Durante l'accesso servizio WCF da un client di prova, io sono sempre seguente eccezione:Come rendere indipendente la differenza di orario client-server client-servizio?
System.ServiceModel.Security.MessageSecurityException: An unsecured or incorrectly secured fault was received from the other party. See the inner FaultException for the fault code and detail. ---> System.ServiceModel.FaultException: An error occurred when verifying security for the message.
--- End of inner exception stack trace ---
ho cercato su internet la causa principale di questo problema. Ho scoperto che questo è causato principalmente a causa della differenza di orario client-server. Ma non sono riuscito a trovare la soluzione giusta. In seguito è la mia configurazione lato server:
<system.serviceModel>
<bindings>
<wsHttpBinding>
<binding name="RequestUserName">
<security mode="Message">
<message clientCredentialType="Windows" negotiateServiceCredential="true" establishSecurityContext="true" />
</security>
</binding>
</wsHttpBinding>
</bindings>
<services>
<service name="WCFService.Service1" behaviorConfiguration="WCFService.Service1Behavior">
<!-- Service Endpoints -->
<endpoint address="http://subdomain.domain.com/service1.svc" binding="wsHttpBinding" contract="WCFService.IService1" bindingName="RequestUserName">
</endpoint>
<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" />
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="WCFService.Service1Behavior">
<!-- To avoid disclosing metadata information, set the value below to false before deployment -->
<serviceMetadata httpGetEnabled="false" />
<!-- To receive exception details in faults for debugging purposes, set the value below to true. Set to false before deployment to avoid disclosing exception information -->
<serviceDebug includeExceptionDetailInFaults="false" />
</behavior>
</serviceBehaviors>
</behaviors>
<serviceHostingEnvironment>
<baseAddressPrefixFilters>
<add prefix="http://subdomain.domain.com/"/>
</baseAddressPrefixFilters>
</serviceHostingEnvironment>
e configurazione lato client:
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<system.serviceModel>
<bindings>
<wsHttpBinding>
<binding name="RequestUserName_IService1" />
</wsHttpBinding>
</bindings>
<client>
<endpoint address="http://subdomain.domain.com/service1.svc" binding="wsHttpBinding"
bindingConfiguration="RequestUserName_IService1" contract="ServiceReference1.IService1"
name="RequestUserName_IService1">
<identity>
<userPrincipalName value="DOMAIN\subdomaincom_web" />
</identity>
</endpoint>
</client>
</system.serviceModel>
</configuration>
Chiunque ti prego, aiutami a trovare la soluzione a questo problema.
UPDATE: Quando ho rintracciato l'eccezione, l'eccezione interna sta mostrando questo The security timestamp is stale because its expiration time ('2013-08-21T11:17:39.482Z') is in the past. Current time is '2013-08-21T12:31:31.897Z' and allowed clock skew is '00:05:00'.
Il server utilizza il formato UTC e il mio cliente è un'applicazione di uso generale che può essere scaricato da qualsiasi paese.
UPDATE 2: Config dopo la risposta:
<system.serviceModel>
<bindings>
<customBinding>
<binding name="Wrabind">
<transactionFlow />
<security authenticationMode="SecureConversation" messageSecurityVersion="WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10">
<localClientSettings maxClockSkew="00:07:00" />
<localServiceSettings maxClockSkew="00:07:00" />
<secureConversationBootstrap messageSecurityVersion="WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10" />
<localClientSettings maxClockSkew="00:30:00" />
<localServiceSettings maxClockSkew="00:30:00" />
</security>
<textMessageEncoding />
<httpTransport />
</binding>
</customBinding>
</bindings>
<!-- change -->
<services>
<service name="WCFService.Service1" behaviorConfiguration="WCFService.Service1Behavior">
<!-- Service Endpoints -->
<endpoint address="http://subdomain.domain.com/service1.svc" binding="customBinding" contract="WCFService.IService1" bindingName="Wrabind">
<!--
Upon deployment, the following identity element should be removed or replaced to reflect the
identity under which the deployed service runs. If removed, WCF will infer an appropriate identity
automatically.
-->
</endpoint>
<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" />
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="WCFService.Service1Behavior">
<!-- To avoid disclosing metadata information, set the value below to false before deployment -->
<serviceMetadata httpGetEnabled="false" />
<!-- change -->
<!--<serviceCredentials>
<userNameAuthentication userNamePasswordValidationMode="Custom" customUserNamePasswordValidatorType="WCFService.Authentication.DistributorValidator, WrangleCoreService"/>
<serviceCertificate findValue="WCFService" storeLocation="LocalMachine" storeName="TrustedPeople" x509FindType="FindBySubjectName"/>
</serviceCredentials>-->
<!-- change -->
<!-- To receive exception details in faults for debugging purposes, set the value below to true. Set to false before deployment to avoid disclosing exception information -->
<serviceDebug includeExceptionDetailInFaults="false" />
</behavior>
</serviceBehaviors>
</behaviors>
<serviceHostingEnvironment>
<baseAddressPrefixFilters>
<add prefix="http://subdomain.domain.com/"/>
</baseAddressPrefixFilters>
</serviceHostingEnvironment>
<!--<standardEndpoints>
<webHttpEndpoint>
<standardEndpoint name="" helpEnabled="true"
automaticFormatSelectionEnabled="true"/>
</webHttpEndpoint>
</standardEndpoints>-->
</system.serviceModel>
http://stackoverflow.com/questions/1484601/wcfan-unsecured-or-incorrectly-fault- l'errore potrebbe aiutare. – Neha
@Neha Ho controllato sopra il collegamento. Ma il mio cliente può utilizzare diversi fusi orari poiché è un'applicazione generica che può essere scaricata da qualsiasi paese. Si prega di dare un'occhiata alla mia domanda di aggiornamento. –
Come dice google ... Prova a cambiare maxClockSkew ... http://forums.asp.net/t/1834072.aspx/1 – Neha