如何解決此WIF/WCF異常？

Question

我正在嘗試執行How To: Enable WIF for a WCF Web Service Application。我得到了第3步 - 測試您的解決方案，我得到以下例外：

沒有發現CardSpace服務的版本安裝在機器上。請安裝CardSpace並重試該操作。

例外在客戶端項目出現在Program.cs中的第23行：

Console.WriteLine(client.ComputeResponse("Hello World")); 

堆棧跟蹤：

服務器堆棧跟蹤：
在System.IdentityModel.Selectors .CardSpaceShim.GetCardSpaceImplementationDll（）
at System.IdentityModel.Selectors.CardSpaceShim.InitializeIfNecessary（）
在System.IdentityModel.Selectors.CardSpaceSelector.GetToken（CardSpacePolicyElement [] policyChain，SecurityTokenSerializer tokenSerializer）
在System.ServiceModel.Description.ClientCredentials.GetInfoCardSecurityToken（布爾requiresInfoCard，CardSpacePolicyElement []鏈，SecurityTokenSerializer tokenSerializer）
在System.Runtime .Remoting.Messaging.StackBuilderSink._PrivateProcessMessage（IntPtr的MD，對象[]指定參數時，對象服務器，對象[] & outArgs）
在System.Runtime.Remoting.Messaging.StackBuilderSink.AsyncProcessMessage（即時聊天味精，IMessageSink replySink）

在[0]處重新出現異常：
在System.Runtime.AsyncResult.End [TAsyncResult]（IAsyncResult的結果）
在System.ServiceModel.Dispatcher.ImmutableClientRuntime.DisplayInitializationUIAsyncResult.End（IAsyncResult的結果）
在System.ServiceModel.Dispatcher.ImmutableClientRuntime.EndDisplayInitializationUI（IAsyncResult的結果）
在System.ServiceModel.Dispatcher.ImmutableClientRuntime.DisplayInitializationUI（ServiceChannel信道）
在System.ServiceModel.Channels.ServiceChannel.DisplayInitializationUI（）
在System.ServiceModel.Channels.ServiceChannel.CallDisplayUIOnce.System.ServiceModel.Channels.ServiceChannel .ICallOnce.Call（ServiceChannel通道，TimeSpan超時）
在System.ServiceModel.Channels.ServiceChannel.CallOnceManager.CallOnce（時間跨度超時，CallOnceManager級聯）
在System.ServiceModel.Channels.ServiceChannel.EnsureDisplayUI（）
在System.ServiceModel.Channels.ServiceChannel.Call（字符串動作，布爾單向，ProxyOperationRuntime操作，Object [] ins，Object []出，TimeSpan超時）
at System.ServiceModel.Channels.ServiceChannel.Call（String action，Boolean oneway，ProxyOperationRuntime operation，Object [] ins，Object [] ）
at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService（IMethodCallMessage methodCall，ProxyOperationRuntime operation）
at System.ServiceModel.Channels.ServiceChannelPr oxy.Invoke（即時聊天消息）

異常重新拋出在1：
在System.Runtime.Remoting.Proxies.RealProxy。HandleReturnMessage（即時聊天reqMsg，即時聊天retMsg）
在System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke（MessageData & MSGDATA，的Int32類型）
在Client.ServiceReference1.IService1.ComputeResponse（字符串輸入）
在Client.ServiceReference1客戶端服務參考\ ServiceReference1 \ Reference.cs中的.Service1Client.ComputeResponse（字符串輸入）：第53行
位於Client.Program.Main（String [ ] args）在c：\ Users \ currentuser \ Documents \ Visual Studio 2012 \ Projects \ TestService \ Client \ Program.cs中：第23行

Answer 1

我已經花了相當一段時間來處理這個教程，試圖重現你的問題（這很容易），並在你對我之前的回答發表評論之後修復它（這很難）。

事情是，身份和訪問擴展有一個錯誤，並在服務的web.config中放置錯誤的發行人地址。如果從2013年8月13日看ChrisPD的評論在homepage of Identity and Access tool，你會看到：

ChrisPD： 雖然繼續調查此我注意到，身份和訪問工具使發行人的元數據的地址進入配置文件「https://localhost/adfs/services/trust/mex」而不是正確的值「http://localhost:15196/wsTrustSTS/mex」，其中15196是在工具中分配的端口號。當我將其替換爲服務配置並運行「添加服務參考」時，它會生成一個發行人地址http://localhost:15196/wsTrustSTS/。 因此，身份和訪問工具中似乎存在一個錯誤，即在選擇LocalSTS時，它不會插入正確的issuerMetadata地址。

