我所遇到的这个问题并没有发生在所有访问我们服务的客户端上,但是一致的是,当错误发生时,它发生在少数客户端的同一服务调用上.
以下是例外的详细信息:
System.ServiceModel.Security.MessageSecurityException客户端身份验证方案"匿名"禁止HTTP请求.System.ServiceModel.Security.MessageSecurityException:禁止使用客户端身份验证方案"Anonymous"的HTTP请求. > ---> System.Net.WebException:远程服务器返回错误:(403)Forbidden. System.Service.Net.HttpWebRequest.GetResponse () at System.ServiceModel.Channels.HttpChannelFactory.HttpRequestChannel.HttpChannelRequest.WaitForReply(TimeSpan timeout)---内部异常堆栈跟踪结束---服务器堆栈跟踪:在System.ServiceModel.Security .IssuanceTokenProviderBase
1.DoNegotiation(TimeSpan timeout) at System.ServiceModel.Security.SspiNegotiationTokenProvider.OnOpen(TimeSpan timeout) at System.ServiceModel.Security.TlsnegoTokenProvider.OnOpen(TimeSpan timeout) at System.ServiceModel.Security.WrapperSecurityCommunicationObject.OnOpen(TimeSpan timeout) at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout) at System.ServiceModel.Security.CommunicationObjectSecurityTokenProvider.Open(TimeSpan timeout) at System.ServiceModel.Security.SecurityUtils.OpenTokenProviderIfRequired(SecurityTokenProvider tokenProvider, TimeSpan timeout) at System.ServiceModel.Security.SymmetricSecurityProtocol.OnOpen(TimeSpan timeout) at System.ServiceModel.Security.WrapperSecurityCommunicationObject.OnOpen(TimeSpan timeout) at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout) at System.ServiceModel.Channels.SecurityChannelFactory1.ClientSecurityChannel1.OnOpen(TimeSpan timeout) at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout) at System.ServiceModel.Security.SecuritySessionSecurityTokenProvider.DoOperation(SecuritySessionOperation operation, EndpointAddress target, Uri via, SecurityToken currentToken, TimeSpan timeout) at System.ServiceModel.Security.SecuritySessionSecurityTokenProvider.GetTokenCore(TimeSpan timeout) at System.IdentityModel.Selectors.SecurityTokenProvider.GetToken(TimeSpan timeout) at System.ServiceModel.Security.SecuritySessionClientSettings1.ClientSecuritySessionChannel.OnOpen(TimeSpan timeout)System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)at System.ServiceModel.Channels.ServiceChannel.OnOpen(TimeSpan timeout)
at System.ServiceModel.Channels.CommunicationObject .在System.ServiceModel.Channels.ServiceChannel.CallOpenOnce.System.ServiceModel.Channels.ServiceChannel.ICallOnce.Call(ServiceChannel频道,TimeSpan超时)的System.ServiceModel.Channels.ServiceChannel.CallOnceManager.CallOnce(TimeSpan超时)上打开(TimeSpan超时) System.ServiceModel.Channels.ServiceChannel.Call(String a)中System.ServiceModel.Channels.ServiceChannel.EnsureOpened(TimeSpan timeout)的,CallOnceManager级联)System.ServiceModel.Channels.ServiceChannel.Call(String action,Boolean oneway,ProxyOperationRuntime operation,Object [] ins,Object [] out,ction,Boolean oneway,ProxyOperationRuntime operation,Object [] ins,Object [] outs,TimeSpan timeout) )System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall,ProxyOperationRuntime操作)at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)异常重新抛出[0]:at System.Runtime.Remoting.Proxies.RealProxy. HandleReturnMessage(IMessage reqMsg,IMessage retMsg)位于Proxy.FileTransferService.FileTransferServiceClient上的> Proxy.FileTransferService.IFileTransferService.EstablishProxy(DownloadRequest请求)的 System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData&msgData,Int32类型) .在LoggingFileTransferServiceClient.Download(Int32 packageId,ISt)的NormalFileTransferServiceClient.Download(Int32 packageId,IStreamWriter下载器,Archiver归档器)上的Proxy.FileTransferService.IFileTransferService.EstablishProxy(DownloadRequest请求)
客户抛出了这个例外.
