設置安全的SSL，WCF使用Windows身份驗證

Question

好吧，我真的需要幫助獲取此設置。目前我有一個ssl證書安裝。作爲應用程序，我在iis中安裝了一個wcf服務。我已經將它設置爲需要ssl，並且我能夠連接到該服務。問題是我想要Windows身份驗證。我想禁用匿名安全。不久，我禁用匿名並保持Windows身份驗證。我收到一個錯誤： 「主機上配置的身份驗證方案（'IntegratedWindowsAuthentication'）不允許在綁定'BasicHttpBinding'（'匿名'）上配置的身份驗證方案。請確保SecurityMode設置爲Transport或TransportCredentialOnly.etc等....「

當我用Windows身份驗證重新打開匿名。是的，我可以訪問服務，但它不使用Windows認證..它的奇怪，因爲其他文件，如test.html例如仍然需要用戶名/密碼。我不知道如何正確地限制一個web服務使用ssl的Windows身份驗證...任何人都可以幫助我？請

<?xml version="1.0"?> 
<configuration> 
    <system.web> 
    <compilation debug="true" strict="false" explicit="true" targetFramework="4.0" /> 
    <customErrors mode="Off"/> 
</system.web> 
<system.serviceModel> 


<bindings> 
    <wsHttpBinding> 
    <binding name="TransportSecurity"> 
     <security mode="Transport"> 
     <transport clientCredentialType="Windows" /> 
     </security> 


     <readerQuotas maxDepth="2147483647" 
      maxStringContentLength="2147483647" 
      maxArrayLength="2147483647" 
      maxBytesPerRead="2147483647" 
      maxNameTableCharCount="2147483647" /> 
    </binding> 
    </wsHttpBinding> 
</bindings> 
<services> 
    <service name="WcfConcur.ConcurService"> 
     <endpoint address="" 
       binding="wsHttpBinding" 
       bindingConfiguration="TransportSecurity" 
       contract="WcfConcur.IConcurService"/> 

<endpoint address="mex" 
       binding="mexHttpsBinding" 
       contract="IMetadataExchange" /> 
    </service> 
</services> 


<behaviors> 
    <serviceBehaviors> 
    <behavior> 


     <!-- To avoid disclosing metadata information, set the value below to false and remove the metadata endpoint above before deployment --> 
     <serviceMetadata httpsGetEnabled="true"/> 
     <!-- To receive exception details in faults for debugging purposes, set the value below to true. Set to false before deployment to avoid disclosing exception information --> 
     <serviceDebug includeExceptionDetailInFaults="true"/> 
    </behavior> 
    </serviceBehaviors> 
</behaviors> 
<serviceHostingEnvironment multipleSiteBindingsEnabled="true" /> 

</system.serviceModel> 
<system.webServer> 
    <modules runAllManagedModulesForAllRequests="true"/> 
    </system.webServer> 


</configuration> 

在客戶端，我添加了對wcf的引用。並自動下載。事情是，託管我INTIAL WCF地址是https://address/whatever.svc和它下載的時候它顯示http://internal地址我不知道如果多數民衆贊成問題

<?xml version="1.0" encoding="utf-8" ?> 
     <configuration> 
      <startup> 
       <supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.0,Profile=Client" /> 
      </startup> 
      <system.serviceModel> 
        <client> 
        <endpoint address="http://internal address/wcfConcurService/ConcurService.svc" 
      binding="basicHttpBinding" bindingConfiguration="BasicHttpBinding_IConcurService" 
      contract="wcfConcurRef.IConcurService" name="BasicHttpBinding_IConcurService" /> 
      </client> 
       <bindings> 
        <basicHttpBinding> 
        <binding name="BasicHttpBinding_IConcurService" /> 
       </basicHttpBinding> 
        </bindings> 

      </system.serviceModel> 
     </configuration> 

Answer 1

錯誤消息拋出，當禁用匿名訪問，似乎表明了問題與客戶端配置。

客戶端配置似乎使用basicHttpBinding，它與使用wsHttpBinding的服務器配置不同。要解決綁定問題，您應該將服務器綁定配置複製到客戶端配置文件，然後更新客戶端端點以使用新的綁定配置。

您的客戶端配置應該是這個樣子：

<system.serviceModel> 
    <client> 
     <endpoint address="https://enter-external-address-here/wcfConcurService/ConcurService.svc" 
       binding="wsHttpBinding" bindingConfiguration="TransportSecurity" 
       contract="wcfConcurRef.IConcurService" name="BasicHttpBinding_IConcurService" /> 
    </client> 
    <bindings> 
     <wsHttpBinding> 
     <binding name="TransportSecurity"> 
      <security mode="Transport"> 
      <transport clientCredentialType="Windows" /> 
      </security> 
     </binding> 
     </wsHttpBinding> 
    </bindings> 
    </system.serviceModel>