1. 首頁
  2. 問答
  3. .net客戶端使用X509證書和用戶名/密碼身份驗證調用JAX-WS webservice

.net客戶端使用X509證書和用戶名/密碼身份驗證調用JAX-WS webservice

2012-08-29 66 views
2

我在使用來自.net客戶端的JAX-WS Webservice時遇到了問題。 我能夠打開連接到WS但是當我嘗試使用任何方法,然後我得到這個錯誤:.net客戶端使用X509證書和用戶名/密碼身份驗證調用JAX-WS webservice

第一個錯誤,我GET是:

Identity check failed for outgoing message. The expected DNS identity of the remote endpoint was 'amms.someDomain.com' but the remote endpoint provided DNS claim '*.someDomain.com'. If this is a legitimate remote endpoint, you can fix the problem by explicitly specifying DNS identity '*.someDomain.com' as the Identity property of EndpointAddress when creating channel proxy.

我的app.config似乎像:

<?xml version="1.0" encoding="utf-8" ?> 
<configuration> 
<system.serviceModel> 
     <customBinding> 
      <binding name="SrvPortBinding"> 
       <security defaultAlgorithmSuite="Basic128" authenticationMode="UserNameForCertificate" 
        requireDerivedKeys="false" securityHeaderLayout="Strict" includeTimestamp="true" 
        keyEntropyMode="CombinedEntropy" messageProtectionOrder="SignBeforeEncrypt" 
        messageSecurityVersion="WSSecurity11WSTrust13WSSecureConversation13WSSecurityPolicy12BasicSecurityProfile10" 
        requireSignatureConfirmation="false"> 
        <localClientSettings cacheCookies="true" detectReplays="true" 
         replayCacheSize="900000" maxClockSkew="00:05:00" maxCookieCachingTime="Infinite" 
         replayWindow="00:05:00" sessionKeyRenewalInterval="10:00:00" 
         sessionKeyRolloverInterval="00:05:00" reconnectTransportOnFailure="true" 
         timestampValidityDuration="00:05:00" cookieRenewalThresholdPercentage="60" /> 
        <localServiceSettings detectReplays="true" issuedCookieLifetime="10:00:00" 
         maxStatefulNegotiations="128" replayCacheSize="900000" maxClockSkew="00:05:00" 
         negotiationTimeout="00:01:00" replayWindow="00:05:00" inactivityTimeout="00:02:00" 
         sessionKeyRenewalInterval="15:00:00" sessionKeyRolloverInterval="00:05:00" 
         reconnectTransportOnFailure="true" maxPendingSessions="128" 
         maxCachedCookies="1000" timestampValidityDuration="00:05:00" /> 
        <secureConversationBootstrap /> 
       </security> 
       <textMessageEncoding maxReadPoolSize="64" maxWritePoolSize="16" 
        messageVersion="Soap11WSAddressing10" writeEncoding="utf-8"> 
        <readerQuotas maxDepth="32" maxStringContentLength="98192" maxArrayLength="916384" 
         maxBytesPerRead="94096" maxNameTableCharCount="916384" /> 
       </textMessageEncoding> 
       <httpsTransport manualAddressing="false" maxBufferPoolSize="9524288" 
        maxReceivedMessageSize="965536" allowCookies="false" authenticationScheme="Anonymous" 
        bypassProxyOnLocal="false" decompressionEnabled="true" hostNameComparisonMode="StrongWildcard" 
        keepAliveEnabled="true" maxBufferSize="965536" proxyAuthenticationScheme="Anonymous" 
        realm="" transferMode="Buffered" unsafeConnectionNtlmAuthentication="false" 
        useDefaultWebProxy="true" requireClientCertificate="false" /> 
      </binding> 
     </customBinding> 
    </bindings> 
    <client> 
     <endpoint address="https://amms.someDomain.com:443/mmew1/Srv" 
      binding="customBinding" bindingConfiguration="SrvPortBinding" 
      contract="InfoMedica1.Srv" name="SrvPort" > 

     </endpoint>    
    </client> 
</system.serviceModel>

`

後來我改變了這一點:

<client> 
     <endpoint address="https://amms.someDomain.com:443/mmew1/Srv" 
      binding="customBinding" bindingConfiguration="SrvPortBinding" 
      contract="InfoMedica1.Srv" name="SrvPort" > 

     </endpoint>    
    </client>

到:

<client> 
     <endpoint address="https://amms.someDomain.com:443/mmew1/Srv" 
      binding="customBinding" bindingConfiguration="SrvPortBinding" 
      contract="InfoMedica1.Srv" name="SrvPort" > 
     <identity> 
      <dns value="*.someDomain.com"/> 
     </identity> 
     </endpoint>    
    </client>

現在我已經得到了異常: An unsecured or incorrectly secured fault was received from the other party. See the inner FaultException for the fault code and detail. 內部異常:Invalid Security Header

有沒有人有那種錯誤,並得到它的工作? 可以發生此錯誤,因爲這*字符在*.someDomain.com

我檢查過服務器和客戶端的時間是一樣的。在添加此X509和用戶名/密碼認證之前,Webservice正常工作。

如果任何進一步的信息需要請問意見:)

編輯:

當我tryed禁用服務證書驗證這樣的:發生

<client> 
     <endpoint address="https://amms.someDomain.com:443/mmew1/Srv" 
      binding="customBinding" bindingConfiguration="SrvPortBinding" 
      contract="InfoMedica1.Srv" name="SrvPort" behaviorConfiguration="DisableServiceCertificateValidation"> 
     <identity> 
      <dns value="*.someDomain.com"/> 
     </identity> 
     </endpoint>    
    </client>

例外:

There is no endpoint behavior named 'DisableServiceCertificateValidation'

感謝提前:) :)

來源

2012-08-29 harry180

+0

您是否嘗試過使用「someDomain.com」?您是否嘗試過使用「amms.someDomain.com」作爲測試?您是否嘗試禁用證書安全檢查作爲測試?去看看這裏的答案:http://stackoverflow.com/questions/338385/how-do-i-tell-wcf-to-skip-verification-of-the-certificate – Brannon

+0

首先感謝甚至嘗試幫助: ) 是的我嘗試使用'someDomain.com'和'amms.someDomain.com'它沒有任何改變。我已經編輯了關於第三個問題的問題 – harry180

回答

0

這是一個web服務的問題。人誰寫它改變了不知道到底是什麼東西,但它開始工作了:)

也許有人有類似的問題,所以這裏是;)

感謝您的幫助所有感興趣;)

來源

2012-12-20 09:12:05 harry180

相關問題

 相關問題