IFileTransferService的客户端代理配置是:
<binding name="WSHttpBinding_IFileTransferService" closeTimeout="00:01:00"
openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00"
bypassProxyOnLocal="false" transactionFlow="false" hostNameComparisonMode="StrongWildcard"
maxBufferPoolSize="524288" maxReceivedMessageSize="65536" messageEncoding="Mtom"
textEncoding="utf-8" useDefaultWebProxy="true" allowCookies="false">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
maxBytesPerRead="4096" maxNameTableCharCount="16384" />
<reliableSession ordered="true" inactivityTimeout="00:10:00"
enabled="false" />
<security mode="Message">
<transport clientCredentialType="Windows" proxyCredentialType="None"
realm="" />
<message clientCredentialType="UserName" negotiateServiceCredential="true"
algorithmSuite="Default" establishSecurityContext="true" />
</security>
</binding>
<endpoint address="http://[hostname]/FileTransferService.svc/FileTransfer"
binding="wsHttpBinding" bindingConfiguration="WSHttpBinding_IFileTransferService"
contract="Proxy.FileTransferService.IFileTransferService"
name="WSHttpBinding_IFileTransferService">
<identity>
<certificate encodedValue="a long string"/>
</identity>
</endpoint>
服务配置是
<service behaviorConfiguration="ServiceBehavior"
name="Services.FileTransferService">
<endpoint name="WSHttpBinding_IFileTransferService"
binding="wsHttpBinding"
bindingConfiguration="MtomWSHttpBinding"
contract="Services.IFileTransferService"
address="/FileTransfer"/>
<endpoint binding="basicHttpBinding"
bindingConfiguration="FileTransferServicesBinding"
contract="Services.IFileTransferService"/>
<host>
<baseAddresses>
<add baseAddress="http://[hostname]/FileTransferService.svc"/>
</baseAddresses>
</host>
</service>
<binding name="wsHttpBinding"
maxReceivedMessageSize="2147483647"
receiveTimeout="5"
useDefaultWebProxy="false">
<readerQuotas maxDepth="2147483647"
maxStringContentLength="2147483647"
maxArrayLength="2147483647"
maxBytesPerRead="2147483647"
maxNameTableCharCount="2147483647" />
<security mode="Message">
<message clientCredentialType="UserName" />
</security>
</binding>
<basicHttpBinding>
<binding name="FileTransferServicesBinding"
maxReceivedMessageSize="10067108864"
messageEncoding="Mtom"
transferMode="Streamed"
useDefaultWebProxy="false">
<security mode="None">
<message clientCredentialType="UserName" />
</security>
</binding>
</basicHttpBinding>
注意:一些客户端正在使用basicHttpBinding(如果我正确设置了所有内容).在客户端的后续版本中,可能尚未完全分发(这就是我必须支持2版本的原因),我更改了代理以使用wsHttpBinding端点.我想知道我得到的这个错误是否特定于basicHttp,如果是这样,也许我没有正确设置这些配置.我假设获得此403错误的客户端正在使用wsHttpBinding.
以下是该服务的代码:
public RemoteBinaryInfo EstablishProxy(DownloadRequest request)
{
int packageId = request.PackageId;
System.IO.MemoryStream stream = new System.IO.MemoryStream(packageRepository.GetPackageBinary(packageId));
DisposeStreamWhenOperationIsComplete(stream, OperationContext.Current);
RemoteBinaryInfo result = new RemoteBinaryInfo();
result.Length = stream.Length;
result.MemoryByteStream = stream;
return result;
}
private static void DisposeStreamWhenOperationIsComplete(System.IO.MemoryStream stream, OperationContext clientContext)
{
clientContext.OperationCompleted += new EventHandler(delegate(object sender, EventArgs args)
{
if (stream != null)
stream.Dispose();
});
}
有没有人知道如果摆脱这个异常是我能控制的?我可以在客户端或服务配置文件上进行任何配置更改吗?
如果您需要我的任何信息,请告诉我.
在我看来,接收 MessageSecurityException 的客户端没有在其请求中提供有效的用户名/密码。
请参阅以下 msdn 主题http://msdn.microsoft.com/en-us/library/ms733131.aspx
| 归档时间: |
|
| 查看次数: |
29909 次 |
| 最近记录: |