解决WCF 调用方未由服务器进行身份验证或消息包含无效或过时的安全上下文令牌

时间 2019-11-10

标签解决 wcf 调用服务器进行身份验证消息包含无效过时安全上下文栏目系统安全繁體版

原文原文链接

错误描述：安全

1. WCF:调用方未由服务器进行身份验证服务器

2. 没法处理消息。这极可能是由于操做“http://tempuri.org/ISCCLSvc/GetCarriersByWareHouse”不正确，或由于消息包含无效或过时的安全上下文令牌，或由于绑定之间出现不匹配。若是因为未处于活动状态致使服务停止了该通道，则安全上下文令牌无效。若要防止服务永久停止闲置会话，请增长服务终结点绑定上的接收超时。并发

3.或并发测试时，高并发出现问题2，实际案例：公司测试部门结果是并发到50就会出现问题2错误，而且平均响应时间也会很慢app

解决后结果：ide

接口测试并发100无问题，而且平均响应时间减少5倍时间！高并发

解决方法：测试

主要修改红色文本区域spa

<system.serviceModel>
   <bindings>
      <wsHttpBinding>
        <binding name="NoneSecurity"
          maxBufferPoolSize="12000000" maxReceivedMessageSize="12000000" useDefaultWebProxy="false">
          <readerQuotas maxStringContentLength="12000000" maxArrayLength="12000000"/>
          <security mode="None"/>
        </binding>
      </wsHttpBinding>
    </bindings>调试

<services>
    <service name="WcfService2.Service1" behaviorConfiguration="WcfService2.Service1Behavior">
     
     <endpoint address="" binding="wsHttpBinding" bindingConfiguration="NoneSecurity" contract="WcfService2.IService1">
      
      <identity>
       <dns value="localhost"/>
      </identity>
     </endpoint>
     <endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange"/>
    </service>
   </services>
   <behaviors>
    <serviceBehaviors>
     <behavior name="WcfService2.Service1Behavior">
      
      <serviceMetadata httpGetEnabled="true"/>
      
      <serviceDebug includeExceptionDetailInFaults="false"/>
     </behavior>
    </serviceBehaviors>
   </behaviors>
</system.serviceModel>
</configuration>code

客户端将security配置改成<security mode="None"/>

详细错误信息：

<p></p><p>System.ServiceModel.Security.MessageSecurityException was unhandled
  Message=An unsecured or incorrectly secured fault was received from the other party. See the inner FaultException for the fault code and detail.
  Source=mscorlib
  StackTrace:
    Server stack trace: 
       at System.ServiceModel.Security.SecuritySessionClientSettings`1.SecurityRequestSessionChannel.ProcessReply(Message reply, TimeSpan timeout, SecurityProtocolCorrelationState correlationState)
       at System.ServiceModel.Security.SecuritySessionClientSettings`1.SecurityRequestSessionChannel.Request(Message message, TimeSpan timeout)
       at System.ServiceModel.Dispatcher.RequestChannelBinder.Request(Message message, TimeSpan timeout)
       at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)
       at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)
       at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)
    Exception rethrown at [0]: 
       at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)
       at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
       at ApiStressTest.SCCL.ISCCLSvc.GetCarriersByWareHouse(TransModel tm)
       at ApiStressTest.SCCL.SCCLSvcClient.GetCarriersByWareHouse(TransModel tm) in D:\SCCL\ApiTest.new\ApiStressTest\Service References\SCCL\Reference.cs:line 198
       at ApiStressTest.ServiceWrapper.ServiceAPIWrapperMethod(Object stateInfo) in D:\SCCL\ApiTest.new\ApiStressTest\SCCLProgram.cs:line 416
       at System.Threading.ThreadHelper.ThreadStart_Context(Object state)
       at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean ignoreSyncCtx)
       at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)
       at System.Threading.ThreadHelper.ThreadStart(Object obj)
  InnerException: System.ServiceModel.FaultException
       Message=没法处理消息。这极可能是由于操做“http://tempuri.org/ISCSvc/GetHouse”不正确，或由于消息包含无效或过时的安全上下文令牌，或由于绑定之间出现不匹配。若是因为未处于活动状态致使服务停止了该通道，则安全上下文令牌无效。若要防止服务永久停止闲置会话，请增长服务终结点绑定上的接收超时。
       InnerException:

</p><p>
</p>