个人中心
gpt4 book ai didi

c# - WCF 错误 : Cannot find a token authenticator

转载 作者:行者123 更新时间:2023-11-30 18:30:05 25 4
gpt4 key购买 nike

<分区>

我需要通过 SSL 使用 WCF 服务,而请求需要使用一个证书进行签名,响应需要使用另一个证书进行验证。

我在执行代码时遇到这个错误:

Cannot find a token authenticator for the 'System.IdentityModel.Tokens.X509SecurityToken' token type. Tokens of that type cannot be accepted according to current security settings.

根据 WCF 跟踪,它在尝试验证响应签名时失败,因为我可以看到来自服务器的响应。

这是我的 WCF 服务设置:

<system.serviceModel>
  <diagnostics>
    <messageLogging logEntireMessage="true" logKnownPii="true" logMalformedMessages="true"
      logMessagesAtServiceLevel="true" logMessagesAtTransportLevel="true" />
    <endToEndTracing propagateActivity="true" activityTracing="true"
      messageFlowTracing="true" />

  </diagnostics>
  <behaviors>
    <endpointBehaviors>
      <behavior name="CHClientCertificateBehavior">
        <clientCredentials supportInteractive="true">
          <clientCertificate findValue="clientcert" storeLocation="LocalMachine"
            storeName="My" x509FindType="FindBySubjectName" />
          <serviceCertificate>
            <defaultCertificate findValue="servercert" storeLocation="LocalMachine"
              storeName="My" x509FindType="FindBySubjectName" />
            <authentication certificateValidationMode="None" />
          </serviceCertificate>
        </clientCredentials>
      </behavior>
    </endpointBehaviors>
  </behaviors>

  <bindings>
    <basicHttpBinding>
      <binding name="DPBasicHttpBindingWithSSL" closeTimeout="00:01:00"
        openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:02:00"
        allowCookies="false" bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard"
        maxBufferPoolSize="2097152" maxBufferSize="524288" maxReceivedMessageSize="524288"
        textEncoding="utf-8" transferMode="Buffered" useDefaultWebProxy="true"
        messageEncoding="Text">
        <readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
          maxBytesPerRead="4096" maxNameTableCharCount="16384" />
        <security mode="TransportWithMessageCredential">
          <transport clientCredentialType="None" proxyCredentialType="None"
            realm="" />
          <message clientCredentialType="Certificate" algorithmSuite="Default" />
        </security>
      </binding>
      </basicHttpBinding>
    <customBinding>
      <binding name="DPCustomHttpBindingWithSSL">
        <security authenticationMode="CertificateOverTransport" allowSerializedSigningTokenOnReply="true"                       messageSecurityVersion="WSSecurity10WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10" 
                  requireDerivedKeys="false" 
                  securityHeaderLayout="Lax" />
        <textMessageEncoding messageVersion="Soap11" />
        <httpsTransport maxBufferPoolSize="2097152" maxBufferSize="524288" maxReceivedMessageSize="524288" />
      </binding>

    </customBinding>
  </bindings>
    <client>
        <endpoint address="https://myserver/service.asmx"
            behaviorConfiguration="CHClientCertificateBehavior" binding="customBinding"
            bindingConfiguration="DPCustomHttpBindingWithSSL" contract="ServiceRef.smssoap"
            name="smsEndpoint">
            <identity>
                <certificateReference storeName="My" storeLocation="LocalMachine"
                    x509FindType="FindBySubjectName" findValue="myserver" />
            </identity>
        </endpoint>

    </client>
</system.serviceModel>

如您所见,我尝试了 basicHttpBinding 和 customBinding(使用在线工具 http://webservices20.cloudapp.net/default.aspx 转换),我尝试设置不同的设置组合变体,但仍然出现此错误。

有什么想法吗?取消响应证书签名验证也是一个选项,但是我该如何设置呢??

25 4 0
文章推荐: c# - 委托(delegate)是否可以在不实例化的情况下调用类的方法?
文章推荐: c# - Entity Framework 不包括选择语句中的列
文章推荐: c# - SelectedItem.Text 是否在 if 语句中工作?
文章推荐: c# - 继承具有不同泛型参数的泛型接口(interface)
行者123
个人简介

我是一名优秀的程序员,十分优秀!

滴滴打车优惠券免费领取
滴滴打车优惠券
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com