.net - VS 2008 单元测试的 WCF 安全错误

Question

我在使用 WCF 服务运行我的第一个 Visual Studio 2008 单元测试时收到以下错误:

Test method UnitTest.ServiceUnitTest.TestMyService threw exception: System.ServiceModel.Security.MessageSecurityException: The HTTP request is unauthorized with client authentication scheme 'Anonymous'. The authentication header received from the server was 'Negotiate,NTLM'. ---> System.Net.WebException: The remote server returned an error: (401) Unauthorized..

我还在安全日志中收到以下失败的审核:

Logon Failure: Reason: The user has not been granted the requested logon type at this machine
User Name: (Internet Guest Account)
Domain:
Logon Type: 3
Logon Process: IIS
Authentication Package:
MICROSOFT_AUTHENTICATION_PACKAGE_V1_0
Workstation Name:

我在 Windows XP SP3 机器上的 IIS 6.0 中托管 WCF 服务。我为 WCF 服务虚拟目录检查了“匿名访问”和“集成 Windows 身份验证”。

这是我的服务配置文件:

<system.serviceModel>
    <services>
        <bindings>
            <basicHttpBinding>
                <binding name="MyBinding">
               <security mode="None" />
           </binding>
            </basicHttpBinding>
            <customBinding>
                <binding name="MyBinding">
               <transactionFlow />
                    <textMessageEncoding />
                    <httpsTransport authenticationScheme="Ntlm"/>
                </binding>
            </customBinding>
            <wsHttpBinding>
                <binding name="MyBinding">
                   <security mode="None" />
               </binding>
            </wsHttpBinding>
        </bindings>
        <service 
            behaviorConfiguration="Service1Behavior"
            name="Service1"
        >
            <endpoint 
                address="" 
                binding="wsHttpBinding"
                bindingConfiguration="MyBinding"
                contract="IService1"
            >
                <identity>
                    <dns value="localhost" />
                   </identity>
            </endpoint>
        </service>
    </services>
    <behaviors>
        <serviceBehaviors>
            <behavior name="Service1Behavior">
                <serviceMetadata httpGetEnabled="true" />
                   <serviceDebug includeExceptionDetailInFaults="false" />
               </behavior>
        </serviceBehaviors>
    </behaviors>
</system.serviceModel>

Answer 1

我必须更改以下 IIS 和 WCF 服务配置才能通过“协商，NTLM”异常。

IIS 配置:

-- Unchecked "Anonymous Access" checkbox and check the "Integrated Windows authentication" checkbox in the directory security setting for the WCF Service virtual directory.

WCF 服务:

-- implemented basicHttpBinding and configured the basicSettingBinding security setting to "TransportCredentialsOnly" mode and TransportClientCredentialType to "Windows"

这是我更新的 wcf 服务配置:

<system.serviceModel>
    <bindings>
        <basicHttpBinding>
            <binding name="windowsBasicHttpBinding">
                <security mode="TransportCredentialOnly">
                    <transport clientCredentialType="Windows" />
                </security>
            </binding>
       </basicHttpBinding>
    </bindings>
    <services>
        <service    
      behaviorConfiguration="CityOfMesa.ApprovalRouting.WCFService.RoutingServiceBehavior"
           name="CityOfMesa.ApprovalRouting.WCFService.RoutingService"
        >
            <endpoint 
                binding="basicHttpBinding" bindingConfiguration="windowsBasicHttpBinding"
                name="basicEndPoint"    
                contract="CityOfMesa.ApprovalRouting.WCFService.IRoutingService" 
            />
        </service>
    </services>
    <behaviors>
        <serviceBehaviors>
            <behavior 
                name="CityOfMesa.ApprovalRouting.WCFService.RoutingServiceBehavior"
            >
                <serviceMetadata httpGetEnabled="true" />
                <serviceDebug includeExceptionDetailInFaults="true" />
           </behavior>
        </serviceBehaviors>
    </behaviors>
</system.serviceModel>