2
我有一個簡單的WCF客戶端 - >服務器結構,其中客戶端引用服務器的WCF服務。身份驗證使用X509證書完成。WCF入門WCF證書認證路由 - 卡在XML地獄
我想爲我的服務添加一種簡單的冗餘形式。這意味着要有多個服務器在運行,並讓客戶端使用一臺路由器,如果主服務器已經死機,該路由器可以透明地故障切換到備份服務器。
簡單,對吧?
我使用hello world示例代碼,只是改變了我的路由器的app.config文件,以類似我的客戶端。
然後,我指着我的客戶端在路由器。
我得到了我的痛苦,唯一的收穫是An insecured or incorrectly secured fault例外,內部異常說:
The message could not be processed. This is most likely because the action 'http://www.MyCompany.com/MyApp/api/IMyCompanyMyAppService/GetItems' is incorrect or because the message contains an invalid or expired security context token or because there is a mismatch between bindings. The security context token would be invalid if the service aborted the channel due to inactivity. To prevent the service from aborting idle sessions prematurely increase the Receive timeout on the service endpoint's binding.
顯然,所有這些原因都是彌天大謊(該GetItems方法是落實,結合AREN不匹配,因爲我從我的客戶端配置複製粘貼它們,並且接收超時沒有任何問題)。
現在我不知道該怎麼做;我有一個預感,這可能與我使用的身份驗證方法(X509證書)有關,但我真的沒有線索。
封閉的是服務器,路由器和客戶端的配置。
<!--SERVER CONFIGURATION-->
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="MyAppService_BasicHttpBindingConfigurationSSL"
maxBufferPoolSize="1073741824" maxBufferSize="1073741824" maxReceivedMessageSize="1073741824">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="1073741824"
maxBytesPerRead="4096" maxNameTableCharCount="16384" />
<security mode="Transport">
<transport clientCredentialType="Basic" proxyCredentialType="None"/>
</security>
</binding>
</basicHttpBinding>
<wsHttpBinding>
<binding name="MyAppService_BindingConfiguration" maxBufferPoolSize="1073741824" maxReceivedMessageSize="1073741824">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="1073741824"
maxBytesPerRead="4096" maxNameTableCharCount="16384" />
<security mode="Message">
<transport/>
<message clientCredentialType="Certificate" negotiateServiceCredential="false" establishSecurityContext="false"/>
</security>
</binding>
<binding name="MyAppService_BindingConfigurationOverSSL" maxBufferPoolSize="1073741824" maxReceivedMessageSize="1073741824">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="1073741824"
maxBytesPerRead="4096" maxNameTableCharCount="16384" />
<security mode="TransportWithMessageCredential">
<transport/>
<message clientCredentialType="Certificate" negotiateServiceCredential="false" establishSecurityContext="false"/>
</security>
</binding>
</wsHttpBinding>
</bindings>
<services>
<service name="MyCompany.MyApp.MyAppService.Server.Service.MyCompanyMyAppService" behaviorConfiguration="MyAppService_Behavior">
<!-- Non-SSL endpoint -->
<endpoint name="MyAppServiceEndpoint"
address="http://localhost:8087/MyAppService"
binding="wsHttpBinding"
bindingNamespace="http://www.MyCompany.com/api/binding"
bindingConfiguration="MyAppService_BindingConfiguration"
behaviorConfiguration="WSDLBehavior"
contract="MyCompany.MyApp.MyAppService.Common.Services.IMyCompanyMyAppService"/>
<!-- SSL endpoint -->
<endpoint name="MyAppServiceEndpointSSL"
address="https://localhost:8088/MyAppService"
binding="wsHttpBinding"
bindingNamespace="http://www.MyCompany.com/api/binding"
bindingConfiguration="MyAppService_BindingConfigurationOverSSL"
behaviorConfiguration="WSDLBehavior"
contract="MyCompany.MyApp.MyAppService.Common.Services.IMyCompanyMyAppService"/>
<!--BasicHttpBinding-->
<!--SSL BasicHttpBinding -->
