1

以下のように、カスタム バインディングにセキュリティを設定します。

var lSecurity = lCustomBinding.Elements.Find<TransportSecurityBindingElement>();
                lSecurity.LocalClientSettings.DetectReplays = false;
                lSecurity.LocalServiceSettings.DetectReplays = false;
                lSecurity.LocalClientSettings.TimestampValidityDuration = TimeSpan.FromDays(7);
                lSecurity.LocalServiceSettings.TimestampValidityDuration = TimeSpan.FromDays(7);
                lSecurity.LocalClientSettings.MaxClockSkew = TimeSpan.FromDays(7);
                lSecurity.LocalServiceSettings.MaxClockSkew = TimeSpan.FromDays(7);

ここで、クライアントを現在から 7 日前に戻して上記をテストすると、機能することがわかりました。ただし、クライアントを 9 時間以上先に設定すると、例外が発生します。

私たちが見つけた唯一のものは、別のスレッドの最後にあるあいまいな参照でした:

http://social.msdn.microsoft.com/Forums/en/wcf/thread/7c3a7a7e-b9a5-4198-9a29-c6d4e408d36d

誰にもアイデアはありますか?

更新: 取得した例外が以下に追加されました。サーバーがクライアント メッセージを拒否したようです。

System.ServiceModel.Security.MessageSecurityException occurred
  Message=An unsecured or incorrectly secured fault was received from the other party. See the inner FaultException for the fault code and detail.
  Source=mscorlib
  StackTrace:
    Server stack trace: 
       at System.ServiceModel.Channels.SecurityChannelFactory`1.SecurityRequestChannel.ProcessReply(Message reply, SecurityProtocolCorrelationState correlationState, TimeSpan timeout)
       at System.ServiceModel.Channels.SecurityChannelFactory`1.SecurityRequestChannel.Request(Message message, TimeSpan timeout)
       at System.ServiceModel.Security.SecuritySessionSecurityTokenProvider.DoOperation(SecuritySessionOperation operation, EndpointAddress target, Uri via, SecurityToken currentToken, TimeSpan timeout)
       at System.ServiceModel.Security.SecuritySessionSecurityTokenProvider.RenewTokenCore(TimeSpan timeout, SecurityToken tokenToBeRenewed)
       at System.IdentityModel.Selectors.SecurityTokenProvider.RenewToken(TimeSpan timeout, SecurityToken tokenToBeRenewed)
       at System.ServiceModel.Security.SecuritySessionClientSettings`1.ClientSecuritySessionChannel.RenewKey(TimeSpan timeout)
       at System.ServiceModel.Security.SecuritySessionClientSettings`1.ClientSecuritySessionChannel.SecureOutgoingMessage(Message& message, TimeSpan timeout)
       at System.ServiceModel.Security.SecuritySessionClientSettings`1.ClientSecurityDuplexSessionChannel.Send(Message message, TimeSpan timeout)
       at System.ServiceModel.Channels.ClientReliableChannelBinder`1.DuplexClientReliableChannelBinder`1.OnSend(TDuplexChannel channel, Message message, TimeSpan timeout)
       at System.ServiceModel.Channels.ReliableChannelBinder`1.Send(Message message, TimeSpan timeout, MaskingMode maskingMode)
       at System.ServiceModel.Channels.SendReceiveReliableRequestor.OnRequest(Message request, TimeSpan timeout, Boolean last)
       at System.ServiceModel.Channels.ReliableRequestor.Request(TimeSpan timeout)
       at System.ServiceModel.Channels.ClientReliableSession.Open(TimeSpan timeout)
       at System.ServiceModel.Channels.ClientReliableDuplexSessionChannel.OnOpen(TimeSpan timeout)
       at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)
       at System.ServiceModel.Channels.ServiceChannel.OnOpen(TimeSpan timeout)
       at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)
       at System.ServiceModel.Channels.ServiceChannel.CallOpenOnce.System.ServiceModel.Channels.ServiceChannel.ICallOnce.Call(ServiceChannel channel, TimeSpan timeout)
       at System.ServiceModel.Channels.ServiceChannel.CallOnceManager.CallOnce(TimeSpan timeout, CallOnceManager cascade)
       at System.ServiceModel.Channels.ServiceChannel.EnsureOpened(TimeSpan timeout)
       at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)
       at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)
       at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)
    Exception rethrown at [0]: 
       at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)
       at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
       at CompuLoan.Maintenance.IMaintenanceService.IsLicensed(String pHardwareId, Boolean pUseLicense)
       at CompuLoan.Maintenance.MaintenanceServiceClient.IsLicensed(String pHardwareId, Boolean pUseLicense) in C:\Development\compuloan\Source\CompuLoan\Service References\Maintenance\Reference.cs:line 5156
       at CompuLoan.App.IsLicensed(Boolean pUseLicense) in C:\Development\compuloan\Source\CompuLoan\App.xaml.cs:line 365
  InnerException: System.ServiceModel.FaultException
       Message=The security context token is expired or is not valid. The message was not processed.
       InnerException:
4

1 に答える 1

1

これはセッション キーの有効期限であり、タイムスタンプとは異なります。たとえば、 EstablishSecurityContext をオフにする (または CreateSecureConversationSecurity を使用しない) 場合、この例外は発生しません。

それ以外の場合は、InactivityTimeout、IssuedCookieLifetime、NegotiationTimeout、SessionKeyRenewalInterval、SessionKeyRolloverInterval などの追加の値を増やしてみてください。

サーバーで WCF トレースをオンにして、エラーの正確なスタック トレースを確認すると、正確なプロパティにドリルダウンできる可能性があります。

于 2012-05-10T11:10:43.050 に答える