1. 首頁
  2. 問答
  3. WCF服務中存在隱藏的「訪問被拒絕」異常

WCF服務中存在隱藏的「訪問被拒絕」異常

2010-07-04 113 views
1

我有一個安全的WCF服務,並具有自定義驗證。當我的壓力測試吧 - 有幾個數十家客戶同時連接,我經常收到以下異常在我的服務器端日誌:WCF服務中存在隱藏的「訪問被拒絕」異常

System.ServiceModel.FaultException: Access is denied. 
    at System.ServiceModel.Dispatcher.AuthorizationBehavior.Authorize(MessageRpc& rpc) 
    at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage1(MessageRpc& rpc) 
    at System.ServiceModel.Dispatcher.MessageRpc.Process(Boolean isOperationContextSet)

我已經啓用通過System.Diagnostics程序但跟蹤只給我一個更長的堆棧跟蹤:

System.ServiceModel.Dispatcher.AuthorizationBehavior.Authorize(MessageRpc& rpc) 
System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage1(MessageRpc& rpc) 
System.ServiceModel.Dispatcher.MessageRpc.Process(Boolean isOperationContextSet) 
System.ServiceModel.Dispatcher.ChannelHandler.DispatchAndReleasePump(RequestContext request, Boolean cleanThread, OperationContext currentOperationContext) 
System.ServiceModel.Dispatcher.ChannelHandler.HandleRequest(RequestContext request, OperationContext currentOperationContext) 
System.ServiceModel.Dispatcher.ChannelHandler.AsyncMessagePump(IAsyncResult result) 
System.ServiceModel.Channels.IOThreadScheduler.CriticalHelper.WorkItem.Invoke2() 
System.Security.SecurityContext.Run(SecurityContext securityContext, ContextCallback callback, Object state) 
System.ServiceModel.Channels.IOThreadScheduler.CriticalHelper.WorkItem.Invoke() 
System.ServiceModel.Channels.IOThreadScheduler.CriticalHelper.ProcessCallbacks() 
System.ServiceModel.Channels.IOThreadScheduler.CriticalHelper.CompletionCallback(Object state) 
System.ServiceModel.Channels.IOThreadScheduler.CriticalHelper.ScheduledOverlapped.IOCallback(UInt32 errorCode, UInt32 numBytes, NativeOverlapped* nativeOverlapped) 
System.ServiceModel.Diagnostics.Utility.IOCompletionThunk.UnhandledExceptionFrame(UInt32 error, UInt32 bytesRead, NativeOverlapped* nativeOverlapped) 
System.Threading._IOCompletionCallback.PerformIOCompletionCallback

爲什麼會發生這種情況,我怎麼能找到更多關於這裏出了什麼問題?

感謝, urig

來源

2010-07-04 urig

回答

2

從「自定義身份驗證」和「[在]數十個客戶在同一時間連接」我猜想,您的自定義身份驗證(從堆棧跟蹤:授權部分)不完全是線程安全的。可能是授權部分中的任何錯誤都被(錯誤)診斷爲「訪問被拒絕」錯誤。

InnerException屬性中可能還有一些信息。但除此之外,也許你可以發佈一些你自己授權代碼的細節。

來源

2010-07-04 09:11:20

+0

謝謝Henk。這是一個很好的分析。我正在爲我的自定義身份驗證添加更多日誌記錄,稍後會進行更新。我如何通過代碼/日誌訪問innerException?它是拋出FaultException的WCF,所以你會在哪裏放置一個catch子句? – urig 2010-07-04 10:06:55

2

仍然沒有解決問題,但我確定它確實在我自己的自定義身份驗證機制 - 所以我接受Henk的答案。

對我來說,冒煙的槍被發現時,我加入診斷System.IdentityModel像這樣:

<system.diagnostics> 
     <sources> 
      <source name="System.IdentityModel" switchValue="All"> 
       <listeners> 
        <add type="System.Diagnostics.DefaultTraceListener" name="Default"> 
         <filter type="" /> 
        </add> 
        <add name="IdentityModelListener"> 
         <filter type="" /> 
        </add> 
       </listeners> 
      </source> 
     </sources> 
     <sharedListeners> 
      <add initializeData="C:\Tracing\App_identitymodellog.svclog" type="System.Diagnostics.XmlWriterTraceListener, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" 
      name="IdentityModelListener" traceOutputOptions="Timestamp, Callstack"> 
       <filter type="" /> 
      </add> 
     </sharedListeners> 
     <trace autoflush="true" /> 
    </system.diagnostics>

,並在產生的痕跡看到這一點:

System.Environment.get_StackTrace( ) System.Diagnostics.TraceEventCache.get_Callstack() System.Diagnostics.XmlWriterTraceListener.WriteFooter(TraceEventCache eventCache) System.Diagnostics.TraceSource.TraceData(TraceEventTy PE EVENTTYPE,的Int32 ID,對象數據) System.ServiceModel.Diagnostics.DiagnosticTrace.TraceEvent(TraceEventType 類型,TraceCode代碼,字符串 描述,TraceRecord跟蹤, 異常的異常,對象源) System.ServiceModel.Diagnostics.DiagnosticTrace .TraceEvent(TraceEventType 類型,TraceCode代碼,字符串 描述) System.IdentityModel.SecurityUtils.CreateDefaultAuthorizationContext(IList`1 authorizationPolicies) System.ServiceModel.ServiceSecurityContext.get_AuthorizationContext() Foo.Bar..Core.Security.SessionAuthorizationManager .CheckClaimSet(OperationContext 操作nContext)在... Foo.Bar..Core.Security.SessionAuthorizationManager.CheckAccess(的OperationContext 的OperationContext,消息&消息)在 ... > System.ServiceModel.Dispatcher.AuthorizationBehavior.Authorize(MessageRpc & RPC ) System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage1(MessageRpc & RPC) System.ServiceModel.Dispatcher.MessageRpc.Process(布爾 isOperationContextSet) System.ServiceModel.Dispatcher.ChannelHandler。DispatchAndReleasePump(的RequestContext 請求,布爾cleanThread, 的OperationContext currentOperationContext) System.ServiceModel.Dispatcher.ChannelHandler.HandleRequest(RequestContext的 請求,的OperationContext currentOperationContext) System.ServiceModel.Dispatcher.ChannelHandler.AsyncMessagePump(IAsyncResult的 結果) 系統.ServiceModel.Channels.IOThreadScheduler.CriticalHelper.WorkItem.Invoke2() System.Security.SecurityContext.Run(SecurityContext的 SecurityContext中,ContextCallback 回調,對象狀態) System.ServiceModel.Channels.IOThreadScheduler.CriticalHelper.WorkItem.Inv OKE() System.ServiceModel.Channels.IOThreadScheduler.CriticalHelper.ProcessCallbacks() System.ServiceModel.Channels.IOThreadScheduler.CriticalHelper.CompletionCallback(對象 狀態) System.ServiceModel.Channels.IOThreadScheduler.CriticalHelper.ScheduledOverlapped.IOCallback(UInt32的 的errorCode,UInt32的的numBytes, nativeOverlapped * nativeOverlapped) System.ServiceModel.Diagnostics.Utility.IOCompletionThunk.UnhandledExceptionFrame(UInt32的 誤差,UInt32的bytesRead, nativeOverlapped * nativeOverlapped) System.Threading._IOCompletionCallback.PerformIOCompletionCallback(UInt32的 的errorCode,UInt32的numBytes, NativeOverlapped * pOVERLAP)

Dispatcher.AuthorizationBehavior.Authorize()之後的下一次調用是我自己實現的AuthorizationManager。這很可能是問題來自何處。 Authorize()方法只會引發FaultException。

來源

2010-07-05 12:40:15 urig

+0

此評論可幫助我對一些繼承的代碼庫 「自己實現AuthorizationManager」 – VoodooChild 2016-05-13 23:51:10

相關問題

 相關問題