2011-01-26 119 views
1

我有一個工作流WCF服務(ServiceDMZ),安裝在防火牆上的服務器上。該服務在該服務器上的Windows帳戶下運行。帳戶名稱:DMZDomain \ DMZUserName。跨域WCF通信

我有我的開發計算機(ServiceDev)上運行的另一個工作流WCF服務。這是一個在我的Windows帳戶下運行的自託管服務:DevDomain \ DevUserName。

ServiceDev在Send和Recieve活動中使用wsHttpContextBinding和上下文關聯與ServiceDMZ進行通信。 ServiceDMZ在完成任務後使用回調地址與ServiceDev進行通信。

我得到這個錯誤在ServiceDev的Send活動:

System.ServiceModel.Security.SecurityNegotiationException:來電者不是由服務認證。 ---> System.ServiceModel.FaultException:由於身份驗證失敗,無法滿足安全令牌請求。 System.ServiceModel.Security.SecurityUtils.ThrowIfNegotiationFault(Message message,EndpointAddress target)at System.ServiceModel.Security.IssuanceTokenProviderBase`1.ThrowIfFault(Message message,EndpointAddress target)at System.ServiceModel.Security.SspiNegotiationTokenProvider.GetNextOutgoingMessageBody(Message incomingMessage, SspiNegotiationTokenProviderState sspiState)---內部異常堆棧跟蹤的末尾在System.ServiceModel.Activities.InternalSendMessage.OnSendFailure(NativeActivityFaultContext上下文中,異常propagatedException,ActivityInstance propagatedFrom)在System.Activities.Runtime.FaultCallbackWrapper.Invoke(NativeActivityFaultContext faultContext,異常傳播異常,ActivityInstance propagatedFrom)在System.Activities.Runtime.FaultCallbackWrapper.FaultWorkItem.Execute(ActivityExecutor執行者,BookmarkManager書籤管理器)

ServiceDev和ServiceDMZ的app.config文件中的設置應該是什麼?

謝謝!

您好,感謝您的評論。這裏是配置文件。

ServiceDev

<system.serviceModel> 
<services> 
    <service name="ServiceDev" behaviorConfiguration="ServiceDevBehavior"> 
    <host> 
     <baseAddresses> 
     <add baseAddress="http://10.204.78.16:9101/"/> 
     </baseAddresses>   
    </host> 
    <endpoint address="http://10.204.78.16:9101/ServiceDev" binding="wsHttpBinding" contract="IServiceDev" bindingConfiguration="ServiceDevBinding"></endpoint> 
    <endpoint address="http://10.204.78.16:9101/ServiceDev/mex" binding="mexHttpBinding" contract="IMetadataExchange"></endpoint> 
    <endpoint address="http://10.204.78.16:9101/ServiceDevCallback" binding="wsHttpContextBinding" contract="IServiceDevCallback" bindingConfiguration="ClientServiceDMZBinding"></endpoint>   
    </service> 
</services> 
<client> 
    <endpoint address="http://10.169.24.14:9100/ServiceDMZ" binding="wsHttpContextBinding" contract="IServiceDMZ" name="ClientServiceDMZ" bindingConfiguration="ClientServiceDMZBinding"> 
    <identity> 
     <userPrincipalName value="[email protected]"/> 
    </identity> 
    </endpoint> 
</client> 
<bindings> 
    <wsHttpBinding> 
    <binding name="ServiceDevBinding" maxReceivedMessageSize="8388608"> 
     <security> 
     <transport clientCredentialType="Windows" proxyCredentialType="None" realm=""/> 
     <message clientCredentialType="Windows" negotiateServiceCredential="true" algorithmSuite="TripleDesRsa15" establishSecurityContext="true"/> 
     </security> 
    </binding> 
    </wsHttpBinding> 
    <wsHttpContextBinding> 
    <binding name="ClientServiceDMZBinding" clientCallbackAddress="http://10.204.78.16:9101/ServiceDevCallback"> 
     <reliableSession ordered="true" inactivityTimeout="00:10:00" enabled="false" /> 
     <security> 
     <message clientCredentialType="Windows" negotiateServiceCredential="true" algorithmSuite="Default"/> 
     <transport clientCredentialType="Windows" proxyCredentialType="None" realm=""/> 
     </security> 
    </binding> 
    </wsHttpContextBinding> 
</bindings> 
<behaviors> 
    <serviceBehaviors> 
    <behavior name="ServiceDevBehavior"> 
     <serviceDebug includeExceptionDetailInFaults="true" httpHelpPageEnabled="true"/> 
     <serviceMetadata httpGetEnabled="true"/> 
     <sqlWorkflowInstanceStore connectionStringName="MySite.Deployment.Data.Providers.WorkflowInstanceStoreProvider" instanceCompletionAction="DeleteNothing" instanceLockedExceptionAction="BasicRetry" instanceEncodingOption="GZip" hostLockRenewalPeriod="00:01:00"/> 
    </behavior> 
    </serviceBehaviors> 
</behaviors> 
<standardEndpoints> 
    <dynamicEndpoint> 
    <standardEndpoint name="ClientServiceDMZDynamicEndpointConfiguration"> 
     <discoveryClientSettings> 
     <endpoint kind="udpDiscoveryEndpoint" endpointConfiguration="ServiceDMZUDPDiscoveryEndpoint"></endpoint> 
     </discoveryClientSettings> 
    </standardEndpoint> 
    </dynamicEndpoint> 
    <udpDiscoveryEndpoint> 
    <standardEndpoint name="ServiceDMZUDPDiscoveryEndpoint" discoveryVersion="WSDiscovery11"> 
    </standardEndpoint> 
    </udpDiscoveryEndpoint> 
</standardEndpoints> 
<serviceHostingEnvironment multipleSiteBindingsEnabled="true"/> 
<diagnostics performanceCounters="All"> 
    <messageLogging logEntireMessage="true" logMalformedMessages="true" logMessagesAtServiceLevel="true" logMessagesAtTransportLevel="true" maxMessagesToLog="30000" maxSizeOfMessageToLog="2000000"> 
    </messageLogging> 
</diagnostics> 

