异常“客户端身份验证方案‘匿名’”尝试通过 HTTPS 访问 WCF 时
请帮助解决这个问题。我遇到了这个异常 - 当尝试从客户端访问服务时,HTTP 请求被客户端身份验证方案“匿名”禁止。我已经尝试了早期论坛中提到的所有内容,但仍然存在问题。我试图通过 https 实现 WCF 服务。
在 IIS 上托管 WCF 服务和
我将证书添加到存储中
在客户端上,我们从用户那里获取证书和密码,并在代码中分配它
请在下面找到我的 web.config 和客户端代码片段 -
<system.web>
<compilation debug="true" targetFramework="4.0" />
</system.web>
<system.serviceModel>
<serviceHostingEnvironment multipleSiteBindingsEnabled="true" >
<serviceActivations></serviceActivations>
</serviceHostingEnvironment>
<diagnostics>
<messageLogging logEntireMessage="true" logMalformedMessages="true" logMessagesAtServiceLevel="false"
logMessagesAtTransportLevel="true" maxSizeOfMessageToLog="50000000" />
<endToEndTracing activityTracing="true" messageFlowTracing="true" />
</diagnostics>
<services>
<!--This section is optional with the new configuration model
introduced in .NET Framework 4.-->
<service name="Oz.HL7.NIXPDQV3.NIXManager_PortTypeClient" behaviorConfiguration="NIX_Behavior_HTTPS">
<host>
<baseAddresses>
<add baseAddress="https://localhost:10787/" />
</baseAddresses>
</host>
<endpoint address="" binding="wsHttpBinding" contract="INIXManager_PortType" bindingConfiguration="WSHttpsBinding_INIXManager"
bindingNamespace="urn:ihe:iti:NIXv3:2007" />
<endpoint address="mex" binding="mexHttpsBinding" bindingConfiguration="mexHttpsBinding" name="mex" contract="IMetadataExchange" />
</service>
</services>
<bindings>
<wsHttpBinding>
<binding name="WSHttpsBinding_INIXManager" closeTimeout="00:10:00"
openTimeout="00:10:00" receiveTimeout="00:10:00" sendTimeout="00:10:00"
bypassProxyOnLocal="false" transactionFlow="false" hostNameComparisonMode="StrongWildcard"
maxBufferPoolSize="2147483647" maxReceivedMessageSize="2147483647"
messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true"
allowCookies="false">
<readerQuotas maxDepth="2147483647" maxStringContentLength="2147483647"
maxArrayLength="2147483647" maxBytesPerRead="2147483647" maxNameTableCharCount="2147483647" />
<reliableSession ordered="true" inactivityTimeout="00:10:00"
enabled="false" />
<security mode="Transport">
<transport clientCredentialType="Certificate" />
</security>
</binding>
<binding name="WSHttpBinding_INIXManager" closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00"
bypassProxyOnLocal="false" transactionFlow="false" hostNameComparisonMode="StrongWildcard" maxBufferPoolSize="2147483647"
maxReceivedMessageSize="2147483647" messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true" allowCookies="false">
<readerQuotas maxDepth="2147483647" maxStringContentLength="2147483647"
maxArrayLength="2147483647" maxBytesPerRead="2147483647" maxNameTableCharCount="2147483647" />
<reliableSession ordered="true" inactivityTimeout="00:10:00" enabled="false"/>
<security mode="None">
<transport clientCredentialType="Windows" proxyCredentialType="None" realm="">
<extendedProtectionPolicy policyEnforcement="Never"/>
</transport>
<message clientCredentialType="Windows" negotiateServiceCredential="true" establishSecurityContext="true"/>
</security>
</binding>
</wsHttpBinding>
<mexHttpBinding>
<binding name="mexBinding" />
</mexHttpBinding>
<mexHttpsBinding>
<binding name="mexHttpsBinding" />
</mexHttpsBinding>
</bindings>
<client>
<!--<endpoint address="http://localhost:10787/NIXManager.svc" binding="wsHttpBinding"
bindingConfiguration="WSHttpBinding_INIXManager" contract="INIXManager_PortType"
name="NIXManager_Binding_HTTP" />-->
<endpoint address="https://localhost:10787/NIXManager.svc" binding="wsHttpBinding"
bindingConfiguration="WSHttpsBinding_INIXManager" contract="INIXManager_PortType"
name="NIXManager_Binding_HTTPS" />
<identity>
<dns value="localhost" />
</identity>
</endpoint>
</client>
<behaviors>
<serviceBehaviors>
<behavior name="NIX_Behavior_HTTP">
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="false"/>
<serviceDebug httpHelpPageEnabled="true" includeExceptionDetailInFaults="true" />
</behavior>
<behavior name="NIX_Behavior_HTTPS">
<serviceMetadata httpGetEnabled="false" httpsGetEnabled="true"/>
