WCF 禁用匿名身份验证
WCF disable anonymous authentication
实际上我对 WCF 有点问题。一切正常,除了当我在 IIS 上禁用 Aninymous 身份验证时,没有返回任何结果。这段代码不是我写的,是一个离开公司的同事写的。
这是 WCF 的 Web.Config 形式:
<?xml version="1.0"?>
<configuration>
<system.diagnostics>
<sources>
<source name="System.ServiceModel"
switchValue="Information, ActivityTracing"
propagateActivity="true" >
<listeners>
<add name="xml"/>
</listeners>
</source>
<source name="System.ServiceModel.MessageLogging">
<listeners>
<add name="xml"/>
</listeners>
</source>
<source name="myUserTraceSource"
switchValue="Information, ActivityTracing">
<listeners>
<add name="xml"/>
</listeners>
</source>
</sources>
<sharedListeners>
<add name="xml"
type="System.Diagnostics.XmlWriterTraceListener"
initializeData="Error.svclog"/>
</sharedListeners>
</system.diagnostics>
<appSettings>
<add key="aspnet:UseTaskFriendlySynchronizationContext" value="true"/>
</appSettings>
<uri>
<schemeSettings>
<clear/>
<add name="http" genericUriParserOptions="DontUnescapePathDotsAndSlashes"/>
<add name="https" genericUriParserOptions="DontUnescapePathDotsAndSlashes"/>
</schemeSettings>
</uri>
<system.net>
<settings>
<httpListener unescapeRequestUrl="false"/>
</settings>
</system.net>
<system.web>
<httpRuntime maxQueryStringLength="2048" maxUrlLength="4000" requestPathInvalidCharacters="" requestValidationMode="2.0" targetFramework="4.5"/>
<pages validateRequest="false"/>
<compilation targetFramework="4.5" debug="true"/>
</system.web>
<system.serviceModel>
<behaviors>
<endpointBehaviors>
<behavior name="RestBehavior">
<webHttp/>
</behavior>
</endpointBehaviors>
<serviceBehaviors>
<behavior name="MetadataBehavior">
<serviceMetadata httpsGetEnabled="true" httpGetEnabled="true"/>
</behavior>
</serviceBehaviors>
</behaviors>
<serviceHostingEnvironment multipleSiteBindingsEnabled="true"/>
<bindings>
<basicHttpBinding>
<binding name="secureHttpBinding">
<security mode="Transport">
<transport clientCredentialType="Windows" />
</security>
</binding>
</basicHttpBinding>
<webHttpBinding>
<binding name="https" maxReceivedMessageSize="65536">
<readerQuotas maxDepth="2147483647" maxStringContentLength="2147483647"
maxArrayLength="2147483647" maxBytesPerRead="2147483647" maxNameTableCharCount="2147483647" />
<security mode="Transport" />
</binding>
</webHttpBinding>
</bindings>
<services>
<service behaviorConfiguration="MetadataBehavior" name="MyWCF.MyService">
<!-- Configuration HTTPS-->
<!--<endpoint address="SoapSecure" binding="basicHttpBinding" bindingConfiguration="secureHttpBinding" contract="MyWCF.IMyService"/>
<endpoint behaviorConfiguration="RestBehavior" binding="webHttpBinding" bindingConfiguration="https" name="REST" contract="MyWCF.IMyService"/>-->
<!-- Configuration HTTP-->
<endpoint address="Soap" binding="basicHttpBinding" bindingConfiguration="" contract="MyWCF.IMyService"/>
<endpoint behaviorConfiguration="RestBehavior" binding="webHttpBinding" bindingConfiguration="" name="REST" contract="MyWCF.IMyService"/>
</service>
</services>
</system.serviceModel>
<system.webServer>
<security>
<requestFiltering allowDoubleEscaping="true"/>
</security>
<modules runAllManagedModulesForAllRequests="true"/>
<!--
Pour parcourir le répertoire racine de l'application Web lors du débogage, définissez la valeur ci-dessous sur true.
Définissez-la sur false avant le déploiement pour ne pas divulguer d'informations du dossier de l'application Web.
