.net 消息包含无效或过期的安全上下文令牌,或者因为绑定之间不匹配

b4lqfgs4  于 2022-11-19  发布在  .NET
关注(0)|答案(1)|浏览(198)

我有一个示例web应用程序,它使用带有web.config的wcf服务。

<system.serviceModel>
  <bindings>
  <wsHttpBinding>
    <binding name="TheBindingConfig">
      <security mode="None" >
         <transport clientCredentialType="None" />
    <message establishSecurityContext="false" />    
    </security>
    </binding>
  </wsHttpBinding>
</bindings>   
    <client>
      <endpoint address="http://localhost/myservice/Service.svc"
        binding="wsHttpBinding" bindingConfiguration="TheBindingConfig"
        contract="myservice.IService" name="WSHttpBinding_IService">
        <identity>
          <dns value="localhost" />
        </identity>
      </endpoint>
    </client>
  </system.serviceModel>

wcf服务配置文件如下

<system.serviceModel>
        <services>
            <service name="myservice.Service" behaviorConfiguration="ServiceBehavior">
                <!-- Service Endpoints -->
                <endpoint address="" binding="wsHttpBinding" contract="myservice.IService">
                    <!-- 
              Upon deployment, the following identity element should be removed or replaced to reflect the 
              identity under which the deployed service runs.  If removed, WCF will infer an appropriate identity 
              automatically.
          -->
                    <identity>
                        <dns value="localhost" />
                    </identity>
                </endpoint>
                <endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" />
            </service>
        </services>
        <behaviors>
            <serviceBehaviors>
                <behavior name="ServiceBehavior">
                    <!-- To avoid disclosing metadata information, set the value below to false and remove the metadata endpoint above before deployment -->
                    <serviceMetadata httpGetEnabled="true" />
                    <!-- To receive exception details in faults for debugging purposes, set the value below to true.  Set to false before deployment to avoid disclosing exception information -->
                    <serviceDebug includeExceptionDetailInFaults="false" />
                </behavior>
            </serviceBehaviors>
        </behaviors>
    </system.serviceModel>

请注意,服务是使用名称空间“myservice”创建的
我是错误响应为

The message could not be processed. This is most likely because the action 'http://tempuri.org/IService/GetUserDetails' is incorrect or because the message contains an invalid or expired security context token or because there is a mismatch between bindings. The security context token would be invalid if the service aborted the channel due to inactivity. To prevent the service from aborting idle sessions prematurely increase the Receive timeout on the service endpoint's binding.

和堆栈跟踪为

[FaultException: The message could not be processed. This is most likely because the action 'http://tempuri.org/IService/GetUserDetails' is incorrect or because the message contains an invalid or expired security context token or because there is a mismatch between bindings. The security context token would be invalid if the service aborted the channel due to inactivity. To prevent the service from aborting idle sessions prematurely increase the Receive timeout on the service endpoint's binding.]
   System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg) +9439503
   System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type) +345
   sampleuserservice.IService.GetUserDetails(String Username) +0
   sampleuserservice._Default.BindUserDetails() +57
   sampleuserservice._Default.Page_Load(Object sender, EventArgs e) +90
   System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp, Object o, Object t, EventArgs e) +14
   System.Web.Util.CalliEventHandlerDelegateProxy.Callback(Object sender, EventArgs e) +35
   System.Web.UI.Control.OnLoad(EventArgs e) +91
   System.Web.UI.Control.LoadRecursive() +74
   System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +2207

注意:服务按预期正常运行
我猜上面的webconfig文件之间存在Map问题
等待您宝贵的回应和建议

qltillow

qltillow1#

如果服务可以由任何类型的客户端使用(.net、soapui),然后发布正在工作的soap请求。(header + body)和不工作的一个。您可以使用fiddler或wcf日志来获取消息。如果服务根本不工作,那么我猜这是因为客户端被配置为根本不使用安全性(security mode =“none”),而且服务器没有系结组态,所以会使用预设值,而且预设值具有一些安全性。

相关问题