ServiceDMZ

<system.serviceModel> 
<services> 
    <service name="ServiceDMZ" behaviorConfiguration="ServiceDMZBehavior"> 
    <host> 
     <baseAddresses> 
     <add baseAddress="http://10.169.24.14:9100/"/> 
     </baseAddresses> 
    </host> 
    <endpoint address="http://10.169.24.14:9100/ServiceDMZ" binding="wsHttpContextBinding" contract="IServiceDMZ" bindingConfiguration="ServiceDMZBinding" behaviorConfiguration="ServiceDMZEndpointBehavior" /> 
    <endpoint address="http://10.169.24.14:9100/ServiceDMZ/mex" binding="mexHttpBinding" contract="IMetadataExchange"></endpoint> 
    <endpoint name="udpDiscovery" kind="udpDiscoveryEndpoint" /> 
    </service> 
</services> 
<bindings> 
    <wsHttpContextBinding> 
    <binding name="ServiceDMZBinding" clientCallbackAddress="http://10.204.78.16:9101/ServiceDevCallback"> 
     <security> 
     <message clientCredentialType="Windows" negotiateServiceCredential="true" algorithmSuite="Default"/> 
     <transport clientCredentialType="Windows" realm="" proxyCredentialType="None"/> 
     </security> 
    </binding> 
    </wsHttpContextBinding> 
</bindings> 
<behaviors> 
    <serviceBehaviors> 
    <behavior name="ServiceDMZBehavior"> 
     <serviceDebug includeExceptionDetailInFaults="true" httpHelpPageEnabled="true"/> 
     <serviceMetadata httpGetEnabled="true"/> 
     <serviceDiscovery> 
     <announcementEndpoints> 
      <endpoint kind="udpAnnouncementEndpoint" /> 
     </announcementEndpoints> 
     </serviceDiscovery> 
    </behavior> 
    </serviceBehaviors> 

    <endpointBehaviors> 
    <behavior name="ServiceDMZEndpointBehavior"> 
     <endpointDiscovery> 
     <scopes> 

     </scopes> 
     </endpointDiscovery> 
    </behavior> 
    </endpointBehaviors> 
</behaviors> 

<standardEndpoints> 
    <udpDiscoveryEndpoint> 
    <standardEndpoint name="ServiceDMZUDPDiscoveryEndpoint" discoveryVersion="WSDiscovery11" maxResponseDelay="00:00:00.600"/> 
    </udpDiscoveryEndpoint> 
</standardEndpoints> 

<diagnostics performanceCounters="All"> 
    <messageLogging logEntireMessage="true" logMalformedMessages="true" logMessagesAtServiceLevel="true" logMessagesAtTransportLevel="true" maxMessagesToLog="30000" maxSizeOfMessageToLog="2000000">   
    </messageLogging> 
</diagnostics>  

+0

您使用哪種認證方案和安全設置?你可以發佈你的配置嗎? – 2011-01-26 07:53:27

回答

0

這可能是部分信任的問題。安全是WCF需要充分信任的全部功能,沒有它只支持一部分功能,請參閱http://msdn.microsoft.com/en-us/library/bb412186.aspx

此外,如果您使用Windows身份驗證,它需要域之間的信任,假設您的計算機位於不同的域。