<endpoint name="MyAppServiceEndpointBasicSSL"
address="https://localhost:8088/MyAppServiceBasic"
bindingConfiguration="MyAppService_BasicHttpBindingConfigurationSSL"
binding="basicHttpBinding"
contract="MyCompany.MyApp.MyAppService.Common.Services.IMyCompanyMyAppService" />
<!-- Non-SSL Metadata endpoint -->
<endpoint name="MyAppServiceBinding" address="http://localhost:8087/mex" binding="mexHttpBinding" behaviorConfiguration="WSDLBehavior" contract="IMetadataExchange"/>
</service>
</services>
<behaviors>
<endpointBehaviors>
<behavior name="WSDLBehavior">
<!--<wsdlExtensions />-->
</behavior>
</endpointBehaviors>
<serviceBehaviors>
<behavior name="MyAppService_Behavior">
<serviceCredentials>
<userNameAuthentication userNamePasswordValidationMode="Custom"
customUserNamePasswordValidatorType="MyCompany.MyApp.MyAppService.Server.Service.MyAppUsernamePasswordValidator, MyCompany.MyApp.MyAppService.Server" />
<clientCertificate>
<authentication certificateValidationMode="PeerOrChainTrust" revocationMode="NoCheck"/>
<certificate/>
</clientCertificate>
<serviceCertificate storeLocation="LocalMachine"
storeName="My" x509FindType="FindBySubjectName" findValue="server.dev.MyApp.MyCompany.com"/>
</serviceCredentials>
<!-- Allow the service to handle a high load of calls and sessions -->
<serviceThrottling maxConcurrentCalls="300" maxConcurrentInstances="500" maxConcurrentSessions="30000"/>
<serviceMetadata httpGetEnabled="true" httpGetUrl="http://localhost:8087/mex" httpsGetEnabled="false" httpsGetUrl="https://localhost:8088/mex"/>
</behavior>
</serviceBehaviors>
</behaviors>
</system.serviceModel>
<!--ROUTER CONFIGURATION-->
<system.serviceModel>
<services>
<!--ROUTING SERVICE -->
<service behaviorConfiguration="routingData"
name="System.ServiceModel.Routing.RoutingService">
<host>
<baseAddresses>
<add baseAddress="http://localhost:8000/MyAppService"/>
</baseAddresses>
</host>
<endpoint address=""
binding="wsHttpBinding"
name="reqReplyEndpoint"
contract="System.ServiceModel.Routing.IRequestReplyRouter" />
<endpoint address="mex"
binding="mexHttpBinding"
contract="IMetadataExchange" />
</service>
</services>
<bindings>
<basicHttpBinding>
<binding name="MyAppServiceEndpointBasicSSL" closeTimeout="00:01:00"
openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00"
allowCookies="false" bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard"
maxBufferSize="65536" maxBufferPoolSize="524288" maxReceivedMessageSize="65536"
messageEncoding="Text" textEncoding="utf-8" transferMode="Buffered"
useDefaultWebProxy="true">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
maxBytesPerRead="4096" maxNameTableCharCount="16384" />
<security mode="Transport">
<transport clientCredentialType="Basic" proxyCredentialType="None"
realm="" />
<message clientCredentialType="UserName" algorithmSuite="Default" />
</security>
</binding>
</basicHttpBinding>
<wsHttpBinding>
<binding name="MyAppServiceEndpoint" maxBufferPoolSize="1073741824" maxReceivedMessageSize="1073741824">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="1073741824"
maxBytesPerRead="4096" maxNameTableCharCount="16384" />
<security mode="Message">
<transport/>
<message clientCredentialType="Certificate" negotiateServiceCredential="false" establishSecurityContext="false"/>