<serviceDebug httpHelpPageEnabled="false" includeExceptionDetailInFaults="true" />
</behavior>
<behavior name="NIX_Behavior_HTTPS-old">
<serviceMetadata httpGetEnabled="false" httpsGetEnabled="true"/>
<serviceDebug httpHelpPageEnabled="false" includeExceptionDetailInFaults="true" />
<serviceCredentials>
<clientCertificate>
<authentication mapClientCertificateToWindowsAccount="true" />
</clientCertificate>
<serviceCertificate findValue="084509de9a36684453edaebbc52bfd26f504f065" storeLocation="LocalMachine" storeName="My" x509FindType="FindByThumbprint"/>
</serviceCredentials>
</behavior>
<behavior name="">
<serviceMetadata httpGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
</behavior>
</serviceBehaviors>
</behaviors>
</system.serviceModel>
<system.webServer>
<modules runAllManagedModulesForAllRequests="true"/>
</system.webServer>
调用服务的客户端代码 -
//wcf service proxy
NIXManager_PortTypeClient client;
//Get certificate details from the UI (setting)
AppSetting setting = settings.CurrentSetting;
bool IsSecure = setting.V3SettingsObject.Secure;
if (IsSecure)
{
client = new NIXManager_PortTypeClient("NIX_Binding_HTTPS");
X509Certificate2 certificate = new X509Certificate2(setting.V3SettingsObject.CertificatePath, setting.V3SettingsObject.CertificatePassword);
client.ClientCredentials.ClientCertificate.Certificate = certificate;
//Validate Certificate
System.Net.ServicePointManager.ServerCertificateValidationCallback = new RemoteCertificateValidationCallback(ValidateServerCertificate);
}
else
{
client = new NIXManager_PortTypeClient("NIX_Binding_HTTP");
}
client.Endpoint.Address = new System.ServiceModel.EndpointAddress(setting.V3SettingsObject.URL);
我已经为此苦苦挣扎了好几天。请让我知道我还需要做什么。任何类型的输入将不胜感激。谢谢!
Please help with this issue. I get above this exception - The HTTP request was forbidden with client authentication scheme 'Anonymous' when trying to access the service from the client. I have tried everything mentioned on the earlier forums and I still have the problem. I was trying to implement WCF service over https.
Hosted WCF service on IIS and
I added the certificate to the store
On the client we get the certificate and pwd from the user and assign it in the code
Please find my web.config and client code snippents below-
<system.web>
<compilation debug="true" targetFramework="4.0" />
</system.web>
<system.serviceModel>
<serviceHostingEnvironment multipleSiteBindingsEnabled="true" >
<serviceActivations></serviceActivations>
</serviceHostingEnvironment>
<diagnostics>
<messageLogging logEntireMessage="true" logMalformedMessages="true" logMessagesAtServiceLevel="false"
logMessagesAtTransportLevel="true" maxSizeOfMessageToLog="50000000" />
<endToEndTracing activityTracing="true" messageFlowTracing="true" />
</diagnostics>
<services>
<!--This section is optional with the new configuration model
introduced in .NET Framework 4.-->
<service name="Oz.HL7.NIXPDQV3.NIXManager_PortTypeClient" behaviorConfiguration="NIX_Behavior_HTTPS">
<host>
<baseAddresses>
<add baseAddress="https://localhost:10787/" />
</baseAddresses>
</host>
<endpoint address="" binding="wsHttpBinding" contract="INIXManager_PortType" bindingConfiguration="WSHttpsBinding_INIXManager"
bindingNamespace="urn:ihe:iti:NIXv3:2007" />
<endpoint address="mex" binding="mexHttpsBinding" bindingConfiguration="mexHttpsBinding" name="mex" contract="IMetadataExchange" />
</service>
</services>
<bindings>
<wsHttpBinding>
<binding name="WSHttpsBinding_INIXManager" closeTimeout="00:10:00"
openTimeout="00:10:00" receiveTimeout="00:10:00" sendTimeout="00:10:00"
bypassProxyOnLocal="false" transactionFlow="false" hostNameComparisonMode="StrongWildcard"
maxBufferPoolSize="2147483647" maxReceivedMessageSize="2147483647"
messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true"
allowCookies="false">
<readerQuotas maxDepth="2147483647" maxStringContentLength="2147483647"
maxArrayLength="2147483647" maxBytesPerRead="2147483647" maxNameTableCharCount="2147483647" />
