WCFTestClient HTTP请求未经授权,客户端身份验证方案为"匿名"

Question

WCFTestClient HTTP请求未经授权,客户端身份验证方案为"匿名"

use*_*613 63 wcf ntlm anonymous wcftestclient negotiate

我创建了一个WCF服务并将其部署在Server上.当我浏览这个服务时,它使用？wsdl URL给出了积极的回应.现在我正试图通过WCF测试客户端测试服务.它显示正确的元数据.但是当我尝试从服务中调用任何方法时,它会向我显示异常...这里是堆栈跟踪的错误细节.

HTTP请求未经授权,客户端身份验证方案为"匿名".从服务器收到的身份验证标头是"Negotiate,NTLM".

服务器堆栈跟踪:

在
System.ServiceModel.Channels.HttpChannelUtilities.ValidateAuthentication(HttpWebRequest请求,HttpWebResponse响应,WebException responseException,HttpChannelFactory factory)
HTTP请求未经授权使用客户端身份验证方案"Anonymous".从服务器收到的身份验证标头是"Negotiate,NTLM".

服务器堆栈跟踪:

在
System.ServiceModel.Channels.HttpChannelUtilities.ValidateAuthentication(HttpWebRequest请求,HttpWebResponse响应,WebException responseException,HttpChannelFactory工厂)

客户端绑定:

<bindings>
    <wsHttpBinding>
        <binding name="WSHttpBinding_IServiceMagicService" closeTimeout="00:01:00"
            openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00"
            bypassProxyOnLocal="false" transactionFlow="false" hostNameComparisonMode="StrongWildcard"
            maxBufferPoolSize="524288" maxReceivedMessageSize="65536"
            messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true"
            allowCookies="false">
            <readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
                maxBytesPerRead="4096" maxNameTableCharCount="16384" />
            <reliableSession ordered="true" inactivityTimeout="00:10:00"
                enabled="false" />
            <security mode="None">
                <transport clientCredentialType="Windows" proxyCredentialType="None"
                    realm="" />
                <message clientCredentialType="Windows" negotiateServiceCredential="true"
                    establishSecurityContext="true" />
            </security>
        </binding>
    </wsHttpBinding>
</bindings>

Run Code Online (Sandbox Code Playgroud)

服务器绑定:

<bindings>
  <wsHttpBinding>
    <binding name="WSHttpBinding_SEOService" closeTimeout="00:10:00" openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:10:00" bypassProxyOnLocal="true" transactionFlow="false" hostNameComparisonMode="StrongWildcard" maxBufferPoolSize="999524288" maxReceivedMessageSize="655360000" messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true" allowCookies="false">
      <readerQuotas maxDepth="32" maxStringContentLength="900000" maxArrayLength="900000" maxBytesPerRead="900000" maxNameTableCharCount="900000" />
      <reliableSession ordered="true" inactivityTimeout="00:10:00" enabled="false" />
      <security mode="None">
        <transport clientCredentialType="Windows" proxyCredentialType="None" realm="" />
        <message clientCredentialType="Windows" negotiateServiceCredential="true" establishSecurityContext="true" />
      </security>
    </binding>
    <binding name="WSHttpServiceMagicBinding" closeTimeout="00:10:00" openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:10:00" bypassProxyOnLocal="true" transactionFlow="false" hostNameComparisonMode="StrongWildcard" maxBufferPoolSize="999524288" maxReceivedMessageSize="655360000" messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true" allowCookies="false">
      <readerQuotas maxDepth="32" maxStringContentLength="900000" maxArrayLength="900000" maxBytesPerRead="900000" maxNameTableCharCount="900000"/>
      <reliableSession ordered="true" inactivityTimeout="00:10:00" enabled="false"/>
      <security mode="None">
        <transport clientCredentialType="Windows" proxyCredentialType="None" realm=""/>
        <message clientCredentialType="Windows" negotiateServiceCredential="true" establishSecurityContext="true"/>
      </security>
    </binding>
  </wsHttpBinding>
</bindings>

Run Code Online (Sandbox Code Playgroud)

客户的客户部分:

<client>
    <endpoint address="http://hydwebd02.solutions.com/GeoService.Saveology.com/ServiceMagicService.svc"
        binding="wsHttpBinding" bindingConfiguration="WSHttpBinding_IServiceMagicService"
        contract="IServiceMagicService" name="WSHttpBinding_IServiceMagicService" />
</client>

Run Code Online (Sandbox Code Playgroud)

服务器服务部分:

