WebServiceHost在IIS中禁用匿名身份验证后不起作用
Posted
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了WebServiceHost在IIS中禁用匿名身份验证后不起作用相关的知识,希望对你有一定的参考价值。
我有一个与ws.net集成并在IIS中部署的rest wcf服务。启用匿名身份验证时,此方法工作正常。当禁用它时,在邮递员中使用rest api调用时会引发401错误。在IIS中,启用了匿名身份验证和窗体身份验证。现在,我禁用了匿名和表单,并且仅启用了Windows身份验证。我的代码如下:
public class SampleWebServiceHostFactory : WebServiceHostFactory
{
private Type ContractServiceType;
private static readonly log4net.ILog log = log4net.LogManager.GetLogger(System.Reflection.MethodBase.GetCurrentMethod().DeclaringType);
public SampleWebServiceHostFactory(Type contractServiceType):base()
{
ContractServiceType = contractServiceType;
}
protected override ServiceHost CreateServiceHost(Type serviceType, Uri[] baseAddresses)
{
WebServiceHost host = (WebServiceHost)base.CreateServiceHost(serviceType,baseAddresses);
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;
WebHttpBinding mybinding = new WebHttpBinding(WebHttpSecurityMode.Transport);
mybinding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Windows;
mybinding.MaxReceivedMessageSize = 2147483647;
mybinding.TransferMode = TransferMode.StreamedRequest;
mybinding.ReaderQuotas.MaxDepth = 1204;
mybinding.ReaderQuotas.MaxStringContentLength = 2147483647;
mybinding.ReaderQuotas.MaxArrayLength = 2147483647;
mybinding.ReaderQuotas.MaxBytesPerRead = 2147483647;
mybinding.ReaderQuotas.MaxNameTableCharCount = 2147483647;
mybinding.SendTimeout = new TimeSpan(4,0,0);
mybinding.ReceiveTimeout = new TimeSpan(4,0,0);
host.AddServiceEndpoint(ContractServiceType, mybinding, "");
host.Description.Behaviors.Add(new RestServiceBehavior());
log.Info("Testing1");
return host;
}
}
以下配置文件中的代码
<system.serviceModel>
<client/>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true"/>
<behaviors>
<serviceBehaviors>
<behavior>
<serviceMetadata httpGetEnabled="false" httpsGetEnabled="false"/>
<serviceDebug httpHelpPageEnabled="false" httpsHelpPageEnabled="false" includeExceptionDetailInFaults="true"/>
</behavior>
</serviceBehaviors>
</behaviors>
<bindings>
<webHttpBinding>
<binding receiveTimeout="00:10:00" sendTimeout="00:10:00" maxReceivedMessageSize="2147483647">
<readerQuotas maxDepth="64" maxStringContentLength="2147483647" maxArrayLength="2147483647" maxBytesPerRead="2147483647" maxNameTableCharCount="2147483647"/>
</binding>
</webHttpBinding>
</bindings>
</system.serviceModel>
我已启用登录Global.asax的功能,以查看发生问题的位置。触发Session_Start方法后,我在上面的代码中看到日志行“ Testing1”。之后,没有日志记录,当我在浏览器中使用url时,它在邮递员中抛出401错误,并继续询问用户名和密码。
答案
现在我们已经在WebServiceHostFactory的构造函数中设置了配置,无需在配置文件中单独配置它。
<webHttpBinding>
<binding receiveTimeout="00:10:00" sendTimeout="00:10:00" maxReceivedMessageSize="2147483647">
<readerQuotas maxDepth="64" maxStringContentLength="2147483647" maxArrayLength="2147483647" maxBytesPerRead="2147483647" maxNameTableCharCount="2147483647"/>
</binding>
</webHttpBinding>
我建议您参考下面的Windows身份验证配置。
<system.serviceModel>
<services>
<service name="WcfService3.Service1">
<endpoint address="" behaviorConfiguration="rest" contract="WcfService3.IService1" binding="webHttpBinding" bindingConfiguration="https"></endpoint>
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior>
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true"/>
</behavior>
</serviceBehaviors>
<endpointBehaviors>
<behavior name="rest">
<webHttp helpEnabled="true"/>
</behavior>
</endpointBehaviors>
</behaviors>
<bindings>
<webHttpBinding>
<binding name="https">
<security mode="Transport">
<transport clientCredentialType="Windows">
</transport>
</security>
</binding>
</webHttpBinding>
</bindings>
</system.serviceModel>
之后,请在IIS中禁用其他身份验证模式。调用服务时,我们需要提供一对Windows凭据。该凭据实际上是服务器端的Windows帐户,这使我们可以访问网站。请随时让我知道问题是否仍然存在。
以上是关于WebServiceHost在IIS中禁用匿名身份验证后不起作用的主要内容,如果未能解决你的问题,请参考以下文章