</security>
</binding>
<binding name="MyAppServiceEndpointSSL" maxBufferPoolSize="1073741824" maxReceivedMessageSize="1073741824">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="1073741824"
maxBytesPerRead="4096" maxNameTableCharCount="16384" />
<security mode="TransportWithMessageCredential">
<transport/>
<message clientCredentialType="Certificate" negotiateServiceCredential="false" establishSecurityContext="false"/>
</security>
</binding>
</wsHttpBinding>
</bindings>
<behaviors>
<serviceBehaviors>
<behavior name="routingData">
<serviceMetadata httpGetEnabled="True"/>
<routing filterTableName="routingTable1" />
</behavior>
</serviceBehaviors>
</behaviors>
<client>
<endpoint address="http://localhost:8087/MyAppService" binding="wsHttpBinding"
bindingConfiguration="MyAppServiceEndpoint" contract="MyCompanyMyAppService.IMyCompanyMyAppService"
name="MyAppServiceEndpoint">
<identity>
<certificate encodedValue="AwAAAAEAAAAUAAAAS2hv3zJGGxe4T0jo4fwcBgc2fbogAAAAAQAAABYCAAAwggISMIIBf6ADAgECAhDtT0KoiuHcoERR+GfWnIJJMAkGBSsOAwIdBQAwHzEdMBsGA1UEAxMUZGV2LmNybS5sZXZlcmF0ZS5jb20wHhcNMTExMTA5MDgyNDQ2WhcNMTMxMjMwMjIwMDAwWjAmMSQwIgYDVQQDExtzZXJ2ZXIuZGV2LmNybS5sZXZlcmF0ZS5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMsBWu9R/c65MNdQRDkCi4w5uyxp4Hh5FK0hyUh9LzObQuSuMvqYc+cW1OuI1b4G1RBNOwGOzxUeK+dPX6Q5Y96qcmOk5+eJyPOg2dtHaOujGvaW1MN/sVJPMy6xgCtJ6iSe9xDYYmxcha2quZK3LGGvW3d3/QznBqY+XwK6kbHXAgMBAAGjUDBOMEwGA1UdAQRFMEOAEP3fipkit68H++sodJuSZSWhHTAbMRkwFwYDVQQDExBjcm0ubGV2ZXJhdGUuY29tghAluuQuFlNJpU+Yh7Yf725TMAkGBSsOAwIdBQADgYEAZVECKrndJdjMYnfSb2bCByv24mpgE2yCuhm2Ey+cSEwP31aKrHIVNAcVDPd7k1/R4qsWU6I8PHjVCeCHTMnf+EE/1IV0lbCj/PD/D3by+m/7hEKdtzk6VHJyJLmLyO6fIJc14XPI4qC/KVuUS97UjNpWcICZFgM64Vb7MUW5thE=" />
</identity>
</endpoint>
<endpoint address="https://localhost:8088/MyAppService" binding="wsHttpBinding"
bindingConfiguration="MyAppServiceEndpointSSL" contract="MyCompanyMyAppService.IMyCompanyMyAppService"
name="MyAppServiceEndpointSSL" />
<endpoint address="https://localhost:8088/MyAppServiceBasic" binding="basicHttpBinding"
bindingConfiguration="MyAppServiceEndpointBasicSSL" contract="MyCompanyMyAppService.IMyCompanyMyAppService"
name="MyAppServiceEndpointBasicSSL" />
</client>
<!--ROUTING SECTION -->
<routing>
<filters>
<filter name="MatchAllFilter1" filterType="MatchAll" />
</filters>
<filterTables>
<filterTable name="routingTable1">
<add filterName="MatchAllFilter1" endpointName="MyAppServiceEndpoint" />
</filterTable>
</filterTables>
</routing>
</system.serviceModel>
<!--CLIENT CONFIGURATION-->
<system.serviceModel>
<client>
<endpoint address="http://localhost:8087/MyAppService" binding="wsHttpBinding"
bindingConfiguration="MyAppServiceEndpoint" contract="MyCompanyMyAppService.IMyCompanyMyAppService"
name="MyAppServiceEndpoint">
<identity>
<certificate encodedValue="AwAAAAEAAAAUAAAAS2hv3zJGGxe4T0jo4fwcBgc2fbogAAAAAQAAABYCAAAwggISMIIBf6ADAgECAhDtT0KoiuHcoERR+GfWnIJJMAkGBSsOAwIdBQAwHzEdMBsGA1UEAxMUZGV2LmNybS5sZXZlcmF0ZS5jb20wHhcNMTExMTA5MDgyNDQ2WhcNMTMxMjMwMjIwMDAwWjAmMSQwIgYDVQQDExtzZXJ2ZXIuZGV2LmNybS5sZXZlcmF0ZS5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMsBWu9R/c65MNdQRDkCi4w5uyxp4Hh5FK0hyUh9LzObQuSuMvqYc+cW1OuI1b4G1RBNOwGOzxUeK+dPX6Q5Y96qcmOk5+eJyPOg2dtHaOujGvaW1MN/sVJPMy6xgCtJ6iSe9xDYYmxcha2quZK3LGGvW3d3/QznBqY+XwK6kbHXAgMBAAGjUDBOMEwGA1UdAQRFMEOAEP3fipkit68H++sodJuSZSWhHTAbMRkwFwYDVQQDExBjcm0ubGV2ZXJhdGUuY29tghAluuQuFlNJpU+Yh7Yf725TMAkGBSsOAwIdBQADgYEAZVECKrndJdjMYnfSb2bCByv24mpgE2yCuhm2Ey+cSEwP31aKrHIVNAcVDPd7k1/R4qsWU6I8PHjVCeCHTMnf+EE/1IV0lbCj/PD/D3by+m/7hEKdtzk6VHJyJLmLyO6fIJc14XPI4qC/KVuUS97UjNpWcICZFgM64Vb7MUW5thE=" />
