windows-authentication – 使用TransportWithMessageCredential

发布时间：2020-12-14 02:23:03 所属栏目：Windows 来源：网络整理

导读：我有一个IIS托管的WCF服务,其中包含以下绑定配置(我从空间绑定中删除了所有属性),用于wsHttpBinding和TransportWithMessageCredential wsHttpBinding binding name="BindingName" .../ security mode="TransportWithMessageCredential" message clientCreden

我有一个IIS托管的WCF服务,其中包含以下绑定配置(我从空间绑定中删除了所有属性),用于wsHttpBinding和TransportWithMessageCredential

<wsHttpBinding>
    <binding name="BindingName" .../>
      <security mode="TransportWithMessageCredential">
        <message clientCredentialType="UserName" algorithmSuite="Default" />
      </security>
    </binding>
  </wsHttpBinding>

服务行为：

<serviceBehaviors>
    <behavior name="ServiceBehavior">
      <serviceCredentials>
       <userNameAuthentication userNamePasswordValidationMode="Windows" />
      </serviceCredentials>
    </behavior>
  </serviceBehaviors>

禁用匿名身份验证并启用Windows身份验证.

在客户端,使用有效的Windows用户和密码设置凭据,但在每次调用服务时我都会收到以下异常：

The HTTP request is unauthorized with client authentication scheme
‘Anonymous’. The authentication header received from the server was
‘Negotiate,NTLM’. —>
System.ServiceModel.Security.MessageSecurityException: The HTTP
request is unauthorized with client authentication scheme ‘Anonymous’.
The authentication header received from the server was
‘Negotiate,NTLM’. —> System.Net.WebException: The remote server
returned an error: (401) Unauthorized.

使用自托管版本的WCF服务,它可以在有效的Windows帐户下正常运行.

任何帮助表示赞赏.

解决方法

在IIS中启用Windows身份验证要求在传输层上提供凭据,而您的配置定义在消息层进行身份验证

要解决此问题,您需要执行以下操作之一

1)在IIS中启用匿名访问,因为身份验证将在消息层处理

要么

2)更新您的安全模式以进行传输

<wsHttpBinding>
    <binding name="BindingName" .../>
      <security mode="Transport">
        <transport clientCredentialType="Ntlm" />
      </security>
    </binding>
  </wsHttpBinding>

（编辑：李大同）

【声明】本站内容均来自网络，其相关言论仅代表作者个人观点，不代表本站立场。若无意侵犯到您的权利，请及时与联系站长删除相关内容!