原本測試OK的WCF,在取消IIS匿名存取,改用整合式驗證後出現以下錯誤訊息:

Security settings for this service require 'Anonymous' Authentication but it is not enabled for the IIS application that hosts this service.

爬了一下文,大致的心得是要在web.config改變安全設定。原本的設定是VS2008建立AJAX enabled WCF時自動產生的:

<system.serviceModel>
    <behaviors>
        <endpointBehaviors>
            <behavior name="WebApiAspNetAjaxBehavior">
                <enableWebScript/>
            </behavior>
        </endpointBehaviors>
    </behaviors>
    <serviceHostingEnvironment aspNetCompatibilityEnabled="true"/>
    <services>
        <service name="WebApi">
            <endpoint address="" behaviorConfiguration="WebApiAspNetAjaxBehavior" 
             binding="webHttpBinding" contract="WebApi"/>
        </service>
    </services>
</system.serviceModel>

要修改為:

<system.serviceModel>
    <behaviors>
        <endpointBehaviors>
            <behavior name="WebApiAspNetAjaxBehavior">
                <enableWebScript/>
            </behavior>
        </endpointBehaviors>
    </behaviors>
    <serviceHostingEnvironment aspNetCompatibilityEnabled="true"/>
    <services>
        <service name="WebApi">
            <endpoint address="" behaviorConfiguration="WebApiAspNetAjaxBehavior" 
              binding="webHttpBinding" contract="WebApi"
              bindingConfiguration="NTLMBinding"
              />
        </service>
    </services>
<bindings>
  <webHttpBinding>
    <binding name="NTLMBinding">
      <security mode="TransportCredentialOnly">
        <transport clientCredentialType="Windows"/>
      </security>
    </binding>
  </webHttpBinding>
</bindings>
</system.serviceModel>

醬就可以柳~~~ (羞昂風)


Comments

# by Alfred

哈哈,看到羞昂我忍不住大笑 在上班耶,嗯湯啊嗯湯~

# by chunwaitam

我也是用這個方法... 但每當我的js file 呼叫wcf裏的方法時 它每次也會有兩個http request 第一個的回傳是HTTP/1.1 401 Unauthorized 而第二個的回傳是正常 請問大哥有遇到這問題嗎? 如有,請問你知道怎樣解決嗎

# by Jeffrey

to chunwaitam, 第一次IIS傳回401告知Browser需要驗證,第二次Browser送出夾帶身份驗證的Request,這算是正常的HTTP互動過程。

# by chunwaitam

o...thanks jeffrey 其實browse每1.5秒就要呼叫wcf... 請問有沒有方法在第一次呼叫時就把身份驗證夾在request裏? 因為network team 投訴我的application 佔用了很多bandwidth...

Post a comment