it work?,默认值NetTCP 的安全设置是 Windows 身份验证。听起来一两件事可能是问题所在:
确保启用 Windows 身份验证(在 IIS 管理控制台中的“身份验证”下 - 在 @Joel C 的答案中找到匿名身份验证开关的位置相同)。
您可能希望在创建客户端代理时尝试指定 Windows 帐户凭据,以防运行客户端的帐户无法进行身份验证。
客户端和服务器是否在同一个域中?
According to WCF NetTcpBinding Security - how does it work?, the default security setting for NetTCP is Windows Authentication. It sounds like one or two things might be the issue:
Ensure Windows Authentication is enabled (in the IIS Management Console under Authentication - same place where you find the switch for Anonymous Authentication as in @Joel C's answer).
You might want to try specifying the windows account credentials when you create the client proxy, in case the account running the client is unable to authenticate.
Are the client and the server in the same domain?
您是否已验证在托管服务的 IIS 应用程序中启用了匿名身份验证?在 IIS 管理控制台中,浏览到托管服务的站点和应用程序。然后确保您选择了“功能视图”,并选择“身份验证”选项。您应该看到各种形式的身份验证(匿名、Windows、ASP.NET 模拟等),并且每种形式的旁边都应该显示已启用或已禁用。
Have you verified that Anonymous Authentication is enabled in the IIS application where you're hosting your service? In the IIS management console, browse to the site and application where your service is being hosted. Then make sure you have the "Features View" selected, and select the "Authentication" option. You should see various forms of authentication (anonymous, Windows, ASP.NET Impersonation, etc.) and each should say either enabled or disabled next to it.