我在同一台机器上有一个WCF Web服务和一个客户端。使用浏览器直接访问WCF Web服务,但客户端无法连接;错误信息如下。有任何想法吗? IIS中的集成Windows身份验证用于客户端和服务器。
The remote server returned an error: (401) Unauthorized.
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.
Exception Details: System.Net.WebException: The remote server returned an error: (401) Unauthorized.
Source Error:
An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.
Stack Trace:
[WebException: The remote server returned an error: (401) Unauthorized.]
System.Net.HttpWebRequest.GetResponse() +5313085
System.ServiceModel.Channels.HttpChannelRequest.WaitForReply(TimeSpan timeout) +54
[MessageSecurityException: The HTTP request is unauthorized with client authentication scheme 'Negotiate'. The authentication header received from the server was 'Negotiate,NTLM'.]
System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg) +7594687
System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type) +275
HRPaysService.IService1.GetAlert() +0
HRPaysService.Service1Client.GetAlert() +15
_Default.Page_Load(Object sender, EventArgs e) +138
System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp, Object o, Object t, EventArgs e) +14
System.Web.Util.CalliEventHandlerDelegateProxy.Callback(Object sender, EventArgs e) +35
System.Web.UI.Control.OnLoad(EventArgs e) +99
System.Web.UI.Control.LoadRecursive() +50
System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +627
客户端:
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="basicBinding">
<security mode="TransportCredentialOnly">
<transport clientCredentialType="Windows"
proxyCredentialType="Windows" realm="" />
<message clientCredentialType="UserName"
algorithmSuite="Default" />
</security>
</binding>
</basicHttpBinding>
</bindings>
<client>
<endpoint
address="http://hrpaysservice/service1.svc"
binding="basicHttpBinding"
bindingConfiguration="basicBinding"
contract="HRPaysService.IService1">
</endpoint>
</client>
</system.serviceModel>
服务器:
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="basicBinding">
<security mode="TransportCredentialOnly">
<transport clientCredentialType="Windows"
proxyCredentialType="Windows" realm="" />
<message clientCredentialType="UserName"
algorithmSuite="Default" />
</security>
</binding>
</basicHttpBinding>
</bindings>
<client>
<endpoint
address="http://hrpaysservice/service1.svc"
binding="basicHttpBinding"
bindingConfiguration="basicBinding"
contract="HRPaysService.IService1">
</endpoint>
</client>
</system.serviceModel>
答案 0 :(得分:4)
当我尝试通过向我的Windows窗体应用程序添加“服务引用”来访问IIS上托管的WCF服务时遇到了同样的错误。但是当客户端遇到服务方法的调用时,我得到了“UnAuthorized 401 exception”。这是我解决这个问题的方法:
(1)我在WCF服务配置文件中使用[wsHttpBinding]将它切换为[basicHttpBinding],如下所示:
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="BasicHttpEndpointBinding">
<security mode="TransportCredentialOnly">
<transport clientCredentialType="Windows" />
</security>
</binding>
</basicHttpBinding>
</bindings>
<services>
<service behaviorConfiguration="ServiceBehavior" name="IService1">
<endpoint address="" binding="basicHttpBinding"
bindingConfiguration="BasicHttpEndpointBinding"
name="BasicHttpEndpoint" contract="IService1">
<identity>
<dns value="localhost" />
</identity>
</endpoint>
<endpoint address="mex" binding="mexHttpBinding"
contract="IMetadataExchange" />
</service>
</services>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true"
multipleSiteBindingsEnabled="true" />
(2)从客户端应用程序添加“服务引用”并为其命名(我们将在以下步骤中将该名称用作“ProxyCalssName”)
(3)调整客户端应用程序的app.config文件,如下所示:
<system.serviceModel>
<client>
<endpoint address="your service URL"
binding="basicHttpBinding" bindingConfiguration="basic" contract="ProxyClassName.ServiceName"
name="default" />
</client>
<bindings>
<basicHttpBinding>
<binding name="basic">
<security mode="TransportCredentialOnly">
<transport clientCredentialType="Windows" proxyCredentialType="None"
realm="" />
<message clientCredentialType="UserName" algorithmSuite="Default" />
</security>
</binding>
</basicHttpBinding>
</bindings>
</system.serviceModel>
(4)在客户端应用程序的代码中:
ProxyClassName.MyServiceName srv = new ProxyClassName.MyServiceName("default");
//default is the name of the endpoint in the app.config file as we did.
srv.ClientCredentials.Windows.AllowedImpersonationLevel = System.Security.Principal.TokenImpersonationLevel.Impersonation;
祝你好运,DigitalFox
答案 1 :(得分:1)
客户端:
<system.serviceModel>
<bindings>
<wsHttpBinding>
<binding name="WSHttpBinding_IService1" closeTimeout="00:01:00"
openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00"
bypassProxyOnLocal="false" transactionFlow="false" hostNameComparisonMode="StrongWildcard"
maxBufferPoolSize="524288" maxReceivedMessageSize="65536" messageEncoding="Text"
textEncoding="utf-8" useDefaultWebProxy="true" allowCookies="false">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
maxBytesPerRead="4096" maxNameTableCharCount="16384" />
<reliableSession ordered="true" inactivityTimeout="00:10:00"
enabled="false" />
<security mode="Message">
<transport clientCredentialType="Windows" proxyCredentialType="None"
realm="" />
<message clientCredentialType="Windows" negotiateServiceCredential="true"
algorithmSuite="Default" establishSecurityContext="true" />
</security>
</binding>
</wsHttpBinding>
</bindings>
<client>
<endpoint address="http://localhost:3097/Service1.svc" binding="wsHttpBinding"
bindingConfiguration="WSHttpBinding_IService1" contract="HRPaysService.IService1"
name="WSHttpBinding_IService1">
<identity>
<dns value="localhost" />
</identity>
</endpoint>
</client>
</system.serviceModel>
服务器:
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="basicBinding">
<security mode="TransportCredentialOnly">
<transport clientCredentialType="Windows"/>
</security>
</binding>
</basicHttpBinding>
</bindings>
<services>
<service behaviorConfiguration="basicBehavior" name="WcfService1.Service1">
<endpoint address="" binding="basicHttpBinding" contract="WcfService1.IService1" bindingConfiguration="basicBinding" />
<endpoint address="mex" binding="basicHttpBinding" contract="IMetadataExchange" bindingConfiguration="basicBinding" />
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="basicBehavior">
<serviceMetadata httpGetEnabled="true" />
</behavior>
</serviceBehaviors>
</behaviors>
</system.serviceModel>
答案 2 :(得分:0)
您是否在服务Web应用程序中设置了CrossDomain.xml文档?如果没有,请创建一个包含以下内容的文件 -
<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-http-request-headers-from domain="*" headers="*"/>
</cross-domain-policy>
答案 3 :(得分:0)
如果没有为匿名访问配置WCF服务的虚拟目录,则应删除“mex”端点。
你已经发布了2套不同的配置,似乎不匹配。你可以发布导致错误的配置吗?
您的第一个(最顶层)客户端配置和最新的服务器配置(没有mex部分)应该可以正常工作。