如何解决此WIF/WCF异常？

Question

我正在尝试执行How To: Enable WIF for a WCF Web Service Application。我得到了第3步 - 测试您的解决方案，我得到以下例外：

没有发现CardSpace服务的版本安装在机器上。请安装CardSpace并重试该操作。

例外在客户端项目出现在Program.cs中的第23行：

Console.WriteLine(client.ComputeResponse("Hello World")); 

堆栈跟踪：

服务器堆栈跟踪：
在System.IdentityModel.Selectors .CardSpaceShim.GetCardSpaceImplementationDll（）
at System.IdentityModel.Selectors.CardSpaceShim.InitializeIfNecessary（）
在System.IdentityModel.Selectors.CardSpaceSelector.GetToken（CardSpacePolicyElement [] policyChain，SecurityTokenSerializer tokenSerializer）
在System.ServiceModel.Description.ClientCredentials.GetInfoCardSecurityToken（布尔requiresInfoCard，CardSpacePolicyElement []链，SecurityTokenSerializer tokenSerializer）
在System.Runtime .Remoting.Messaging.StackBuilderSink._PrivateProcessMessage（IntPtr的MD，对象[]指定参数时，对象服务器，对象[] & outArgs）
在System.Runtime.Remoting.Messaging.StackBuilderSink.AsyncProcessMessage（即时聊天味精，IMessageSink replySink）

在[0]处重新出现异常：
在System.Runtime.AsyncResult.End [TAsyncResult]（IAsyncResult的结果）
在System.ServiceModel.Dispatcher.ImmutableClientRuntime.DisplayInitializationUIAsyncResult.End（IAsyncResult的结果）
在System.ServiceModel.Dispatcher.ImmutableClientRuntime.EndDisplayInitializationUI（IAsyncResult的结果）
在System.ServiceModel.Dispatcher.ImmutableClientRuntime.DisplayInitializationUI（ServiceChannel信道）
在System.ServiceModel.Channels.ServiceChannel.DisplayInitializationUI（）
在System.ServiceModel.Channels.ServiceChannel.CallDisplayUIOnce.System.ServiceModel.Channels.ServiceChannel .ICallOnce.Call（ServiceChannel通道，TimeSpan超时）
在System.ServiceModel.Channels.ServiceChannel.CallOnceManager.CallOnce（时间跨度超时，CallOnceManager级联）
在System.ServiceModel.Channels.ServiceChannel.EnsureDisplayUI（）
在System.ServiceModel.Channels.ServiceChannel.Call（字符串动作，布尔单向，ProxyOperationRuntime操作，Object [] ins，Object []出，TimeSpan超时）
at System.ServiceModel.Channels.ServiceChannel.Call（String action，Boolean oneway，ProxyOperationRuntime operation，Object [] ins，Object [] ）
at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService（IMethodCallMessage methodCall，ProxyOperationRuntime operation）
at System.ServiceModel.Channels.ServiceChannelPr oxy.Invoke（即时聊天消息）

异常重新抛出在1：
在System.Runtime.Remoting.Proxies.RealProxy。HandleReturnMessage（即时聊天reqMsg，即时聊天retMsg）
在System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke（MessageData & MSGDATA，的Int32类型）
在Client.ServiceReference1.IService1.ComputeResponse（字符串输入）
在Client.ServiceReference1客户端服务参考\ ServiceReference1 \ Reference.cs中的.Service1Client.ComputeResponse（字符串输入）：第53行
位于Client.Program.Main（String [ ] args）在c：\ Users \ currentuser \ Documents \ Visual Studio 2012 \ Projects \ TestService \ Client \ Program.cs中：第23行

Answer 1

我已经花了相当一段时间来处理这个教程，试图重现你的问题（这很容易），并在你对我之前的回答发表评论之后修复它（这很难）。

事情是，身份和访问扩展有一个错误，并在服务的web.config中放置错误的发行人地址。如果从2013年8月13日看ChrisPD的评论在homepage of Identity and Access tool，你会看到：

ChrisPD： 虽然继续调查此我注意到，身份和访问工具使发行人的元数据的地址进入配置文件“https://localhost/adfs/services/trust/mex”而不是正确的值“http://localhost:15196/wsTrustSTS/mex”，其中15196是在工具中分配的端口号。当我将其替换为服务配置并运行“添加服务参考”时，它会生成一个发行人地址http://localhost:15196/wsTrustSTS/。 因此，身份和访问工具中似乎存在一个错误，即在选择LocalSTS时，它不会插入正确的issuerMetadata地址。