我做了什麼ChrisPD建議，我遇到了證書鏈建設的小問題，因爲Identity和Access工具在示例中使用的證書是自簽名的，並且只能放在LocalMachine \ My商店中。因此它不被信任。我將它複製到LocalMachine \ Root存儲（我用mmc控制檯）並且它工作。

編輯： 我的web.config看起來像

<?xml version="1.0"?> 
<configuration> 
    <configSections> 
    <section name="system.identityModel" type="System.IdentityModel.Configuration.SystemIdentityModelSection, System.IdentityModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089" /> 
    </configSections> 
    <appSettings> 
    <add key="aspnet:UseTaskFriendlySynchronizationContext" value="true" /> 
    <add key="ida:FederationMetadataLocation" value="http://localhost:14060/wsFederationSTS/FederationMetadata/2007-06/FederationMetadata.xml" /> 
    <add key="ida:ProviderSelection" value="localSTS" /> 
    <add key="ida:EnforceIssuerValidation" value="false" /> 
    </appSettings> 
    <location path="FederationMetadata"> 
    <system.web> 
     <authorization> 
     <allow users="*" /> 
     </authorization> 
    </system.web> 
    </location> 
    <system.web> 
    <compilation debug="true" targetFramework="4.5" /> 
    <httpRuntime targetFramework="4.5" /> 
    </system.web> 
    <system.serviceModel> 
    <behaviors> 
     <serviceBehaviors> 
     <behavior> 
      <!-- To avoid disclosing metadata information, set the values below to false before deployment --> 
      <serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" /> 
      <!-- To receive exception details in faults for debugging purposes, set the value below to true. Set to false before deployment to avoid disclosing exception information --> 
      <serviceDebug includeExceptionDetailInFaults="false" /> 
      <serviceCredentials useIdentityConfiguration="true"> 
      <!--Certificate added by Identity and Access Tool for Visual Studio.--> 
      <serviceCertificate findValue="CN=localhost" storeLocation="LocalMachine" storeName="My" x509FindType="FindBySubjectDistinguishedName" /> 
      </serviceCredentials> 
     </behavior> 
     </serviceBehaviors> 
    </behaviors> 
    <protocolMapping> 
     <add scheme="http" binding="ws2007FederationHttpBinding" /> 
     <add binding="basicHttpsBinding" scheme="https" /> 
    </protocolMapping> 
    <serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" /> 
    <bindings> 
     <ws2007FederationHttpBinding> 
     <binding name=""> 
      <security mode="Message"> 
      <message> 
       <issuerMetadata address="http://localhost:14060/wsTrustSTS/mex" /> 
      </message> 
      </security> 
     </binding> 
     </ws2007FederationHttpBinding> 
    </bindings> 
    </system.serviceModel> 
    <system.webServer> 
    <modules runAllManagedModulesForAllRequests="true" /> 
    <!-- 
     To browse web app root directory during debugging, set the value below to true. 
     Set to false before deployment to avoid disclosing web app folder information. 
     --> 
    <directoryBrowse enabled="true" /> 
    </system.webServer> 
    <system.identityModel> 
    <identityConfiguration> 
     <audienceUris> 
     <add value="http://localhost:49768/Service1.svc" /> 
     </audienceUris> 
     <!--Commented by Identity and Access VS Package--> 
     <!--<issuerNameRegistry type="System.IdentityModel.Tokens.ValidatingIssuerNameRegistry, System.IdentityModel.Tokens.ValidatingIssuerNameRegistry"><authority name="LocalSTS"><keys><add thumbprint="9B74CB2F320F7AAFC156E1252270B1DC01EF40D0" /></keys><validIssuers><add name="LocalSTS" /></validIssuers></authority></issuerNameRegistry>--> 
     <!--certificationValidationMode set to "None" by the the Identity and Access Tool for Visual Studio. For development purposes.--> 
     <certificateValidation certificateValidationMode="None" /> 
     <issuerNameRegistry type="System.IdentityModel.Tokens.ConfigurationBasedIssuerNameRegistry, System.IdentityModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"> 
     <trustedIssuers> 
      <add thumbprint="9B74CB2F320F7AAFC156E1252270B1DC01EF40D0" name="LocalSTS" /> 
     </trustedIssuers> 
     </issuerNameRegistry> 
    </identityConfiguration> 
    </system.identityModel> 
</configuration> 

