问题
I have a duplex WCF, it work perfect in local host (connect my application to this WCF when it run locally).
Now I tried to hosted it in my IIS (Server 2008 R2 standard), I create a windows account "GOD", and an application poll in IIS using the "GOD" identity.
I can access this WCF from my pc (other than the server) from web browser and see the XML of the contract, (click on the link inside the page displayed)
When try to access from my application I get the exception:
Client is unable to finish the security negotiation within the configured timeout (00:00:00). The current negotiation leg is 1 (00:00:00).
Again when the WCF run locally my app work OK.
I tried to use the trace but all I successful to see is the exception about the time out.
My app.config is:
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<system.diagnostics>
<sources>
<source name="System.ServiceModel" switchValue="Information, ActivityTracing" propagateActivity="true">
<listeners>
<add name="traceListener" type="System.Diagnostics.XmlWriterTraceListener" initializeData="c:\log\Traces.svclog"/>
</listeners>
</source>
</sources>
</system.diagnostics>
<system.serviceModel>
<bindings>
<wsDualHttpBinding>
<binding name="WSDualHttpBinding_I_BridgeWCFService" closeTimeout="00:01:00"
openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00"
bypassProxyOnLocal="false" transactionFlow="false" hostNameComparisonMode="StrongWildcard"
maxBufferPoolSize="2147483646" maxReceivedMessageSize="2147483646"
messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true">
<readerQuotas maxDepth="256" maxStringContentLength="2147483646"
maxArrayLength="2147483646" maxBytesPerRead="2147483646" maxNameTableCharCount="2147483646" />
<reliableSession ordered="true" inactivityTimeout="01:10:00" />
<security mode="Message" />
</binding>
</wsDualHttpBinding>
</bindings>
<client>
<endpoint address="http://win-jj/_Bridge1/_BridgeWcfService.svc"
binding="wsDualHttpBinding" bindingConfiguration="WSDualHttpBinding_I_BridgeWCFService"
contract="_BridgeWcfServiceReference.I_BridgeWCFService"
name="WSDualHttpBinding_I_BridgeWCFService">
<identity>
<dns value="localhost"/>
</identity>
</endpoint>
</client>
</system.serviceModel>
<startup>
<supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.0,Profile=Client"/>
</startup>
</configuration>
I also tried to change the identity section above to: <userPrincipalName value="GOD" />, but then I got another exception.
My service config file: web.config:
<?xml version="1.0"?>
<configuration>
<system.serviceModel>
<bindings>
<wsDualHttpBinding>
<binding name="WSDualHttpBinding_I_BridgeWCFService" closeTimeout="01:01:00" openTimeout="01:01:00" receiveTimeout="01:10:00" sendTimeout="01:01:00" bypassProxyOnLocal="false" transactionFlow="false" hostNameComparisonMode="StrongWildcard" maxBufferPoolSize="2147483646" maxReceivedMessageSize="2147483646" messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true">
<readerQuotas maxDepth="256" maxStringContentLength="2147483646" maxArrayLength="2147483646" maxBytesPerRead="2147483646" maxNameTableCharCount="2147483646"/>
<reliableSession ordered="true" inactivityTimeout="01:10:00"/>
<security mode="Message">
<message clientCredentialType="Windows" negotiateServiceCredential="true" algorithmSuite="Default"/>
</security>
</binding>
</wsDualHttpBinding>
</bindings>
<services>
<service behaviorConfiguration="_BridgeNameSpace.Service1Behavior" name="_BridgeNameSpace._BridgeWCFService">
<endpoint address="" binding="wsDualHttpBinding" bindingConfiguration="WSDualHttpBinding_I_BridgeWCFService" contract="_BridgeNameSpace.I_BridgeWCFService">
<identity>
<userPrincipalName value="GOD" />
</identity>
</endpoint>
<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange"/>
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="_BridgeNameSpace.Service1Behavior">
<!-- To avoid disclosing metadata information, set the value below to false and remove the metadata endpoint above before deployment -->
<serviceMetadata httpGetEnabled="true"/>
<dataContractSerializer maxItemsInObjectGraph="2147483647"/>
<!-- To receive exception details in faults for debugging purposes, set the value below to true. Set to false before deployment to avoid disclosing exception information -->
<serviceDebug includeExceptionDetailInFaults="false"/>
</behavior>
</serviceBehaviors>
</behaviors>
</system.serviceModel>
<system.web>
<compilation debug="true"/>
</system.web>
</configuration>
I also tried to change the identity section above to: <dns value="localhost"/>, but nothing change
I connect to my service in my application as following:
MyServiceClientProxy Proxy = null;
MyCallbackProxy myCallbackProxy = null;
myCallbackProxy = new MyCallbackProxy();
InstanceContext cntx = new InstanceContext(myCallbackProxy);
Proxy = new MyServiceClientProxy(cntx, "WSDualHttpBinding_I_BridgeWCFService");
Proxy.ClientCredentials.Windows.ClientCredential.UserName = "GOD";
Proxy.ClientCredentials.Windows.ClientCredential.Password = "yy";
try
{
Proxy.Open();
}
catch { return; }
BTW, when tried to change the security to '' got the following exception (wither or not use the ClientCredential.Username&Password as the code above):
The open operation did not complete within the allotted timeout of 00:00:59.1689524. The time allotted to this operation may have been a portion of a longer timeout.
ANY IDEA ?, PLS help!
回答1:
wsDualHttpBinding tries to open a connection from server to client which will be blocked by firewalls
My advice would be to switch to netTcpBinding - its much simpler for duplex messaging as I blogged here
来源:https://stackoverflow.com/questions/8955513/wcf-duplex-client-is-unable-to-finish-the-security-negotiation-within-the-conf