我做了什么ChrisPD建议，我遇到了证书链建设的小问题，因为Identity和Access工具在示例中使用的证书是自签名的，并且只能放在LocalMachine \ My商店中。因此它不被信任。我将它复制到LocalMachine \ Root存储（我用mmc控制台）并且它工作。

编辑： 我的web.config看起来像

<?xml version="1.0"?> 
<configuration> 
    <configSections> 
    <section name="system.identityModel" type="System.IdentityModel.Configuration.SystemIdentityModelSection, System.IdentityModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089" /> 
    </configSections> 
    <appSettings> 
    <add key="aspnet:UseTaskFriendlySynchronizationContext" value="true" /> 
    <add key="ida:FederationMetadataLocation" value="http://localhost:14060/wsFederationSTS/FederationMetadata/2007-06/FederationMetadata.xml" /> 
    <add key="ida:ProviderSelection" value="localSTS" /> 
    <add key="ida:EnforceIssuerValidation" value="false" /> 
    </appSettings> 
    <location path="FederationMetadata"> 
    <system.web> 
     <authorization> 
     <allow users="*" /> 
     </authorization> 
    </system.web> 
    </location> 
    <system.web> 
    <compilation debug="true" targetFramework="4.5" /> 
    <httpRuntime targetFramework="4.5" /> 
    </system.web> 
    <system.serviceModel> 
    <behaviors> 
     <serviceBehaviors> 
     <behavior> 
      <!-- To avoid disclosing metadata information, set the values below to false before deployment --> 
      <serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" /> 
      <!-- To receive exception details in faults for debugging purposes, set the value below to true. Set to false before deployment to avoid disclosing exception information --> 
      <serviceDebug includeExceptionDetailInFaults="false" /> 
      <serviceCredentials useIdentityConfiguration="true"> 
      <!--Certificate added by Identity and Access Tool for Visual Studio.--> 
      <serviceCertificate findValue="CN=localhost" storeLocation="LocalMachine" storeName="My" x509FindType="FindBySubjectDistinguishedName" /> 
      </serviceCredentials> 
     </behavior> 
     </serviceBehaviors> 
    </behaviors> 
    <protocolMapping> 
     <add scheme="http" binding="ws2007FederationHttpBinding" /> 
     <add binding="basicHttpsBinding" scheme="https" /> 
    </protocolMapping> 
    <serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" /> 
    <bindings> 
     <ws2007FederationHttpBinding> 
     <binding name=""> 
      <security mode="Message"> 
      <message> 
       <issuerMetadata address="http://localhost:14060/wsTrustSTS/mex" /> 
      </message> 
      </security> 
     </binding> 
     </ws2007FederationHttpBinding> 
    </bindings> 
    </system.serviceModel> 
    <system.webServer> 
    <modules runAllManagedModulesForAllRequests="true" /> 
    <!-- 
     To browse web app root directory during debugging, set the value below to true. 
     Set to false before deployment to avoid disclosing web app folder information. 
     --> 
    <directoryBrowse enabled="true" /> 
    </system.webServer> 
    <system.identityModel> 
    <identityConfiguration> 
     <audienceUris> 
     <add value="http://localhost:49768/Service1.svc" /> 
     </audienceUris> 
     <!--Commented by Identity and Access VS Package--> 
     <!--<issuerNameRegistry type="System.IdentityModel.Tokens.ValidatingIssuerNameRegistry, System.IdentityModel.Tokens.ValidatingIssuerNameRegistry"><authority name="LocalSTS"><keys><add thumbprint="9B74CB2F320F7AAFC156E1252270B1DC01EF40D0" /></keys><validIssuers><add name="LocalSTS" /></validIssuers></authority></issuerNameRegistry>--> 
     <!--certificationValidationMode set to "None" by the the Identity and Access Tool for Visual Studio. For development purposes.--> 
     <certificateValidation certificateValidationMode="None" /> 
     <issuerNameRegistry type="System.IdentityModel.Tokens.ConfigurationBasedIssuerNameRegistry, System.IdentityModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"> 
     <trustedIssuers> 
      <add thumbprint="9B74CB2F320F7AAFC156E1252270B1DC01EF40D0" name="LocalSTS" /> 
     </trustedIssuers> 
     </issuerNameRegistry> 
    </identityConfiguration> 
    </system.identityModel> 
</configuration> 