和app.config中，如：

<?xml version="1.0" encoding="utf-8" ?> 
<configuration> 
    <startup> 
     <supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.5" /> 
    </startup> 
    <system.serviceModel> 
     <bindings> 
      <ws2007FederationHttpBinding> 
       <binding name="WS2007FederationHttpBinding_IService1"> 
        <security> 
         <message> 
          <issuer address="http://localhost:14060/wsTrustSTS/" binding="ws2007HttpBinding" 
           bindingConfiguration="http://localhost:14060/wsTrustSTS/"> 
           <identity> 
            <userPrincipalName value="ellework\ppolacko" /> 
           </identity> 
          </issuer> 
          <issuerMetadata address="http://localhost:14060/wsTrustSTS/mex" /> 
          <tokenRequestParameters> 
           <trust:SecondaryParameters xmlns:trust="http://docs.oasis-open.org/ws-sx/ws-trust/200512"> 
            <trust:KeyType xmlns:trust="http://docs.oasis-open.org/ws-sx/ws-trust/200512">http://docs.oasis-open.org/ws-sx/ws-trust/200512/SymmetricKey</trust:KeyType> 
            <trust:KeySize xmlns:trust="http://docs.oasis-open.org/ws-sx/ws-trust/200512">256</trust:KeySize> 
            <trust:KeyWrapAlgorithm xmlns:trust="http://docs.oasis-open.org/ws-sx/ws-trust/200512">http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p</trust:KeyWrapAlgorithm> 
            <trust:EncryptWith xmlns:trust="http://docs.oasis-open.org/ws-sx/ws-trust/200512">http://www.w3.org/2001/04/xmlenc#aes256-cbc</trust:EncryptWith> 
            <trust:SignWith xmlns:trust="http://docs.oasis-open.org/ws-sx/ws-trust/200512">http://www.w3.org/2000/09/xmldsig#hmac-sha1</trust:SignWith> 
            <trust:CanonicalizationAlgorithm xmlns:trust="http://docs.oasis-open.org/ws-sx/ws-trust/200512">http://www.w3.org/2001/10/xml-exc-c14n#</trust:CanonicalizationAlgorithm> 
            <trust:EncryptionAlgorithm xmlns:trust="http://docs.oasis-open.org/ws-sx/ws-trust/200512">http://www.w3.org/2001/04/xmlenc#aes256-cbc</trust:EncryptionAlgorithm> 
           </trust:SecondaryParameters> 
          </tokenRequestParameters> 
         </message> 
        </security> 
       </binding> 
      </ws2007FederationHttpBinding> 
      <ws2007HttpBinding> 
       <binding name="http://localhost:14060/wsTrustSTS/"> 
        <security> 
         <message establishSecurityContext="false" /> 
        </security> 
       </binding> 
      </ws2007HttpBinding> 
     </bindings> 
     <client> 
      <endpoint address="http://localhost:49768/Service1.svc" binding="ws2007FederationHttpBinding" 
       bindingConfiguration="WS2007FederationHttpBinding_IService1" 
       contract="ServiceReference1.IService1" name="WS2007FederationHttpBinding_IService1"> 
       <identity> 
        <certificate encodedValue="AwAAAAEAAAAUAAAAydG2/dJ6+Purio4Xzd3ztFWxsDUgAAAAAQAAANUBAAAwggHRMIIBOqADAgECAhB4dGIh+3ScrU79RRAyML8sMA0GCSqGSIb3DQEBBQUAMBQxEjAQBgNVBAMTCWxvY2FsaG9zdDAeFw0xMzAyMjExNTU5MDBaFw0xODAyMjEwMDAwMDBaMBQxEjAQBgNVBAMTCWxvY2FsaG9zdDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA2d2XGXk/bvHmqv0Fl3conPWldZ3U5AblUnGH8+ew7u4GnWgQ2kL1aQXDf4eGGCBd0rtkUn0cggwE1Fh9TtLQ21RuWjLpAu86xQZCgxycAfu07Axyt8CCOshbkyfW5u+PRS5vUH9nDm4eG4X5y+8NKcyTcCwCrJUBVRXNgpu1VzcCAwEAAaMkMCIwCwYDVR0PBAQDAgSwMBMGA1UdJQQMMAoGCCsGAQUFBwMBMA0GCSqGSIb3DQEBBQUAA4GBAHfckVaKBDdQML7KcQkR6gHVj4icw/uoTBdrQH7OrKEUTa9CzL6yDyTRXw2IhMU60eHD3JzVWX3HYQX2z76vZ2F0C2BAKN1xtai0uASFJE7Hfjuj9wZy7Sp8ZuJ3Xchu+OCXHW65l3iPFndRaZMGTHZOhEE2BeI1a0VEu+VSSKyx" /> 
       </identity> 
      </endpoint> 
     </client> 
    </system.serviceModel> 
</configuration>