所以我正在尝试配置 WCF 4 REST 应用程序以利用多个标准端点(用于帮助功能)。原因是我的托管 IIS 进程同时启用了匿名身份验证和 Windows 身份验证,而我的 WCF 应用程序中的某些端点需要其中之一(两者都会导致异常)。
以前,我可以通过定义一些绑定(bind)来做到这一点:
<bindings>
<webHttpBinding>
<binding name="Anonymous">
<security mode="None" />
</binding>
<binding name="WindowsAuthentication">
<security mode="TransportCredentialOnly">
<transport clientCredentialType="Windows" />
</security>
</binding>
</webHttpBinding>
</bindings>
然后像这样定义服务:
<services>
<service name="Host.SubscriberInfoHost">
<endpoint address="" binding="webHttpBinding" bindingConfiguration="WindowsAuthentication" contract="Host.ISubscriberInfoHost" />
</service>
<service name="Utilities.Instrumentation.ServiceStatus.ServiceStatusHost">
<endpoint address="" binding="webHttpBinding" bindingConfiguration="Anonymous" contract="Utilities.Instrumentation.ServiceStatus.IServiceStatusHost" />
</service>
</services>
这是我迄今为止在使用标准端点模型时尝试做的事情:
<standardEndpoints>
<webHttpEndpoint>
<standardEndpoint name="Host.SubscriberInfoHost" helpEnabled="true" automaticFormatSelectionEnabled="true">
<security mode="TransportCredentialOnly">
<transport clientCredentialType="Windows" />
</security>
</standardEndpoint>
<standardEndpoint name="Utilities.Instrumentation.ServiceStatus.IServiceStatusHost" helpEnabled="true" automaticFormatSelectionEnabled="true">
<security mode="None" />
</standardEndpoint>
</webHttpEndpoint>
</standardEndpoints>
然而,这样做会使服务变得困惑,正如我收到的那样:
System.InvalidOperationException: IIS specified authentication schemes 'Negotiate, Anonymous', but the binding only supports specification of exactly one authentication scheme. Valid authentication schemes are Digest, Negotiate, NTLM, Basic, or Anonymous. Change the IIS settings so that only a single authentication scheme is used
这正是我想要摆脱的。谁能告诉我如何使用新的标准端点模型设置这种情况?谢谢!
最佳答案
经过一些实验找到了这个问题的答案。事实证明,标准端点的“名称”属性实际上是一个端点配置。因此,您将使用以下标准端点:
<standardEndpoint name="WindowsAuthentication" helpEnabled="true" automaticFormatSelectionEnabled="true">
<security mode="TransportCredentialOnly">
<transport clientCredentialType="Windows" />
</security>
</standardEndpoint>
<standardEndpoint name="Anonymous" helpEnabled="true" automaticFormatSelectionEnabled="true">
<security mode="None" />
</standardEndpoint>
然后,您还将配置如下服务(必须设置“kind”和“endpointConfiguration”属性,以便将此端点绑定(bind)到上面的标准端点)
<service name="SomeEndpoint">
<endpoint address="" kind="webHttpEndpoint" endpointConfiguration="WindowsAuthentication" contract="ISomeEndpoint" />
</service>
这允许您在保持方便的服务帮助页面的同时混合使用身份验证方式。
关于c# - WCF 4 REST - 用于身份验证的多个标准端点,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/8084792/