如何使用net.pipe綁定來管理ASP.NET中的工作流服務

Question

我試圖通過標準命名管道端點來管理託管在AppFabric上的工作流服務。我成功地可以從控制檯應用程序執行此操作，但是當嘗試從ASP.NET執行相同操作時，我會看到「Access is denied」異常。

據我所知，它的安全配置問題，即應該在web.config中以某種方式解決，但我不知道如何...

這裏是我使用的代碼：

NetNamedPipeBinding binding = new NetNamedPipeBinding(); 
EndpointAddress addr = new EndpointAddress("net.pipe://localhost/ServiceLibrary/LongRunningService.xamlx/System.ServiceModel.Activities_IWorkflowInstanceManagement"); 

try 
{ 
    var proxy = new WorkflowControlClient(binding, addr); 
    Guid instanceId = new Guid("<<SOME WORKFLOW INSTANCE ID>>"); 
    proxy.Suspend(instanceId); 
} 
catch (Exception ex) 
{ 
} 

更新： 理論上可以在web.config中註冊端點（http或net.pipe）而沒有任何安全性。在這種情況下，看起來一切正常......但我不想爲網站上註冊的每項服務做到這一點。我認爲應該有一些方法來連接已經註冊的net.pipe端點。這裏是明確的端點註冊（HTTP，net.pipe）web配置：

<behaviors> 
    <serviceBehaviors> 
    <behavior> 
     <remove name="serviceCredentials" /> 
     <serviceMetadata httpGetEnabled="true" /> 
     <serviceDebug includeExceptionDetailInFaults="false" /> 
     <sqlWorkflowInstanceStore instanceCompletionAction="DeleteNothing" instanceEncodingOption="None" instanceLockedExceptionAction="NoRetry" connectionStringName="ApplicationServerWorkflowInstanceStoreConnectionString" hostLockRenewalPeriod="00:00:30" runnableInstancesDetectionPeriod="00:00:05" /> 
     <workflowInstanceManagement authorizedWindowsGroup="" /> 
     <workflowUnhandledException action="AbandonAndSuspend" /> 
     <workflowIdle timeToPersist="00:00:30" timeToUnload="00:01:00" /> 
     <etwTracking profileName="Troubleshooting Tracking Profile" /> 
    </behavior> 
    <behavior name="StnandardBehavior"> 
     <remove name="serviceCredentials" /> 
     <serviceMetadata httpGetEnabled="true" /> 
     <serviceDebug includeExceptionDetailInFaults="false" /> 
     <sqlWorkflowInstanceStore instanceCompletionAction="DeleteNothing" instanceEncodingOption="None" instanceLockedExceptionAction="NoRetry" connectionStringName="ApplicationServerWorkflowInstanceStoreConnectionString" hostLockRenewalPeriod="00:00:30" runnableInstancesDetectionPeriod="00:00:05" /> 
     <workflowInstanceManagement authorizedWindowsGroup="" /> 
     <workflowUnhandledException action="AbandonAndSuspend" /> 
     <workflowIdle timeToPersist="00:00:30" timeToUnload="00:01:00" /> 
     <etwTracking profileName="Troubleshooting Tracking Profile" /> 
    </behavior> 
    </serviceBehaviors> 
</behaviors> 
<bindings> 
    <basicHttpBinding> 
    <binding name="httpSecurityOff" closeTimeout="00:10:00" openTimeout="00:10:00" receiveTimeout="00:10:00" sendTimeout="00:10:00" allowCookies="false" bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard" maxBufferSize="2147483647" maxBufferPoolSize="2147483647" maxReceivedMessageSize="2147483647" messageEncoding="Text" textEncoding="utf-8" transferMode="Buffered" useDefaultWebProxy="true"> 
     <readerQuotas maxDepth="32" maxStringContentLength="2147483647" maxArrayLength="2147483647" maxBytesPerRead="2147483647" maxNameTableCharCount="2147483647" /> 
     <security mode="None"> 
     <transport clientCredentialType="None" proxyCredentialType="None" realm="" /> 
     <message clientCredentialType="UserName" algorithmSuite="Default" /> 
     </security> 
    </binding> 
    </basicHttpBinding> 
    <netNamedPipeBinding> 
    <binding name="pipeSecurityOff" closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00" hostNameComparisonMode="StrongWildcard" maxBufferSize="65536" maxBufferPoolSize="524288" transactionFlow="false" transferMode="Buffered" transactionProtocol="OleTransactions" maxConnections="10" maxReceivedMessageSize="65536"> 
     <readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384" maxBytesPerRead="4096" maxNameTableCharCount="16384" /> 
     <security mode="None"> 
     <transport protectionLevel="None" /> 
     </security> 
    </binding> 
    </netNamedPipeBinding> 
</bindings> 
<services> 
    <service name="LongRunningService" behaviorConfiguration="StnandardBehavior"> 
    <endpoint address="wce" contract="System.ServiceModel.Activities.IWorkflowInstanceManagement" binding="basicHttpBinding" bindingConfiguration="httpSecurityOff" kind="workflowControlEndpoint" /> 
    <endpoint address="wce" contract="System.ServiceModel.Activities.IWorkflowInstanceManagement" binding="netNamedPipeBinding" bindingConfiguration="pipeSecurityOff" kind="workflowControlEndpoint" /> 
    <endpoint contract="ILongRunningService" binding="basicHttpBinding" bindingConfiguration="httpSecurityOff" /> 
    </service> 
</services> 

，並連接到這個新的端點這種情況下，客戶端代碼應該有一點是其他：

NetNamedPipeBinding binding = new NetNamedPipeBinding(); 
    binding.Security.Mode = NetNamedPipeSecurityMode.None; 
    EndpointAddress addr = new EndpointAddress("net.pipe://{{MACHINE_NAME}}/ServiceLibrary/LongRunningService.xamlx/wce"); 

    try 
    { 
     var proxy = new WorkflowControlClient(binding, addr); 
     Guid instanceId = new Guid(workflowInstanceId.Value); 
     proxy.Suspend(instanceId); 
     proxy.Close(); 
    } 
    catch (Exception ex) 
    { 
    } 

Answer 1

你是否在IIS中爲你的應用程序編輯了允許的網站/虛擬目錄綁定？你需要add net.pipe as an allowed protocol binding。

Answer 2

你可以把安全的，看看你是否有ASP.NET應用程序池標識的ACL的問題：

NetNamedPipeBinding nnpb = new NetNamedPipeBinding(); 
nnpb.Security.Mode = NetNamedPipeSecurityMode.None; 

Answer 3

嘗試把工作流ApplicationPool用戶的用戶組「AS_Administrators」的。 重新加載安全更改需要重置IIS。