和app.config中，如：

<?xml version="1.0" encoding="utf-8" ?> 
<configuration> 
    <startup> 
     <supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.5" /> 
    </startup> 
    <system.serviceModel> 
     <bindings> 
      <ws2007FederationHttpBinding> 
       <binding name="WS2007FederationHttpBinding_IService1"> 
        <security> 
         <message> 
          <issuer address="http://localhost:14060/wsTrustSTS/" binding="ws2007HttpBinding" 
           bindingConfiguration="http://localhost:14060/wsTrustSTS/"> 
           <identity> 
            <userPrincipalName value="ellework\ppolacko" /> 
           </identity> 
          </issuer> 
          <issuerMetadata address="http://localhost:14060/wsTrustSTS/mex" /> 
          <tokenRequestParameters> 
           <trust:SecondaryParameters xmlns:trust="http://docs.oasis-open.org/ws-sx/ws-trust/200512"> 
            <trust:KeyType xmlns:trust="http://docs.oasis-open.org/ws-sx/ws-trust/200512">http://docs.oasis-open.org/ws-sx/ws-trust/200512/SymmetricKey</trust:KeyType> 
            <trust:KeySize xmlns:trust="http://docs.oasis-open.org/ws-sx/ws-trust/200512">256</trust:KeySize> 
            <trust:KeyWrapAlgorithm xmlns:trust="http://docs.oasis-open.org/ws-sx/ws-trust/200512">http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p</trust:KeyWrapAlgorithm> 
            <trust:EncryptWith xmlns:trust="http://docs.oasis-open.org/ws-sx/ws-trust/200512">http://www.w3.org/2001/04/xmlenc#aes256-cbc</trust:EncryptWith> 
            <trust:SignWith xmlns:trust="http://docs.oasis-open.org/ws-sx/ws-trust/200512">http://www.w3.org/2000/09/xmldsig#hmac-sha1</trust:SignWith> 
            <trust:CanonicalizationAlgorithm xmlns:trust="http://docs.oasis-open.org/ws-sx/ws-trust/200512">http://www.w3.org/2001/10/xml-exc-c14n#</trust:CanonicalizationAlgorithm> 
            <trust:EncryptionAlgorithm xmlns:trust="http://docs.oasis-open.org/ws-sx/ws-trust/200512">http://www.w3.org/2001/04/xmlenc#aes256-cbc</trust:EncryptionAlgorithm> 
           </trust:SecondaryParameters> 
          </tokenRequestParameters> 
         </message> 
        </security> 
       </binding> 
      </ws2007FederationHttpBinding> 
      <ws2007HttpBinding> 
       <binding name="http://localhost:14060/wsTrustSTS/"> 
        <security> 
         <message establishSecurityContext="false" /> 
        </security> 
       </binding> 
      </ws2007HttpBinding> 
     </bindings> 
     <client> 
      <endpoint address="http://localhost:49768/Service1.svc" binding="ws2007FederationHttpBinding" 
       bindingConfiguration="WS2007FederationHttpBinding_IService1" 
       contract="ServiceReference1.IService1" name="WS2007FederationHttpBinding_IService1"> 
       <identity> 
        <certificate encodedValue="AwAAAAEAAAAUAAAAydG2/dJ6+Purio4Xzd3ztFWxsDUgAAAAAQAAANUBAAAwggHRMIIBOqADAgECAhB4dGIh+3ScrU79RRAyML8sMA0GCSqGSIb3DQEBBQUAMBQxEjAQBgNVBAMTCWxvY2FsaG9zdDAeFw0xMzAyMjExNTU5MDBaFw0xODAyMjEwMDAwMDBaMBQxEjAQBgNVBAMTCWxvY2FsaG9zdDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA2d2XGXk/bvHmqv0Fl3conPWldZ3U5AblUnGH8+ew7u4GnWgQ2kL1aQXDf4eGGCBd0rtkUn0cggwE1Fh9TtLQ21RuWjLpAu86xQZCgxycAfu07Axyt8CCOshbkyfW5u+PRS5vUH9nDm4eG4X5y+8NKcyTcCwCrJUBVRXNgpu1VzcCAwEAAaMkMCIwCwYDVR0PBAQDAgSwMBMGA1UdJQQMMAoGCCsGAQUFBwMBMA0GCSqGSIb3DQEBBQUAA4GBAHfckVaKBDdQML7KcQkR6gHVj4icw/uoTBdrQH7OrKEUTa9CzL6yDyTRXw2IhMU60eHD3JzVWX3HYQX2z76vZ2F0C2BAKN1xtai0uASFJE7Hfjuj9wZy7Sp8ZuJ3Xchu+OCXHW65l3iPFndRaZMGTHZOhEE2BeI1a0VEu+VSSKyx" /> 
       </identity> 
      </endpoint> 
     </client> 
    </system.serviceModel> 
</configuration>