<reliableSession ordered="true" inactivityTimeout="00:10:00"
enabled="false" />
<security mode="Transport">
<transport clientCredentialType="Certificate" />
</security>
</binding>
<binding name="WSHttpBinding_INIXManager" closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00"
bypassProxyOnLocal="false" transactionFlow="false" hostNameComparisonMode="StrongWildcard" maxBufferPoolSize="2147483647"
maxReceivedMessageSize="2147483647" messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true" allowCookies="false">
<readerQuotas maxDepth="2147483647" maxStringContentLength="2147483647"
maxArrayLength="2147483647" maxBytesPerRead="2147483647" maxNameTableCharCount="2147483647" />
<reliableSession ordered="true" inactivityTimeout="00:10:00" enabled="false"/>
<security mode="None">
<transport clientCredentialType="Windows" proxyCredentialType="None" realm="">
<extendedProtectionPolicy policyEnforcement="Never"/>
</transport>
<message clientCredentialType="Windows" negotiateServiceCredential="true" establishSecurityContext="true"/>
</security>
</binding>
</wsHttpBinding>
<mexHttpBinding>
<binding name="mexBinding" />
</mexHttpBinding>
<mexHttpsBinding>
<binding name="mexHttpsBinding" />
</mexHttpsBinding>
</bindings>
<client>
<!--<endpoint address="http://localhost:10787/NIXManager.svc" binding="wsHttpBinding"
bindingConfiguration="WSHttpBinding_INIXManager" contract="INIXManager_PortType"
name="NIXManager_Binding_HTTP" />-->
<endpoint address="https://localhost:10787/NIXManager.svc" binding="wsHttpBinding"
bindingConfiguration="WSHttpsBinding_INIXManager" contract="INIXManager_PortType"
name="NIXManager_Binding_HTTPS" />
<identity>
<dns value="localhost" />
</identity>
</endpoint>
</client>
<behaviors>
<serviceBehaviors>
<behavior name="NIX_Behavior_HTTP">
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="false"/>
<serviceDebug httpHelpPageEnabled="true" includeExceptionDetailInFaults="true" />
</behavior>
<behavior name="NIX_Behavior_HTTPS">
<serviceMetadata httpGetEnabled="false" httpsGetEnabled="true"/>
<serviceDebug httpHelpPageEnabled="false" includeExceptionDetailInFaults="true" />
</behavior>
<behavior name="NIX_Behavior_HTTPS-old">
<serviceMetadata httpGetEnabled="false" httpsGetEnabled="true"/>
<serviceDebug httpHelpPageEnabled="false" includeExceptionDetailInFaults="true" />
<serviceCredentials>
<clientCertificate>
<authentication mapClientCertificateToWindowsAccount="true" />
</clientCertificate>
<serviceCertificate findValue="084509de9a36684453edaebbc52bfd26f504f065" storeLocation="LocalMachine" storeName="My" x509FindType="FindByThumbprint"/>
</serviceCredentials>
</behavior>
<behavior name="">
<serviceMetadata httpGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
</behavior>
</serviceBehaviors>
</behaviors>
</system.serviceModel>
<system.webServer>
<modules runAllManagedModulesForAllRequests="true"/>
</system.webServer>
Client side code to call service-
//wcf service proxy
NIXManager_PortTypeClient client;
//Get certificate details from the UI (setting)
AppSetting setting = settings.CurrentSetting;
bool IsSecure = setting.V3SettingsObject.Secure;
if (IsSecure)
{
client = new NIXManager_PortTypeClient("NIX_Binding_HTTPS");
X509Certificate2 certificate = new X509Certificate2(setting.V3SettingsObject.CertificatePath, setting.V3SettingsObject.CertificatePassword);
client.ClientCredentials.ClientCertificate.Certificate = certificate;
//Validate Certificate
System.Net.ServicePointManager.ServerCertificateValidationCallback = new RemoteCertificateValidationCallback(ValidateServerCertificate);
}
else
{
client = new NIXManager_PortTypeClient("NIX_Binding_HTTP");
}
client.Endpoint.Address = new System.ServiceModel.EndpointAddress(setting.V3SettingsObject.URL);
I have been struggling with this for days. Please let me know what else I need to do. Any kind of input would be greatly appreciated. Thanks!
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论