解決WCF 調用方未由服務器進行身份驗證或消息包含無效或過時的安全上下文令牌

時間 2019-11-10

標籤解決 wcf 調用服務器進行身份驗證消息包含無效過時安全上下文欄目系統安全简体版

原文原文鏈接

錯誤描述：安全

1. WCF:調用方未由服務器進行身份驗證服務器

2. 沒法處理消息。這極可能是由於操做「http://tempuri.org/ISCCLSvc/GetCarriersByWareHouse」不正確，或由於消息包含無效或過時的安全上下文令牌，或由於綁定之間出現不匹配。若是因爲未處於活動狀態致使服務停止了該通道，則安全上下文令牌無效。若要防止服務永久停止閒置會話，請增長服務終結點綁定上的接收超時。併發

3.或併發測試時，高併發出現問題2，實際案例：公司測試部門結果是併發到50就會出現問題2錯誤，而且平均響應時間也會很慢app

解決後結果：ide

接口測試併發100無問題，而且平均響應時間減少5倍時間！高併發

解決方法：測試

主要修改紅色文本區域spa

<system.serviceModel>
   <bindings>
      <wsHttpBinding>
        <binding name="NoneSecurity"
          maxBufferPoolSize="12000000" maxReceivedMessageSize="12000000" useDefaultWebProxy="false">
          <readerQuotas maxStringContentLength="12000000" maxArrayLength="12000000"/>
          <security mode="None"/>
        </binding>
      </wsHttpBinding>
    </bindings>調試

<services>
    <service name="WcfService2.Service1" behaviorConfiguration="WcfService2.Service1Behavior">
     
     <endpoint address="" binding="wsHttpBinding" bindingConfiguration="NoneSecurity" contract="WcfService2.IService1">
      
      <identity>
       <dns value="localhost"/>
      </identity>
     </endpoint>
     <endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange"/>
    </service>
   </services>
   <behaviors>
    <serviceBehaviors>
     <behavior name="WcfService2.Service1Behavior">
      
      <serviceMetadata httpGetEnabled="true"/>
      
      <serviceDebug includeExceptionDetailInFaults="false"/>
     </behavior>
    </serviceBehaviors>
   </behaviors>
</system.serviceModel>
</configuration>code

客戶端將security配置改成<security mode="None"/>

詳細錯誤信息：

<p></p><p>System.ServiceModel.Security.MessageSecurityException was unhandled
  Message=An unsecured or incorrectly secured fault was received from the other party. See the inner FaultException for the fault code and detail.
  Source=mscorlib
  StackTrace:
    Server stack trace: 
       at System.ServiceModel.Security.SecuritySessionClientSettings`1.SecurityRequestSessionChannel.ProcessReply(Message reply, TimeSpan timeout, SecurityProtocolCorrelationState correlationState)
       at System.ServiceModel.Security.SecuritySessionClientSettings`1.SecurityRequestSessionChannel.Request(Message message, TimeSpan timeout)
       at System.ServiceModel.Dispatcher.RequestChannelBinder.Request(Message message, TimeSpan timeout)
       at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)
       at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)
       at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)
    Exception rethrown at [0]: 
       at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)
       at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
       at ApiStressTest.SCCL.ISCCLSvc.GetCarriersByWareHouse(TransModel tm)
       at ApiStressTest.SCCL.SCCLSvcClient.GetCarriersByWareHouse(TransModel tm) in D:\SCCL\ApiTest.new\ApiStressTest\Service References\SCCL\Reference.cs:line 198
       at ApiStressTest.ServiceWrapper.ServiceAPIWrapperMethod(Object stateInfo) in D:\SCCL\ApiTest.new\ApiStressTest\SCCLProgram.cs:line 416
       at System.Threading.ThreadHelper.ThreadStart_Context(Object state)
       at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean ignoreSyncCtx)
       at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)
       at System.Threading.ThreadHelper.ThreadStart(Object obj)
  InnerException: System.ServiceModel.FaultException
       Message=沒法處理消息。這極可能是由於操做「http://tempuri.org/ISCSvc/GetHouse」不正確，或由於消息包含無效或過時的安全上下文令牌，或由於綁定之間出現不匹配。若是因爲未處於活動狀態致使服務停止了該通道，則安全上下文令牌無效。若要防止服務永久停止閒置會話，請增長服務終結點綁定上的接收超時。
       InnerException:

</p><p>
</p>