WCF - wsHttpBinding with UserName Autentication an

2019-09-17 10:09发布

问题:

I'm trying to create WCF applications with username authentication. And this error occurring.

This is the service configuration:

Web.config

<?xml version="1.0"?>
<configuration>
  <system.web>
    <compilation debug="true" targetFramework="4.0" />
  </system.web>
  <system.serviceModel>
    <services>
      <service name="Jsl.BureauInf.Services.BureauInfSVC" behaviorConfiguration="ServiceBehavior">
        <endpoint address="" binding="wsHttpBinding" contract="Jsl.BureauInf.Contracts.ICliente" bindingConfiguration="ServiceBinding"/>
        <endpoint address="" binding="wsHttpBinding" contract="Jsl.BureauInf.Contracts.IMotorista"  bindingConfiguration="ServiceBinding"/>
        <endpoint address="" binding="wsHttpBinding" contract="Jsl.BureauInf.Contracts.ITransportadora" bindingConfiguration="ServiceBinding"/>
        <endpoint address="" binding="wsHttpBinding" contract="Jsl.BureauInf.Contracts.IVeiculo" bindingConfiguration="ServiceBinding"/>
        <endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" />
      </service>
    </services>
    <bindings>
      <wsHttpBinding>
        <binding name="ServiceBinding">
          <security mode="Message">
            <message clientCredentialType="UserName"/>
          </security>
        </binding>
      </wsHttpBinding>
    </bindings>
    <behaviors>
      <serviceBehaviors>
        <behavior name="ServiceBehavior">
          <serviceDebug httpHelpPageEnabled="true" includeExceptionDetailInFaults="true" />
          <serviceMetadata httpGetEnabled="True"/>
          <serviceCredentials>
            <serviceCertificate findValue="Uareubinf"
                  storeLocation="LocalMachine"
                  storeName="My"
                  x509FindType="FindBySubjectName" />
            <userNameAuthentication userNamePasswordValidationMode="Custom"
                customUserNamePasswordValidatorType="Jsl.BureauInf.Security.Autenticacao, Jsl.BureauInf.Security" />
          </serviceCredentials>
        </behavior>
      </serviceBehaviors>
    </behaviors>
    <serviceHostingEnvironment multipleSiteBindingsEnabled="true" />
  </system.serviceModel>
  <system.webServer>
    <modules runAllManagedModulesForAllRequests="true"/>
  </system.webServer>
  <system.net>
    <defaultProxy useDefaultCredentials="true"/>
  </system.net>
</configuration>

Class Autentication

namespace Jsl.BureauInf.Security
{
public class Autenticacao : UserNamePasswordValidator
{
    public override void Validate(string userName, string password)
    {
        if (userName != "yaron")
            throw new SecurityTokenException("Unknown Username or Password");
    }
}
}

Client

    BureauService.TransportadoraClient service = new BureauService.TransportadoraClient();
    service.ClientCredentials.UserName.UserName = "xxx";
    service.ClientCredentials.UserName.Password = "xxx";
    service.ClientCredentials.ServiceCertificate.Authentication.CertificateValidationMode = System.ServiceModel.Security.X509CertificateValidationMode.None;

    BureauService.RESPOSTADTC rep = service.ConsultarTransportadora(consulta);

When the client makes request for service triggers the following error:

InnerException.Message: An error occurred when processing the security tokens in the message.

Message: An unsecured or incorrectly secured fault was received from the other party. See the inner FaultException for the fault code and detail.

What should I do to fix this error?

回答1:

This response can happen for a several reasons. The two that I suspect the most are:

  1. You are sending the incorrect client credentials to the server. I see you are sending a UserName and Password as "xxx". However, your server is expecting a UserName of "yaron". This is the expected response from the server in that case.

  2. The client machine has an invalid time or one that is more than 5 minutes different from the server. The default MaxClockSkew value for the WSHttpBinding is 5 minutes.