-->
<directoryBrowse enabled="true"/>
<!-- MK 27/10/2014: Access control same origin hotfix-->
<httpProtocol>
<customHeaders>
<add name="Access-Control-Allow-Origin" value="*"/>
</customHeaders>
</httpProtocol>
</system.webServer>
</configuration>
现在,这个问题的解决对客户来说至关重要,所以我非常感谢建议和任何形式的帮助。
感谢您的宝贵时间
如果您要禁用匿名身份验证,您还必须将 clientCredentialType 设置为 None
<security mode="Transport">
<transport clientCredentialType="None" />
</security>
实际上我对 WCF 有点问题。一切正常,除了当我在 IIS 上禁用 Aninymous 身份验证时,没有返回任何结果。这段代码不是我写的,是一个离开公司的同事写的。 这是 WCF 的 Web.Config 形式:
<?xml version="1.0"?>
<configuration>
<system.diagnostics>
<sources>
<source name="System.ServiceModel"
switchValue="Information, ActivityTracing"
propagateActivity="true" >
<listeners>
<add name="xml"/>
</listeners>
</source>
<source name="System.ServiceModel.MessageLogging">
<listeners>
<add name="xml"/>
</listeners>
</source>
<source name="myUserTraceSource"
switchValue="Information, ActivityTracing">
<listeners>
<add name="xml"/>
</listeners>
</source>
</sources>
<sharedListeners>
<add name="xml"
type="System.Diagnostics.XmlWriterTraceListener"
initializeData="Error.svclog"/>
</sharedListeners>
</system.diagnostics>
<appSettings>
<add key="aspnet:UseTaskFriendlySynchronizationContext" value="true"/>
</appSettings>
<uri>
<schemeSettings>
<clear/>
<add name="http" genericUriParserOptions="DontUnescapePathDotsAndSlashes"/>
<add name="https" genericUriParserOptions="DontUnescapePathDotsAndSlashes"/>
</schemeSettings>
</uri>
<system.net>
<settings>
<httpListener unescapeRequestUrl="false"/>
</settings>
</system.net>
<system.web>
<httpRuntime maxQueryStringLength="2048" maxUrlLength="4000" requestPathInvalidCharacters="" requestValidationMode="2.0" targetFramework="4.5"/>
<pages validateRequest="false"/>
<compilation targetFramework="4.5" debug="true"/>
</system.web>
<system.serviceModel>
<behaviors>
<endpointBehaviors>
<behavior name="RestBehavior">
<webHttp/>
</behavior>
</endpointBehaviors>
<serviceBehaviors>
<behavior name="MetadataBehavior">
<serviceMetadata httpsGetEnabled="true" httpGetEnabled="true"/>
</behavior>
</serviceBehaviors>
</behaviors>
<serviceHostingEnvironment multipleSiteBindingsEnabled="true"/>
<bindings>
<basicHttpBinding>
<binding name="secureHttpBinding">
<security mode="Transport">
<transport clientCredentialType="Windows" />
</security>
</binding>
</basicHttpBinding>
<webHttpBinding>
<binding name="https" maxReceivedMessageSize="65536">
<readerQuotas maxDepth="2147483647" maxStringContentLength="2147483647"
maxArrayLength="2147483647" maxBytesPerRead="2147483647" maxNameTableCharCount="2147483647" />
<security mode="Transport" />
</binding>
</webHttpBinding>
</bindings>
<services>
<service behaviorConfiguration="MetadataBehavior" name="MyWCF.MyService">
<!-- Configuration HTTPS-->
<!--<endpoint address="SoapSecure" binding="basicHttpBinding" bindingConfiguration="secureHttpBinding" contract="MyWCF.IMyService"/>
<endpoint behaviorConfiguration="RestBehavior" binding="webHttpBinding" bindingConfiguration="https" name="REST" contract="MyWCF.IMyService"/>-->
<!-- Configuration HTTP-->
<endpoint address="Soap" binding="basicHttpBinding" bindingConfiguration="" contract="MyWCF.IMyService"/>
<endpoint behaviorConfiguration="RestBehavior" binding="webHttpBinding" bindingConfiguration="" name="REST" contract="MyWCF.IMyService"/>
</service>
</services>
</system.serviceModel>
<system.webServer>
<security>
<requestFiltering allowDoubleEscaping="true"/>
</security>
<modules runAllManagedModulesForAllRequests="true"/>
<!--
Pour parcourir le répertoire racine de l'application Web lors du débogage, définissez la valeur ci-dessous sur true.
Définissez-la sur false avant le déploiement pour ne pas divulguer d'informations du dossier de l'application Web.
-->
<directoryBrowse enabled="true"/>
<!-- MK 27/10/2014: Access control same origin hotfix-->
<httpProtocol>
<customHeaders>
<add name="Access-Control-Allow-Origin" value="*"/>
</customHeaders>
</httpProtocol>
</system.webServer>
</configuration>
现在,这个问题的解决对客户来说至关重要,所以我非常感谢建议和任何形式的帮助。
感谢您的宝贵时间
如果您要禁用匿名身份验证,您还必须将 clientCredentialType 设置为 None
<security mode="Transport">
<transport clientCredentialType="None" />
</security>