1
我试图实现的目标是,我的Windows服务将在有/无用户登录的计算机上定期运行,并将更新发送到远程计算机(原始值)。在远程机器上,WCF服务将回复一个格式化的值(如结果),并异步地用原始输入更新数据库。Windows服务代理客户端访问IIS 7托管的WCF服务器
Windows服务客户端(WCF客户端)=> IIS(WCF服务)=>数据库(asynchonously) Windows服务客户端(WCF客户端)< = IIS(WCF服务)
我现在在做什么,我主持在IIS中的WCF服务,但我的Windows服务(WCF客户端)有问题的身份验证和连接到WCF。我知道windows服务正在“LOCALSYSTEM”帐户下运行。但在我打电话之前,我冒充了“网络服务”。
这种情况在WCF中可行吗?
我应该使用哪个帐户?我可以在WCF客户端硬编码credentinals吗?
- 我尝试了自签名的证书,但我在IIS上侧收到错误“键集未找到”在浏览器中打开WSDL
我当前绑定时: * NetTcpBinding的 *的wsHttpBinding
- 如何设置每个支持我的目标的绑定?
WCF的web.config托管在IIS:
<system.serviceModel>
<bindings>
<netTcpBinding>
<binding name="CustomNetTcpBinding" closeTimeout="00:02:30" openTimeout="00:02:30"
sendTimeout="00:02:30" listenBacklog="20" maxConnections="20">
<readerQuotas maxDepth="512" maxStringContentLength="50000" maxArrayLength="50000"
maxBytesPerRead="50000" maxNameTableCharCount="512" />
<security mode="Transport" />
</binding>
</netTcpBinding>
<wsHttpBinding>
<binding name="CustomWsHttpBinding" closeTimeout="00:02:30" openTimeout="00:02:30"
sendTimeout="00:02:30">
<readerQuotas maxDepth="512" maxStringContentLength="50000" maxArrayLength="50000"
maxBytesPerRead="50000" maxNameTableCharCount="512" />
</binding>
</wsHttpBinding>
</bindings>
<diagnostics>
<messageLogging logMalformedMessages="false" logMessagesAtServiceLevel="false"
logMessagesAtTransportLevel="false" />
</diagnostics>
<services>
<service behaviorConfiguration="TestAppWcfServiceApp.Service1Behavior"
name="TestAppWcfServerLib.TestAppServiceComposite2">
<endpoint address="mexhttp" binding="mexHttpBinding" contract="IMetadataExchange" />
<endpoint address="nettcp" binding="netTcpBinding" bindingConfiguration="CustomNetTcpBinding"
contract="TestAppWcfServerLib.ITestAppServiceContract2" />
<endpoint address="wshttp" binding="wsHttpBinding" bindingConfiguration="CustomWsHttpBinding"
contract="TestAppWcfServerLib.ITestAppServiceContract2" />
<host>
<baseAddresses>
<add baseAddress="net.tcp://localhost:8005/TestApp" />
<add baseAddress="http://localhost/TestApp" />
</baseAddresses>
<timeouts openTimeout="00:02:30" />
</host>
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="TestAppWcfServiceApp.Service1Behavior">
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="false" />
<serviceDebug includeExceptionDetailInFaults="true" />
</behavior>
</serviceBehaviors>
</behaviors>
WCF客户端在Windows服务:
<system.serviceModel>
<bindings>
<netTcpBinding>
<binding name="NetTcpBinding_ITestAppServiceContract2" closeTimeout="00:01:00"
openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00"
transactionFlow="false" transferMode="Buffered" transactionProtocol="OleTransactions"
hostNameComparisonMode="StrongWildcard" listenBacklog="10"
maxBufferPoolSize="524288" maxBufferSize="65536" maxConnections="10"
maxReceivedMessageSize="65536">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
maxBytesPerRead="4096" maxNameTableCharCount="16384" />
<reliableSession ordered="true" inactivityTimeout="00:10:00"
enabled="false" />
<security mode="Transport">
<transport clientCredentialType="Windows" protectionLevel="EncryptAndSign" />
<message clientCredentialType="Windows" />
</security>
</binding>
</netTcpBinding>
<wsHttpBinding>
<binding name="WSHttpBinding_ITestAppServiceContract2" closeTimeout="00:01:00"
openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00"
bypassProxyOnLocal="false" transactionFlow="false" hostNameComparisonMode="StrongWildcard"
maxBufferPoolSize="524288" maxReceivedMessageSize="65536"
messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true"
allowCookies="false">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
maxBytesPerRead="4096" maxNameTableCharCount="16384" />
<reliableSession ordered="true" inactivityTimeout="00:10:00"
enabled="false" />
<security mode="Message">
<transport clientCredentialType="Windows" proxyCredentialType="None"
realm="" />
<message clientCredentialType="Windows" negotiateServiceCredential="true"
algorithmSuite="Default" />
</security>
</binding>
</wsHttpBinding>
</bindings>
<client>
<endpoint address="net.tcp://ServerName/testtools/TestAppServApp.svc/nettcp"
binding="netTcpBinding" bindingConfiguration="NetTcpBinding_ITestAppServiceContract2"
contract="proxyClient.ITestAppServiceContract2" name="NetTcpBinding_ITestAppServiceContract2">
<identity>
<servicePrincipalName value="host/ServerName" />
</identity>
</endpoint>
<endpoint address="http://ServerName/testtools/TestAppServApp.svc/wshttp"
binding="wsHttpBinding" bindingConfiguration="WSHttpBinding_ITestAppServiceContract2"
contract="proxyClient.ITestAppServiceContract2" name="WSHttpBinding_ITestAppServiceContract2">
<identity>
<servicePrincipalName value="host/ServerName" />
</identity>
</endpoint>
</client>
</system.serviceModel>
我的设置:
开发机: •Windows 7的64位企业版 •VS2010 SP1旗舰
的Windows 2008 SP2的x86企业版 •IIS 7.0被激活
你需要做什么,这迫使你的Windows服务必须作为LOCALSYSTEM运行 - 这是一个非常有特权的帐户,你应该只使用,如果你没有其他选择。你也可以发布服务配置,这样我们就可以看到你是如何执行身份验证的,等等。最后是机器是同一个域的一部分吗? –
您是否可以不使用普通帐户,只需调整ACL即可访问所需内容? –
这不仅仅是它的功能。认为它扫描了很多像WMI,RSOP,注册表,文件和PInvoke对象 – altyne