【发布时间】:2011-06-21 09:54:13
【问题描述】:
我们的客户也面临着困扰somanyother人们的同样的时钟偏差问题。
这些页面中的答案和进一步的网络搜索帮助很大,但我遇到了一个不同的问题。
在我的本地机器上调试时,我可以看到绑定的属性设置正确。
但由于我无法在本地测试代码(我只有一个时钟),我必须将服务发布到测试服务器。然而,当我连接到带有倾斜时钟的服务时,我仍然收到MessageSecurityExceptions。
我的第一个想法是绑定在创建后被修改,但我和这个项目的同事都确认绑定是创建一次并且之后没有触及。
我显然做错了 [TM]。如果有人能阐明此事,我将不胜感激。提前谢谢你。
这是创建绑定的代码:
WSHttpBinding binding = new WSHttpBinding();
binding.Security.Mode = SecurityMode.TransportWithMessageCredential;
binding.Security.Message.ClientCredentialType = MessageCredentialType.UserName;
// ... blah blah ...
// fix ongoing security
sbe.LocalClientSettings.DetectReplays = false;
sbe.LocalClientSettings.MaxClockSkew = TimeSpan.MaxValue;
sbe.LocalClientSettings.SessionKeyRenewalInterval = TimeSpan.MaxValue;
sbe.LocalServiceSettings.DetectReplays = false;
sbe.LocalServiceSettings.MaxClockSkew = TimeSpan.MaxValue;
sbe.LocalServiceSettings.SessionKeyRenewalInterval = TimeSpan.MaxValue;
// fix bootstrap security
SecureConversationSecurityTokenParameters sct = null;
if (sbe is SymmetricSecurityBindingElement)
{
SecurityTokenParameters tokenParameters =
((SymmetricSecurityBindingElement)sbe).ProtectionTokenParameters;
if (tokenParameters is SecureConversationSecurityTokenParameters)
{
sct = tokenParameters as SecureConversationSecurityTokenParameters;
}
}
else if (sbe is TransportSecurityBindingElement)
{
sct = sbe.EndpointSupportingTokenParameters
.Endorsing
.OfType<SecureConversationSecurityTokenParameters>()
.FirstOrDefault();
}
else
{
throw new ArgumentException("Binding has neiter a " +
"SymmetricSecurityBindingElement nor " +
"TransportSecurityBindingElement");
}
SecurityBindingElement bootbe = sct.BootstrapSecurityBindingElement;
bootbe.LocalClientSettings.DetectReplays = false;
bootbe.LocalClientSettings.MaxClockSkew = TimeSpan.MaxValue;
bootbe.LocalClientSettings.SessionKeyRenewalInterval = TimeSpan.MaxValue;
bootbe.LocalServiceSettings.DetectReplays = false;
bootbe.LocalServiceSettings.MaxClockSkew = TimeSpan.MaxValue;
bootbe.LocalServiceSettings.SessionKeyRenewalInterval = TimeSpan.MaxValue;
这是我在服务跟踪日志中收到的异常的调用堆栈:
System.ServiceModel.Security.MessageSecurityException, System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
System.ServiceModel.Security.TransportSecurityProtocol.VerifyIncomingMessage(Message& message, TimeSpan timeout)
System.ServiceModel.Security.SecurityProtocol.VerifyIncomingMessage(Message& message, TimeSpan timeout, SecurityProtocolCorrelationState[] correlationStates)
System.ServiceModel.Channels.SecurityChannelListener`1.ServerSecurityChannel`1.VerifyIncomingMessage(Message& message, TimeSpan timeout, SecurityProtocolCorrelationState[] correlationState)
System.ServiceModel.Channels.SecurityChannelListener`1.SecurityReplyChannel.ProcessReceivedRequest(RequestContext requestContext, TimeSpan timeout)
System.ServiceModel.Channels.SecurityChannelListener`1.ReceiveItemAndVerifySecurityAsyncResult`2.OnInnerReceiveDone()
System.ServiceModel.Channels.SecurityChannelListener`1.ReceiveItemAndVerifySecurityAsyncResult`2.InnerTryReceiveCompletedCallback(IAsyncResult result)
System.Runtime.Fx.AsyncThunk.UnhandledExceptionFrame(IAsyncResult result)
System.Runtime.AsyncResult.Complete(Boolean completedSynchronously)
System.Runtime.InputQueue`1.AsyncQueueReader.Set(Item item)
System.Runtime.InputQueue`1.Dispatch()
System.Runtime.ActionItem.DefaultActionItem.Invoke()
System.Runtime.ActionItem.CallbackHelper.InvokeWithoutContext(Object state)
System.Runtime.IOThreadScheduler.ScheduledOverlapped.IOCallback(UInt32 errorCode, UInt32 numBytes, NativeOverlapped* nativeOverlapped)
System.Runtime.Fx.IOCompletionThunk.UnhandledExceptionFrame(UInt32 error, UInt32 bytesRead, NativeOverlapped* nativeOverlapped)
System.Threading._IOCompletionCallback.PerformIOCompletionCallback(UInt32 errorCode, UInt32 numBytes, NativeOverlapped* pOVERLAP)
【问题讨论】:
-
设置是应用在服务上还是客户端上?
-
绑定在服务器和客户端上创建相同;这就是为什么该服务同时在
LocalClientSettings和LocalServiceSettings上设置选项 -
你遇到了什么异常?
-
您解决过这个问题吗?我想我也有同样的问题。
标签: c# .net wcf security binding