调用 WCF 服务时出现 NotSupportedException(此上下文中不支持加密算法)
NotSupportedException when calling WCF service (Crypto algorithm not supported in this context)
我正在尝试将 WCF 与联合一起使用。因此,我的客户端从 STS 获取令牌,使用颁发的令牌打开通道,最后调用服务。
然后,我收到以下异常:
System.NotSupportedException
HResult=0x80131515
Message=Crypto algorithm not supported in this context.
Source=mscorlib
StackTrace:
at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)
at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
at FederatedClientForWCF.MySomeService.ISomeService.Revert(String text)
at FederatedClientForWCF.Program.Main(String[] args) in D:\Spikes\FederatedClientForWCF\FederatedClientForWCF\Program.cs:line 81
请注意,缺少算法名称。
这是我的客户端代码(没有获取令牌的细节):
// get the token
var token = RequestTrustToken();
// setup the binding
var binding = new CustomBinding(
SymmetricSecurityBindingElement.CreateIssuedTokenBindingElement(
new IssuedSecurityTokenParameters("http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1")),
new TextMessageEncodingBindingElement(),
new HttpTransportBindingElement());
// explicitely use relative fed-endpoint
var endpointAddress = new EndpointAddress("http://localhost:53279/service/someservice/fed");
// build the factory
var factory = new ChannelFactory<ISomeService>(binding, endpointAddress);
factory.Credentials.ServiceCertificate.Authentication.CertificateValidationMode = X509CertificateValidationMode.None;
factory.Credentials.ServiceCertificate.Authentication.RevocationMode = X509RevocationMode.NoCheck;
factory.Credentials.SupportInteractive = false;
// create channel
var channel = factory.CreateChannelWithIssuedToken(token);
// try it
var reverted = channel.Revert(helloWorld);
在服务端,服务配置如下所示,我省略了身份配置,但如果需要,我可以 post 它:
<!-- Der Service der gehostet wird. -->
<service name="SomeService.SomeService" behaviorConfiguration="SomeServiceBehavior">
<host>
<baseAddresses>
<add baseAddress="http://localhost:53279/service/someservice"/>
</baseAddresses>
</host>
<endpoint address="" binding="wsHttpBinding" contract="SomeService.Contract.ISomeService"/>
<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange"/>
<endpoint address="fed" binding="customBinding" bindingConfiguration="federatedBinding" contract="SomeService.Contract.ISomeService" />
</service>
</services>
<bindings>
<customBinding>
<binding name="federatedBinding">
<security authenticationMode="IssuedToken">
<issuedTokenParameters tokenType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1" keyType="SymmetricKey" />
</security>
<textMessageEncoding />
<httpTransport />
</binding>
</customBinding>
</bindings>
<behaviors>
<serviceBehaviors>
<behavior name="SomeServiceBehavior">
<serviceMetadata httpGetEnabled="true"/>
<serviceDebug includeExceptionDetailInFaults="true"/>
<serviceCredentials useIdentityConfiguration="true" />
</behavior>
</serviceBehaviors>
</behaviors>
</system.serviceModel>
异常是什么意思?我在任何地方都缺少加密算法吗?
前一段时间已经通过使用配置方法而不是通过代码设置绑定和所有手动方式修复了该问题。精确点是使用 SecurityBinding 而不是 SymetricSecurityBinding:
var binding = new CustomBinding(
SecurityBindingElement.CreateIssuedTokenBindingElement(
new IssuedSecurityTokenParameters("http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1")),
new TextMessageEncodingBindingElement(),
new HttpTransportBindingElement());
我正在尝试将 WCF 与联合一起使用。因此,我的客户端从 STS 获取令牌,使用颁发的令牌打开通道,最后调用服务。
然后,我收到以下异常:
System.NotSupportedException
HResult=0x80131515
Message=Crypto algorithm not supported in this context.
Source=mscorlib
StackTrace:
at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)
at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
at FederatedClientForWCF.MySomeService.ISomeService.Revert(String text)
at FederatedClientForWCF.Program.Main(String[] args) in D:\Spikes\FederatedClientForWCF\FederatedClientForWCF\Program.cs:line 81
请注意,缺少算法名称。
这是我的客户端代码(没有获取令牌的细节):
// get the token
var token = RequestTrustToken();
// setup the binding
var binding = new CustomBinding(
SymmetricSecurityBindingElement.CreateIssuedTokenBindingElement(
new IssuedSecurityTokenParameters("http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1")),
new TextMessageEncodingBindingElement(),
new HttpTransportBindingElement());
// explicitely use relative fed-endpoint
var endpointAddress = new EndpointAddress("http://localhost:53279/service/someservice/fed");
// build the factory
var factory = new ChannelFactory<ISomeService>(binding, endpointAddress);
factory.Credentials.ServiceCertificate.Authentication.CertificateValidationMode = X509CertificateValidationMode.None;
factory.Credentials.ServiceCertificate.Authentication.RevocationMode = X509RevocationMode.NoCheck;
factory.Credentials.SupportInteractive = false;
// create channel
var channel = factory.CreateChannelWithIssuedToken(token);
// try it
var reverted = channel.Revert(helloWorld);
在服务端,服务配置如下所示,我省略了身份配置,但如果需要,我可以 post 它:
<!-- Der Service der gehostet wird. -->
<service name="SomeService.SomeService" behaviorConfiguration="SomeServiceBehavior">
<host>
<baseAddresses>
<add baseAddress="http://localhost:53279/service/someservice"/>
</baseAddresses>
</host>
<endpoint address="" binding="wsHttpBinding" contract="SomeService.Contract.ISomeService"/>
<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange"/>
<endpoint address="fed" binding="customBinding" bindingConfiguration="federatedBinding" contract="SomeService.Contract.ISomeService" />
</service>
</services>
<bindings>
<customBinding>
<binding name="federatedBinding">
<security authenticationMode="IssuedToken">
<issuedTokenParameters tokenType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1" keyType="SymmetricKey" />
</security>
<textMessageEncoding />
<httpTransport />
</binding>
</customBinding>
</bindings>
<behaviors>
<serviceBehaviors>
<behavior name="SomeServiceBehavior">
<serviceMetadata httpGetEnabled="true"/>
<serviceDebug includeExceptionDetailInFaults="true"/>
<serviceCredentials useIdentityConfiguration="true" />
</behavior>
</serviceBehaviors>
</behaviors>
</system.serviceModel>
异常是什么意思?我在任何地方都缺少加密算法吗?
前一段时间已经通过使用配置方法而不是通过代码设置绑定和所有手动方式修复了该问题。精确点是使用 SecurityBinding 而不是 SymetricSecurityBinding:
var binding = new CustomBinding(
SecurityBindingElement.CreateIssuedTokenBindingElement(
new IssuedSecurityTokenParameters("http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1")),
new TextMessageEncodingBindingElement(),
new HttpTransportBindingElement());