WCF-找不到X509SecurityToken的令牌验证器traceviewer查看服务器响应的点。但是,我不断收到.NET的异常:找不到“System.IdentityModel.Tokens.X509SecurityToken”令牌类型的令牌身份验证器。根据当前的安全设置,无法接受该类型的令牌。我的app.config看起来像这样(用占位符替换了Thumbprints):>现在,我已经尝试了有关此异常的所有方法。将authenticationMode设置为MutualCertificate:服务器响应404设置allowSerializedSigningTokenOnReply:无更改来自服务器的响应包含:我可以在其他地方添加x508SecurityToken处理程序吗?忽略此错误(这样做是否安全)异常堆栈跟踪:服务器堆栈跟踪:在System.ServiceModel。Security.ReceiveSecurityHeader.ReadToken(XmlReader阅读器,SecurityTokenResolvertokenResolver,IList`1allowedTokenAuthenticators,SecurityTokenAuthenticator&usedTokenAuthenticator)在System.ServiceModel.Security.ReceiveSecurityHeader.ReadToken(XmlDictionaryReader阅读器,Int32位置,Byte[]decryptedBuffer,SecurityTokenencryptionToken,StringidInEncryptedForm)在System.ServiceModel.Security.ReceiveSecurityHeader.ExecuteFullPass(XmlDictionaryReader阅读器)在System.ServiceModel.Security.StrictModeSecurityHeaderElementInferenceEngine.ExecuteProcessingPasses(ReceiveSecurityHeadersecurityHeader,XmlDictionaryReader阅读器)在System.ServiceModel.Security.ReceiveSecurityHeadSecurityHeadut,ChannelBindingchannelBinding,ExtendedProtectionPolicyextendedProtectionPolicy)在System.ServiceModel.Security.TransportSecurityProtocol.VerifyIncomingMessageCore(Message&message,TimeSpantimeout)在System.ServiceModel.Security.TransportSecurityProtocol.VerifyIncomingMessage(Message&message,TimeSpantimeout)在System.ServiceModel.Security.SecurityProtocol.VerifyIncomingMessage(消息和消息,TimeSpan超时,SecurityProtocolCorrelationState[]correlationStates)在System.ServiceModel.Channels.SecurityChannelFactory`1.SecurityRequestChannel.ProcessReply(消息回复,SecurityProtocolCorrelationStatecorrelationState,TimeSpan超时)在System.ServiceModel.Channels.SecurityChannelFactory`1.SecurityRequestChannelSystem.ServiceModel.Channels.ServiceChannel.Call(字符串操作,System.ServiceModel.Dispatcher.RequestChannelBinder.Request(消息消息,TimeSpan超时)System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage方法调用,ProxyOperationRuntime操作)在System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage消息)以上是否意味着它是服务器端?我找到了解决方案:将authenticationMode="CertificateOverTransport"更改为authenticationMode="MutualCertificate"使用MessageSecurityVersion.WSSecurity10WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10在生成的客户端中,将ProtectionLevel.SecurityProfile10添加到主体中以避免加密。我还没有完全通过,但我认为它只是从提供商那里获得了正确的证书。对于其他人,以下是我创建代理的方法:varbinding=newBasicHttpsBinding();binding.Security.Transport.ClientCredentialType=HttpClientCredentialType.Certificate;varaddress=newEndpointAddress(newUri("https://xxx/yyy/someService/"));binding.Security.Message.ClientCredentialType=BasicHttpMessageCredentialType.Certificate;varsecurityElement=SecurityBindingElement.CreateMutualCertificateBindingElement(MessageSecurityVersion.WSSecurity10WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10,真);securityElement.IncludeTimestamp=true;varcustomBinding=newCustomBinding(绑定);customBinding.Elements.Insert(0,securityElement);varclient=newReportGasClient(customBinding,address);client.ClientCredentials.ClientCertificate.SetCertificate(StoreLocation.CurrentUser,StoreName.My,X509FindType.FindByThumbprint,"BCC3929F9C115D4BCA1C697E2557B7FC7D6C8C8C");客户端.ClientCredentials.ServiceCertificate.Authentication.CertificateValidationMode=X509CertificateValidationMode.None;client.ClientCredentials.ServiceCertificate.SetDefaultCertificate(StoreLocation.CurrentUser,StoreName.TrustedPeople,X509FindType.FindByThumbprint,"87C3B5EE3913937459D2FFBF105ADBD1A578E823");请注意我只在沙箱环境中将ValidationMode设置为None这绝对不应该在生产中使用。你的findValue属性值都不正确。您应该在app.config中为相应的客户端证书添加特定的指纹值。您可以通过证书MMC加载项查看证书指纹值。我还要仔细检查客户端X509证书是否正常,只需要服务器端操作。以上就是C#学习教程:WCF-找不到X509SecurityToken的tokenvalidator全部内容分享。如果对你有用,需要进一步了解C#学习教程,希望大家多多关注。本文来自网络收集,不代表侵权,请点击右边联系管理员删除。如需转载请注明出处:
