标签: servicebehavior

当我尝试调用WCF服务时,我收到以下消息"验证邮件的安全性时出错".

当我删除自定义验证时,服务没有问题.虽然我在web.config中配置错误,但我无法弄清楚.任何见解将不胜感激.

  <system.serviceModel>
     <services>
        <service behaviorConfiguration="NAThriveExtensions.nableAPIBehavior"
          name="NAThriveExtensions.nableAPI">
           <endpoint 
             address="" 
             binding="basicHttpBinding" 
             bindingConfiguration="basicHttpBinding_Secure"
             contract="NAThriveExtensions.InableAPI">
           </endpoint>
           <endpoint 
             address="mex" 
             binding="mexHttpsBinding" 
             contract="IMetadataExchange" />
        </service>
     </services>
     <behaviors>
        <serviceBehaviors>
          <behavior name="NAThriveExtensions.nableAPIBehavior">
            <serviceMetadata httpsGetEnabled="true" />
            <serviceDebug includeExceptionDetailInFaults="false" />
            <serviceCredentials>
              <userNameAuthentication 
                userNamePasswordValidationMode="Custom" 
              customUserNamePasswordValidatorType= "NAThriveExtensions.Authentication, NAThriveExtensions" />
            </serviceCredentials>
          </behavior>
        </serviceBehaviors>
     </behaviors>
     <bindings>
       <basicHttpBinding>
         <binding name="basicHttpBinding_Secure">
           <security mode="TransportWithMessageCredential">
             <message clientCredentialType="UserName"/>
           </security>
         </binding>
       </basicHttpBinding>
     </bindings>
  </system.serviceModel>

我的wcf服务配置有问题.我希望每次调用我的服务都会创建一个新的服务实例.对于并发性,我希望一次调用在另一次启动之前完成.

因此,如果我有这样的服务:

[ServiceBehavior(ConcurrencyMode=ConcurrencyMode.Single,
InstanceContextMode=InstanceContextMode.PerCall)]
public class MyService: IMyService
{
    public bool MyServiceOp()
    {
        Debug.WriteLine("thread "+ 
            Thread.CurrentThread.ManagedThreadId.ToString());
        Debug.WriteLine("start operation ");
        Do_work()
        Debug.WriteLine("end operation");
        return true;
    }
}

当我在循环中调用多个调用时,跟踪给出:

thread 1
thread 2
start operation
start operation
end operation
end operation

虽然我想这样:

thread 1 start operation end operation
thread 2 start operation end operation

这可能吗？谢谢

我在WCF调用上收到以下错误:

在对象图中可以序列化或反序列化的最大项数是'65536'

我已经阅读了大量的论坛帖子,其中许多人提到修改app.config和web.config以指定允许更大对象图的新行为.我已经做到了,这就是我在这些文件中所拥有的:

关于WPF项目的App.Config:

<system.serviceModel>
<behaviors>
  <serviceBehaviors>
    <behavior name="">
      <serviceMetadata httpGetEnabled="false" />
      <serviceDebug includeExceptionDetailInFaults="false" />
    </behavior>
  </serviceBehaviors>
  <endpointBehaviors>
    <behavior name="">
      <dataContractSerializer maxItemsInObjectGraph="2147483646"/>
    </behavior>

  </endpointBehaviors>

</behaviors>

<services>
  <service name="digiPM.Shell.LogOutPMSEMRService.PMSEMRLogOutService">
    <!--<endpoint address="" binding="basicHttpBinding" contract="digiPM.Shell.LogOutPMSEMRService.IPMSEMRLogOutService">
      <identity>
        <dns value="localhost" />
      </identity>
    </endpoint>
    <endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" />
    <host>
      <baseAddresses>
        <add baseAddress="http://localhost:8732/Design_Time_Addresses/digiPM.Shell.LogOutPMSEMRService/PMSEMRLogOutService/" />
      </baseAddresses>
    </host>-->
    <endpoint address="" binding="netTcpBinding" name="NetTcpBindingEndpoint" contract="digiPM.Shell.LogOutPMSEMRService.IPMSEMRLogOutService">
      <identity>
        <dns value="localhost" />
      </identity>
    </endpoint>
    <endpoint address="mex" binding="mexTcpBinding" bindingConfiguration="" name="MexTcpBidingEndpoint" contract="IMetadataExchange" />
    <host>
      <baseAddresses>
        <add baseAddress="net.tcp://localhost:8732/Design_Time_Addresses/digiPM.Shell.LogOutPMSEMRService/PMSEMRLogOutService/" />
      </baseAddresses>
    </host>
  </service>
</services>

<!--binding info - …

我在主机的web.config中指定dataContractSerializer maxItemsInObjectGraph时遇到问题.

 <behaviors>
  <serviceBehaviors>
    <behavior name="beSetting">
      <serviceMetadata httpGetEnabled="True"/>
      <serviceDebug includeExceptionDetailInFaults="True" />
      <dataContractSerializer maxItemsInObjectGraph="2147483646"/>
    </behavior>
  </serviceBehaviors>
</behaviors>
 <services>
  <service name="MyNamespace.MyService"
           behaviorConfiguration="beSetting" >
    <endpoint address="http://localhost/myservice/"
              binding="webHttpBinding"
              bindingConfiguration="webHttpBinding1"
              contract="MyNamespace.IMyService"
              bindingNamespace="MyNamespace">
    </endpoint>
  </service>
</services>

以上对我的数据拉动没有影响.由于数据量很大,服务器超时.

但是,我可以在代码中指定最大限制并且有效

  [ServiceBehavior(MaxItemsInObjectGraph=2147483646, IncludeExceptionDetailInFaults = true)]
  public abstract class MyService : MyService 
  {
   blah...
 }

有谁知道为什么我不能通过web.config设置来完成这项工作？我想保留在web.config中,以便将来更新.

情况

我们正在某些WCF服务上实现不同类型的安全性.ClientCertificate,UserName&Password和Anonymous.

我们有2个ServiceBehaviorConfigurations,一个用于httpBinding,另一个用于wsHttpBinding.(我们有基于声明的安全性的自定义授权策略)作为一项要求,我们需要为每项服务提供不同的端点.带有httpBinding的3个端点和带有wsHttpBinding的1个端点.

一项服务的示例:

• basicHttpBinding:匿名
• basicHttpBinding:UserNameAndPassword
• basicHttpBinding:BasicSsl
• wsHttpBinding:BasicSsl

注意:我们正在开发.NET 3.5

问题

第1部分:我们不能两次指定相同的服务,一次使用http服务配置,一次使用wsHttp服务配置.

第2部分:我们无法在端点上指定服务行为.(抛出和异常,未找到端点行为...服务行为无法设置为端点行为)

配置

第1部分:

<services>
  <service name="Namespace.MyService" behaviorConfiguration="securityBehavior">
   <endpoint address="http://server:94/MyService.svc/Anonymous" contract="Namespace.IMyService" binding="basicHttpBinding" bindingConfiguration="Anonymous">
    </endpoint> 
    <endpoint address="http://server:94/MyService.svc/UserNameAndPassword" contract="Namespace.IMyService" binding="basicHttpBinding" bindingConfiguration="UserNameAndPassword">
    </endpoint>
    <endpoint address="https://server/MyService.svc/BasicSsl" contract="Namespace.IMyService" binding="basicHttpBinding" bindingConfiguration="BasicSecured">
    </endpoint>
  </service>
  <service name="Namespace.MyService" behaviorConfiguration="wsHttpCertificateBehavior">
    <endpoint address="https://server/MyService.svc/ClientCert" contract="Namespace.IMyService" binding="wsHttpBinding" bindingConfiguration="ClientCert"/>
  </service>
</services>

服务行为配置:

<serviceBehaviors>
<behavior name="securityBehavior">
  <serviceAuthorization serviceAuthorizationManagerType="Namespace.AdamAuthorizationManager,Assembly">
    <authorizationPolicies>
      <add policyType="Namespace.AdamAuthorizationManager,Assembly" />
    </authorizationPolicies>
  </serviceAuthorization>
</behavior>
<behavior name="wsHttpCertificateBehavior">
  <serviceMetadata httpGetEnabled="false" httpsGetEnabled="true"/>
  <serviceAuthorization serviceAuthorizationManagerType="Namespace.AdamAuthorizationManager,Assembly">
    <authorizationPolicies>
      <add policyType="Namespace.AdamAuthorizationManager,Assembly" />
    </authorizationPolicies>
  </serviceAuthorization>
  <serviceCredentials>
    <clientCertificate> …

我在为WCF服务配置ServiceBehavior时遇到问题.

一些背景.基本上我正在开发一个应该在IIS上运行的REST服务WCF.我需要能够记录服务抛出的异常(我正在使用log4net)并根据异常类型返回HTTP状态代码.我希望我的服务实现对WCF相关的东西知之甚少,所以我不想在服务的每个地方将异常转换为FaultException.所以我发现将自己的IErrorHandler添加到服务主机是最好的方法.

我的问题是,无论我尝试什么,我似乎无法在Web.config中获得我的自定义ServiceBehavior的配置.这是相关的代码.

网络配置.

<system.webServer>
  <modules runAllManagedModulesForAllRequests="true">
    <add name="UrlRoutingModule" type="System.Web.Routing.UrlRoutingModule, System.Web, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />
  </modules>
</system.webServer>

<system.serviceModel>
  <behaviors>
    <serviceBehaviors>
      <behavior name="UsingErrorLogBehavior">
        <errorLogBehavior/>
      </behavior>
    </serviceBehaviors>
    <endpointBehaviors>
      <behavior>
        <webHttp/>
      </behavior>
    </endpointBehaviors>
  </behaviors>
  <extensions>
    <behaviorExtensions>
      <add name="errorLogBehavior"
           type="MyNameSpace.Web.ErrorExtensionElement, MyNameSpace.Web"/>
    </behaviorExtensions>
  </extensions>
  <serviceHostingEnvironment aspNetCompatibilityEnabled="true"/>
  <standardEndpoints>
    <webHttpEndpoint>
      <standardEndpoint name="" helpEnabled="true" 
                        automaticFormatSelectionEnabled="false" 
                        defaultOutgoingResponseFormat="Json" 
                        maxReceivedMessageSize="4194304" transferMode="Buffered" />
    </webHttpEndpoint>
  </standardEndpoints>
</system.serviceModel>

ErrorExtensionElement.

namespace MyNameSpace.Web
{
    public class ErrorExtensionElement : BehaviorExtensionElement
    {
        public override Type BehaviorType
        {
            get { return typeof(ErrorServiceBehavior); }
        }

        protected override object CreateBehavior()
        { …

我的站点调用一个服务(让我们称之为FooService),它需要一组非常复杂的身份验证协议.这些协议都包含在自定义的ClientCredentials行为中,该行为在代码中声明如下:

class FooServiceCredentialsBehavior : ClientCredentials 
{
    public FooServiceCredentialsBehavior()
    {
        //Set up service certificate
        var cert = CertStore.FindBySerialNumber(certSerialNumber);
        base.ServiceCertificate.DefaultCertificate = cert;
    }
}

然后我们注册行为扩展:

  <behaviorExtensions>
    <add name="FooServiceCredentials" type="MyProject.Namespace.FooService, MyProject" />
  </behaviorExtensions>

配置endpointBehavior以使用它:

<endpointBehaviors>
    <behavior name="FooServiceCredentialsBehavior">
      <FooServiceCredentials />
    </behavior>

并设置端点以使用它:

<endpoint address="https://fooservice.com/bar"
          behaviorConfiguration="FooServiceCredentialsBehavior"
          contract="FooService_PortType" />

以上所有工作都很完美,并且已经为许多客户服务多年.

我现在正在将这些内容部署到无法访问CRL服务器的系统,并且自定义行为包括已启用验证的服务证书.所以我需要关闭验证.但是我无法修改FooServiceCredentials类.如果可以,我会这样做:

base.ServiceCertificate.Authentication.CertificateValidationMode = X509CertificateValidationMode.None;

但我不能.

我想知道是否可以添加应用于将执行相同操作的自定义凭据行为的WCF配置.像这样的东西:

<endpointBehaviors>
    <behavior name="FooServiceCredentialsBehavior">
      <FooService>
          <ServiceCertificate>
              <authentication certificateValidationMode="None"/>
          </ServiceCertificate>
      </FooService>
    </behavior>

这个确切的XML不起作用(该服务甚至不会启动)但我希望有一些神奇的方法可以安排这些标签来禁用仅来自配置的服务证书验证.

可能吗？怎么样？

我对WCF开发相当新,并且在学习框架时遇到了一些问题.我有一个必须支持REST和SOAP的服务api.到目前为止,这很容易实现,特别是使用WCF4和路由.

我目前正在进行授权,并设法通过创建两个新的管理器类来扩展AuthorizationManager:"ApiKeyAuthorizationManager"和"ApiKeyAndTokenAuthorizationManager"

我的大多数服务都需要ApiKey和Token(GUIDS)才能出现; 在最初进行身份验证时,您只需要一个有效的ApiKey和密码来接收令牌.

到目前为止,REST正在完美地工作,因为授权管理器会查询查询字符串以获取ApiKey和/或令牌.

例如,服务uri看起来像:*http://api.domain.com/Service/Operation/ {someVariableValue}？ApiKey = GUID&Token = GUID

我现在的问题是授权SOAP服务调用.我做了一些研究,并在实施之前得出了一些我想验证的结论.

为了使用自定义凭据授权SOAP,我应该:

1. 创建自定义服务令牌(MSDN)
2. 通过创建自定义SecurityTokenProvider,SecurityTokenAuthenticator和SecurityTokenSerializer(MSDN)来扩展WCF
3. 通过创建自定义AuthorizationPolicies(MSDN)扩展WCF

我是在正确的轨道吗？所有这些步骤是否都适合我的方案？似乎只是为了验证由两个GUID组成的凭证而进行的定制.

谢谢!

[编辑#1]

这是一项非常艰巨的任务.自定义凭据和安全令牌几乎没有记录.找到高质量的博客文章本身已经证明几乎不可能.我一直在偷偷摸摸,我已经非常接近有一个有效的解决方案了.我甚至打过这篇文章中描述的相同路障.

当我尝试访问我的服务以发现wsdl或mex时,我收到此错误:

The service encountered an error.

An ExceptionDetail, likely created by IncludeExceptionDetailInFaults=true, whose value is:
System.InvalidOperationException: An exception was thrown in a call to a policy export extension.
Extension: System.ServiceModel.Channels.SymmetricSecurityBindingElement
Error: Specified argument was out of the range of valid values.
Parameter name: parameters ----> System.ArgumentOutOfRangeException: Specified argument was out of …