</identity>
</endpoint>
<endpoint address="https://localhost:8088/MyAppService" binding="wsHttpBinding"
bindingConfiguration="MyAppServiceEndpointSSL" contract="MyCompanyMyAppService.IMyCompanyMyAppService"
name="MyAppServiceEndpointSSL" />
<endpoint address="https://localhost:8088/MyAppServiceBasic" binding="basicHttpBinding"
bindingConfiguration="MyAppServiceEndpointBasicSSL" contract="MyCompanyMyAppService.IMyCompanyMyAppService"
name="MyAppServiceEndpointBasicSSL" />
</client>
<bindings>
<basicHttpBinding>
<binding name="MyAppServiceEndpointBasicSSL" closeTimeout="00:01:00"
openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00"
allowCookies="false" bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard"
maxBufferSize="65536" maxBufferPoolSize="524288" maxReceivedMessageSize="65536"
messageEncoding="Text" textEncoding="utf-8" transferMode="Buffered"
useDefaultWebProxy="true">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
maxBytesPerRead="4096" maxNameTableCharCount="16384" />
<security mode="Transport">
<transport clientCredentialType="Basic" proxyCredentialType="None"
realm="" />
<message clientCredentialType="UserName" algorithmSuite="Default" />
</security>
</binding>
</basicHttpBinding>
<wsHttpBinding>
<binding name="MyAppServiceEndpoint" closeTimeout="00:01:00" openTimeout="00:01:00"
receiveTimeout="00:10:00" sendTimeout="00:01:00" bypassProxyOnLocal="false"
transactionFlow="false" hostNameComparisonMode="StrongWildcard"
maxBufferPoolSize="524288" maxReceivedMessageSize="65536" messageEncoding="Text"
textEncoding="utf-8" useDefaultWebProxy="true" allowCookies="false">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
maxBytesPerRead="4096" maxNameTableCharCount="16384" />
<reliableSession ordered="true" inactivityTimeout="00:10:00"
enabled="false" />
<security mode="Message">
<transport clientCredentialType="Windows" proxyCredentialType="None"
realm="" />
<message clientCredentialType="Certificate" negotiateServiceCredential="false"
algorithmSuite="Default" establishSecurityContext="false" />
</security>
</binding>
<binding name="MyAppServiceEndpointSSL" closeTimeout="00:01:00"
openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00"
bypassProxyOnLocal="false" transactionFlow="false" hostNameComparisonMode="StrongWildcard"
maxBufferPoolSize="524288" maxReceivedMessageSize="65536" messageEncoding="Text"
textEncoding="utf-8" useDefaultWebProxy="true" allowCookies="false">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
maxBytesPerRead="4096" maxNameTableCharCount="16384" />
<reliableSession ordered="true" inactivityTimeout="00:10:00"
enabled="false" />
<security mode="TransportWithMessageCredential">
<transport clientCredentialType="None" proxyCredentialType="None"
realm="" />
<message clientCredentialType="Certificate" negotiateServiceCredential="true"
algorithmSuite="Default" establishSecurityContext="false" />
</security>
</binding>
</wsHttpBinding>
</bindings>
</system.serviceModel>