1
我身邊有對託管在IIS(無生產所以沒有SSL證書可用在互聯網上使用)WCF服務中授權使用Active Directory - 拒絕訪問錯誤
我的域帳戶通過HTTP流量WCF授權問題我想知道如何將客戶端的Windows身份驗證設置爲我的Web服務。我目前在同一個局域網上進行測試,以便代理是沒有問題的
我已經包含在這篇文章的末尾
編輯的嘗試步驟列表:正在發生的錯誤是隻訪問是拒絕,沒有別的,從 嘗試,抓住客戶端應用程序。如果有辦法獲得更詳細的信息,請讓我知道,並將結果添加到帖子中。
WCF服務代碼:
[AspNetCompatibilityRequirements(RequirementsMode = AspNetCompatibilityRequirementsMode.Allowed)]
ServiceBehavior(InstanceContextMode = InstanceContextMode.Single, ConcurrencyMode = ConcurrencyMode.Single, IncludeExceptionDetailInFaults = true)]
public class Data : IData
{
[PrincipalPermission(SecurityAction.Demand, [email protected]"Administrators")]
public List<Incident> GetCases()
{
Queries query = new Queries();
List<Incident> iList = query.CallCases();
return iList;
}
}
WCF Web配置綁定:
<wsHttpBinding>
<binding name="TransportSecurity">
<security mode="None">
<message clientCredentialType="Windows" algorithmSuite="Default"/>
</security>
</binding>
</wsHttpBinding>
WCF Web配置行爲:
<behavior name="Behaviour1">
<serviceMetadata httpGetEnabled="true" httpGetUrl=""/>
<serviceDebug includeExceptionDetailInFaults="true" />
<useRequestHeadersForMetadataAddress>
<defaultPorts>
<add scheme="http" port="9577" /> ///This port is correct
</defaultPorts>
</useRequestHeadersForMetadataAddress>
</behavior>
WCF的Web配置服務:
<service behaviorConfiguration="Behaviour1" name="WebService1.Data">
<endpoint address="" binding="wsHttpBinding" bindingConfiguration="TransportSecurity" contract="WebService1.IData">
<identity>
<dns value="demo.DomainName.co.uk" />
</identity>
</endpoint>
<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" />
</service>
客戶端應用程序(增加了服務的參考)
DataClient client = new DataClient();
AppDomain.CurrentDomain.SetPrincipalPolicy(PrincipalPolicy.WindowsPrincipal);
PrincipalPermission principalPerm = new PrincipalPermission(null, "Administrators");
principalPerm.Demand();
Console.WriteLine("Demand succeeded.");
client.ClientCredentials.Windows.ClientCredential.Domain = "Domain Name";
client.ClientCredentials.Windows.ClientCredential.UserName = "User Account";
client.ClientCredentials.Windows.ClientCredential.Password = "Password";
//client.ClientCredentials.UserName.UserName = @"[email protected]";
//client.ClientCredentials.UserName.Password = "Password";
//client.ClientCredentials.UseIdentityConfiguration = true;
try
{
List<Incident> cases = client.GetCases().ToList();
foreach (Incident Inc in cases)
{
Console.WriteLine(Inc.CaseID);
}
}
catch (Exception ex)
{
Console.WriteLine(ex.Message);
}
嘗試決議:
- 使用域和本地用戶
- 修改使用客戶端憑據類型基本,NTLM和Windows
- 設置IIS以使用
- IIS啓用了基本和Windows身份驗證
如果您需要更多信息,請不要猶豫,問。
感謝您的幫助,您可以提供
歡迎來到SO。你已經爲第一次海報寫了一個很好的問題,但我認爲一小部分但重要的信息缺失 - 即你看到的是什麼行爲或錯誤?另外,我認爲將'securityMode'設置爲「None」可能會影響您正在嘗試執行的操作 - 兒童安全設置可能會被忽略(這只是我的猜測)。 – Tim 2015-04-01 16:51:02
謝謝Tim,完全忘了補充一點,我現在已經添加了它。並感謝您的熱烈歡迎 – 2015-04-01 17:43:36