相关疑难解决方法(0)

我有以下WCF客户端配置:

<basicHttpBinding>
   <binding name="basicHttpOCCWS" closeTimeout="00:01:00" openTimeout="00:01:00"
                 receiveTimeout="00:10:00" sendTimeout="00:01:00" allowCookies="false"
                 bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard"
                 maxBufferSize="100000000" maxBufferPoolSize="524288"
                 maxReceivedMessageSize="100000000" messageEncoding="Text"
                 textEncoding="utf-8" transferMode="Buffered" useDefaultWebProxy="true">
      <readerQuotas maxDepth="32" maxStringContentLength="8192"
                    maxArrayLength="16384" maxBytesPerRead="4096" 
                    maxNameTableCharCount="16384" />
      <security mode="TransportCredentialOnly">
         <transport clientCredentialType="Basic" />            
      </security>
   </binding>
</basicHttpBinding>

在代码中,我按如下方式设置用户名和密码:

client.ClientCredentials.UserName.UserName = _cacledUserId;
client.ClientCredentials.UserName.Password = _cachedPassword;

但是,在Tomcat上运行的Web服务返回错误:

"在安全上下文中找不到身份验证对象."

当我查看HTTP标头时,它缺少凭据信息,如下所示:

POST /occ600webservice/services/OCC_WS HTTP/1.1
Content-Type: application/soap+xml; charset=utf-8; action=""
Host: 192.54.173.130:8080
Content-Length: 2223
Expect: 100-continue 

为什么我的凭据没有被发送？

TIA.

克劳斯

我一直在努力让WCF安全工作为我的项目工作,并且运气不佳.我正在尝试创建一个使用net.tcp作为绑定的服务,并同时执行消息和传输安全性.使用用户名和密码完成消息安全性,并使用证书完成传输安全性(据称!).

对于我的开发测试,我创建了自己的证书颁发机构,并将此证书放在我的计算机的可信存储(LocalMachine)中.然后,我创建了两个证书,每个证书都由我的证书颁发机构签名,一个用于要使用的服务,另一个用于客户端应用程序.我将这两个放在LocalMachine中的个人商店(我的)中.然后,为了进行测试,我创建了一个未由我的证书颁发机构签名的随机证书(因此不受信任)并将其放在LocalMachine中的个人存储中.我使用makecert来创建这些证书.

然后,我配置连接到服务的客户端应用程序,以使用无效的不受信任的证书作为其客户端证书.设置(假设)服务以使用链信任检查客户端证书.但是,此客户端能够连接并成功与服务通信!它应该被拒绝,因为它的证书是不可信的!

我不知道是什么导致了这种行为,所以我把这个问题提交给你们,看看你们是怎么做的.这是我的WCF配置:

服务配置:

<system.serviceModel>
    <services>
        <service behaviorConfiguration="DHTestBehaviour" name="DigitallyCreated.DHTest.Business.DHTestBusinessService">
            <endpoint address="" binding="netTcpBinding" contract="DigitallyCreated.DHTest.Business.IDHTestBusinessService" bindingConfiguration="DHTestNetTcpBinding" bindingNamespace="http://www.digitallycreated.net/DHTest/v1" />

            <host>
                <baseAddresses>
                    <add baseAddress="net.tcp://localhost:8090/"/>
                    <add baseAddress="http://localhost:8091/"/>
                </baseAddresses>
            </host>
        </service>
    </services>
    <behaviors>
        <serviceBehaviors>
            <behavior name="DHTestBehaviour">
                <serviceMetadata httpGetEnabled="true"/>
                <serviceDebug includeExceptionDetailInFaults="true"/>
                <serviceCredentials>
                    <userNameAuthentication userNamePasswordValidationMode="MembershipProvider" membershipProviderName="DHTestMembershipProvider"/>
                    <serviceCertificate storeLocation="LocalMachine" storeName="My" x509FindType="FindBySubjectDistinguishedName" findValue="CN=business.dhtestDHTest.com" />
                    <clientCertificate>
                        <authentication certificateValidationMode="ChainTrust" trustedStoreLocation="LocalMachine" revocationMode="NoCheck" />
                    </clientCertificate>
                </serviceCredentials>
                <serviceAuthorization principalPermissionMode="UseAspNetRoles" roleProviderName="DHTestRoleProvider" />
            </behavior>
        </serviceBehaviors>
    </behaviors>
    <bindings>
        <netTcpBinding>
            <binding name="DHTestNetTcpBinding">
                <security mode="TransportWithMessageCredential">
                    <message clientCredentialType="UserName"/>
                    <transport clientCredentialType="Certificate" protectionLevel="EncryptAndSign"/>
                </security>
            </binding>
        </netTcpBinding>
    </bindings>
</system.serviceModel>

客户会议:

<system.serviceModel>
    <bindings>
        <netTcpBinding> …