服务总线 1.0 和 WCF NetMessagingBinding - 令牌提供程序无法提供安全令牌

Posted

技术标签:

【中文标题】服务总线 1.0 和 WCF NetMessagingBinding - 令牌提供程序无法提供安全令牌【英文标题】:service bus 1.0 and WCF NetMessagingBinding - token provider unable to provide security token 【发布时间】:2013-08-04 13:53:25 【问题描述】:

我在本地使用 Service Bus for Windows Service 1.0(客户端引用 Microsoft.ServiceBus.dll 1.8.0.0)

我正在尝试让 WCF 客户端和服务 NetMessagingBinding 示例正常工作。

我只是想向服务总线提交一条消息并将其发送到我的 wcf 服务。

目前我在提交时遇到问题,因为它找不到令牌提供者:

我有以下代码:

  private const string Issuer = "myIssuerName";
  private const string Key = "BBBBBB=";
  private static readonly Uri ServiceBusEndpointAddress =
        new Uri("sb://servicebusdefaultnamespace.servicebus.windows.net/Orders/");

  private static void Main(string[] args)
    
        //SetUp
        var binding = new NetMessagingBinding();
        var contract = ContractDescription.GetContract(typeof (IOrderService), typeof (OrderService));

        var transportBehavior = new TransportClientEndpointBehavior();
        transportBehavior.TokenProvider = TokenProvider.CreateSharedSecretTokenProvider(Issuer, Key);

        var endpoint = new ServiceEndpoint(contract, binding,
                                           new EndpointAddress(ServiceBusEndpointAddress.AbsoluteUri));
        endpoint.Behaviors.Add(transportBehavior);

        var host = new ServiceHost(typeof (OrderService), ServiceBusEndpointAddress);
        host.AddServiceEndpoint(endpoint);

        host.Open();


        //send message to queue

        var factory = new ChannelFactory<IOrderService>(endpoint);
        var client = factory.CreateChannel();

        var order = new Order();
        order.OrderId = 42;

        //this is where the exception is raised
        client.ProcessOrder(order);
        factory.Close();

        Console.ReadLine();

//我的订单类是这样的:

 [ServiceContract()]
 public interface IOrderService
 
    [OperationContract(IsOneWay = true)]
    void ProcessOrder(Order order);
 

[DataContract()]
public class Order

    [DataMember]
    public Int64 OrderId;

但是当我尝试发送到队列时 (client.ProcessOrder(order);)

我得到一个 502:

  unauthorisedaccessexception
   The token provider was unable to provide a security token while accessing  
'https://servicebusdefaultnamespace-sb.accesscontrol.windows.net/WRAPv0.9/'. Token 
  provider returned message: 'The remote name could not be resolved:       'servicebusdefaultnamespace-sb.accesscontrol.windows.net''.
 The remote name could not be resolved: 'servicebusdefaultnamespace- sb.accesscontrol.windows.net'

 at System.Net.HttpWebRequest.GetRequestStream(TransportContext& context)
 at System.Net.HttpWebRequest.GetRequestStream()
 at Microsoft.ServiceBus.TokenProviderHelper.GetAccessTokenCore(Uri requestUri, String 
 appliesTo, String requestToken, String simpleAuthAssertionFormat, TimeSpan timeout,  
  String& expiresIn)

提琴手告诉我:

  [Fiddler] DNS Lookup for "servicebusdefaultnamespace-sb.accesscontrol.windows.net" failed. The requested name is valid, but no data of the requested type was found

所以我想知道问题是什么:

    sb://servicebusdefaultnamespace.servicebus.windows.net/Orders/ 是设置我的端点的正确 URI 吗?我问这个是因为当我得到 get-sbClientConfiguration - 我的连接字符串是:

       Endpoint=sb://myPC/ServiceBusDefaultNamespace;
   StsEndpoint=https://myPC:9355/ServiceBusDefaultNamespace;
   RuntimePort=9354;ManagementPort=9355

    还是因为我不能在 prem 上使用 sharedsecret? (我更喜欢使用这种认证方式)

谁能发现问题?

感谢您的帮助

【问题讨论】:

【参考方案1】:

刚刚开始工作!

有两件事错了:一是我认为通过添加 servicebus.windows.net 命名空间,我试图调用 azure 令牌提供程序。

    所以我创建了一个 windowsTokenProvider,URI 是 sts 地址

    https://mypc:9355/ServiceBusDefaultNamespace

你可以通过运行这个 powershell cmd 找到这个:

   get-sbclientconfiguration

    然后我将我的服务端点地址更改为:(删除 servicebus.windows.net)

       sb://mypcname/servicebusdefaultnamespace/Orders

它现在正在发布到服务总线。

这是最终代码:

    private static void Main(string[] args)
    

        var ServiceBusEndpointAddress = new Uri("sb://mypc/servicebusdefaultnamespace/Orders");

        //SetUp
        var binding = new NetMessagingBinding();
        var contract = ContractDescription.GetContract(typeof (IOrderService), typeof (OrderService));
        var uri = new Uri("https://mypc:9355/ServiceBusDefaultNamespace");
        var uris = new List<Uri>  uri ;
        // Get credentials as Endpoint behavior
        var securityBehavior = new TransportClientEndpointBehavior
            
                TokenProvider = TokenProvider.CreateWindowsTokenProvider(uris)
            ;

        var endpoint = new ServiceEndpoint(contract, binding,
                                           new EndpointAddress(ServiceBusEndpointAddress));
        endpoint.Behaviors.Add(securityBehavior);

        var host = new ServiceHost(typeof(OrderService), uri);
        host.AddServiceEndpoint(endpoint);

        host.Open();


        //Client

        var factory = new ChannelFactory<IOrderService>(endpoint);
        var client = factory.CreateChannel();

        var order = new Order();
        order.OrderId = 42;

        client.ProcessOrder(order);
        factory.Close();

        Console.ReadLine();

【讨论】:

以上是关于服务总线 1.0 和 WCF NetMessagingBinding - 令牌提供程序无法提供安全令牌的主要内容,如果未能解决你的问题,请参考以下文章

是否可以创建 WCF 服务端点来处理来自 Azure 服务总线的死信?

将 Azure 服务总线队列与 WCF 结合使用的优势

在 WCF Azure 服务总线中动态分配 json 响应内容类型

服务总线 1.1 和中继绑定

Azure 服务总线中继偶发性故障异常

CoreWCF 1.0 正式发布,支持 .NET Core 和 .NET 5+ 的 WCF