<services>
    <service behaviorConfiguration="GeoService.Saveology.com.CityStateServiceProviderBehavior"
    name="GeoService.Saveology.com.CityStateServiceProvider">
    <endpoint binding="wsHttpBinding" bindingConfiguration="WSHttpBinding_SEOService"
        contract="SEO.Common.ServiceContract.ICityStateService" />
    <endpoint address="mex" binding="mexHttpBinding" bindingConfiguration=""
        contract="IMetadataExchange" />
    </service>
    <service behaviorConfiguration="GeoService.Saveology.com.ServiceMagicServiceProviderBehavior"
    name="GeoService.Saveology.com.ServiceMagicServiceProvider">
    <endpoint binding="wsHttpBinding" bindingConfiguration="WSHttpServiceMagicBinding" 
        contract="SEO.Common.ServiceContract.IServiceMagicService">
    </endpoint>
    <endpoint address="mex" binding="mexHttpBinding" bindingConfiguration="" contract="IMetadataExchange" />
    </service>
</services>

Run Code Online (Sandbox Code Playgroud)

Answer 1

Ale*_*eck 80

我无法控制我正在调用的服务的安全配置,但是得到了同样的错误.我能够按如下方式修复我的客户端.

在配置中,设置安全模式:

<security mode="TransportCredentialOnly">
  <transport clientCredentialType="Windows" proxyCredentialType="None" realm="" />
  <message clientCredentialType="UserName" algorithmSuite="Default" />
</security>

Run Code Online (Sandbox Code Playgroud)

在代码中,将代理类设置为允许模拟(我添加了对名为customer的服务的引用):

Customer_PortClient proxy = new Customer_PortClient();
proxy.ClientCredentials.Windows.AllowedImpersonationLevel =    
         System.Security.Principal.TokenImpersonationLevel.Impersonation;

Run Code Online (Sandbox Code Playgroud)

如果以编程方式执行此操作,请确保使用Dim绑定为新的System.ServiceModel.BasicHttpBinding()而不是Dim绑定为新的System.ServiceModel.WSHttpBinding() (2认同)
我真的不知道Customer_PortClient是什么，但是设置安全模式可以帮助我解决问题。 (2认同)
当使用`<security mode ="TransportCredentialOnly">`时,您似乎不需要包含用于消息安全性的配置; SOAP消息以纯文本形式未加密发送.似乎忽略了`<message>`标签,因此不会造成任何伤害,只是不需要它.资料来源:https://msdn.microsoft.com/en-us/library/ff648505.aspx (2认同)

Answer 2

Rai*_*oad 9

我有一个类似的问题,你尝试过:

proxy.ClientCredentials.Windows.AllowedImpersonationLevel =   
          System.Security.Principal.TokenImpersonationLevel.Impersonation;

Run Code Online (Sandbox Code Playgroud)

Answer 3

Wil*_*lco 7

我发现这个错误的另一个可能的解决方案.可能没有回答OP的确切问题,但可能会帮助那些偶然发现此错误消息的人.

我使用WebHttpBinding在代码中创建我的客户端,以便复制以下行:

<security mode="TransportCredentialOnly">
  <transport clientCredentialType="Windows" proxyCredentialType="Windows" />
</security>

Run Code Online (Sandbox Code Playgroud)

我必须做:

var binding = new WebHttpBinding(WebHttpSecurityMode.TransportCredentialOnly);
                binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Windows;
                binding.Security.Transport.ProxyCredentialType = HttpProxyCredentialType.Windows;

Run Code Online (Sandbox Code Playgroud)

以及设置 proxy.ClientCredentials.Windows.AllowedImpersonationLevel = System.Security.Principal.TokenImpersonationLevel.Impersonation;

Answer 4

Irw*_*win 6

我认为这是没有回答,这是一个确切的报价从这里开始:

WSHttpBinding将尝试在SSP层执行内部协商.为了使其成功,您需要在IIS中为VDir允许匿名.默认情况下,WCF将为SPNEGO创建窗口凭据.在IIS层允许匿名不允许任何人进入,它将推迟到WCF堆栈.

我通过以下网址找到了这个:http://fczaja.blogspot.com/2009/10/http-request-is-unauthorized-with.html

谷歌搜索后:http://www.google.tt/#hl=en&source=hp&q=+The+HTTP+request+is+unauthorized+with+client+authentication+scheme+%27Anonymous

Answer 5

小智 5

我有一个类似的问题，并尝试了上面建议的一切。然后，我尝试将clientCreditialType更改为Basic，一切正常。

<basicHttpBinding>
    <binding name="BINDINGNAMEGOESHERE" >
      <security mode="TransportCredentialOnly">
        <transport clientCredentialType="Basic"></transport>
      </security>
    </binding>
  </basicHttpBinding>

Run Code Online (Sandbox Code Playgroud)

归档时间：	16 年，2 月前
查看次数：	243160 次
最近记录：	8 年，8 月前