iis7 wcf：在本地计算机上我得到401 - 未经授权：由于凭据无效导致访问被拒绝

我是新来的Web服务，我有以下问题。我有一个在IIS 7.5和Windows 2008 R2上以Windows身份验证模式运行的WCF服务。当我直接从IIS机器调用它时它工作的很好。但是，当我尝试从本地计算机调用服务，然后我得到以下错误：401 - 未经授权：由于凭据无效，访问被拒绝。iis7 wcf：在本地计算机上我得到401 - 未经授权：由于凭据无效导致访问被拒绝

该服务在本地计算机上工作了几天，并突然停止（我不确定，但有可能某些配置已更改）。

我直接从IEXPLORER上门服务：http://serveriis/ssopension/service.svc

的web.config：

<?xml version="1.0" encoding="UTF-8"?> 
<configuration> 

    <connectionStrings configProtectionProvider="RsaProtectedConfigurationProvider"> 
    <EncryptedData Type="http://www.w3.org/2001/04/xmlenc#Element" xmlns="http://www.w3.org/2001/04/xmlenc#"> 
     <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc" /> 
     <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#"> 
     <EncryptedKey xmlns="http://www.w3.org/2001/04/xmlenc#"> 
      <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5" /> 
      <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#"> 
      <KeyName>Rsa Key</KeyName> 
      </KeyInfo> 
      <CipherData> 
      <CipherValue>O8jBoF9YUW3sZtSN+L/Xxhzss=</CipherValue> 
      </CipherData> 
     </EncryptedKey> 
     </KeyInfo> 
     <CipherData> 
     <CipherValue>C+EeTszivHho8Ujk2oIQ==</CipherValue> 
     </CipherData> 
    </EncryptedData> 
    </connectionStrings> 


<system.web> 
    <compilation targetFramework="4.0" /> 

    <authentication mode="Windows" /> 

    <pages controlRenderingCompatibilityVersion="3.5" clientIDMode="AutoID" /> 
    </system.web> 

    <system.serviceModel> 

    <bindings> 
     <basicHttpBinding> 
     <binding name="BasicHttpEndpointBinding"> 
      <security mode="TransportCredentialOnly"> 
      <transport clientCredentialType="Windows" /> 
      </security> 
     </binding> 
     </basicHttpBinding> 
    </bindings> 

    <services> 
     <service behaviorConfiguration="SSO_Pension.ServiceBehavior" name="SSO_Pension.Service"> 
     <endpoint address="" binding="basicHttpBinding" bindingConfiguration="BasicHttpEndpointBinding" name="BasicHttpEndpoint" contract="SSO_Pension.IService"> 
      <identity> 
      <dns value="localhost" /> 
      </identity> 
     </endpoint> 

     </service> 
    </services> 

    <behaviors> 
     <serviceBehaviors> 
     <behavior name="SSO_Pension.ServiceBehavior"> 
      <!-- To avoid disclosing metadata information, set the value below to false and remove the metadata endpoint above before deployment --> 
      <serviceMetadata httpGetEnabled="true" /> 
      <!-- To receive exception details in faults for debugging purposes, set the value below to true. Set to false before deployment to avoid disclosing exception information --> 
      <serviceDebug includeExceptionDetailInFaults="false" /> 
     </behavior> 
     </serviceBehaviors> 
    </behaviors> 

    </system.serviceModel> 


    <system.webServer> 
     <defaultDocument> 
      <files> 
       <add value="Service.svc" /> 
      </files> 
     </defaultDocument> 
    </system.webServer> 

</configuration>

来源

2012-07-10 scar80

您是否确定登录您的本地计算机可以访问WCF服务？ – Rajesh 2012-07-10 11:33:06

当我登录到本地计算机时，我可以访问IIS服务器上的共享，并且可以读取和写入以与WCF服务共享。 – scar80 2012-07-10 12:57:00

与运行尝试访问WCF服务的客户端应用程序的用户是否相同？还要确保在IIS上启用了Windows身份验证 – Rajesh 2012-07-10 13:33:26

我找到了解决办法上 http://social.technet.microsoft.com/Forums/en-US/winserversecurity/thread/c9239a89-fbee-4adc-b72f-7a6a9648331f/

To whoever this may help, this saved my life...

IIS 7 was difficult for figuring out why i was getting the 401 - Unauthorized: Access is denied due to invalid credentials... until i did this...

1.) Open iis and select the website that is causing the 401

2.) Open the "Authentication" property under the "IIS" header

3.) Click the "Windows Authentication" item and click "Providers"

4.) For me the issue was that Negotiate was above NTLM. I assume that there was some kind of handshake going on behind the scenes, but i was never really authenticated. I moved the NTLM to the top most spot, and BAM that fixed it.

来源

2012-07-11 07:06:39 scar80

我对此持怀疑态度，但它对我所处的环境有效，谢谢。 – ROFLwTIME 2012-09-18 17:49:58