发表新帖
发表新帖

The HTTP request was forbidden with client authentication scheme 'Anonymous'. The remote server returned an error: (403) Forbidden

前端 未结
关注
5 1400
囚心锁ツ
囚心锁ツ 2020-12-31 09:45

I am trying to create a secure webservice.

Here is the contract and service implementation

[ServiceContract()]
public interface ICalculatorService
{
相关标签:
5条回答
  • 佛祖请我去吃肉
    2020-12-31 10:02

    Another reason for this is the certificate itself on the server you are hitting. Ensure you have imported the PRIVATE KEY. In MMC this will show up with a "Friendly Name". This took me days to figure out. Once I imported the private key the Anonymous error went away and all was well!

    0 讨论(0)
  • 伪装坚强ぢ
    2020-12-31 10:16

    We had this error message, and for us the solution was that Handler Mappings feature permissions had not been enabled for Script. You can enable this in IIS under Handler Mappings > Edit Feature Permissions, or by adding Script to the accessPolicy attribute of the handlers node in your web.config:

    <system.webServer>
  <handlers accessPolicy="Script">
    ...
  </handlers>
</system.webServer>
    0 讨论(0)
  • 情话喂你
    2020-12-31 10:18

    I had this kind of error. The certificate was a sub-domain wild card one. I had to import the private key into "Trusted People" store for LocalMachine and this error disappeared. Like others have pointed out, you can also try importing the private key into "Trusted Root" store for LocalMachine.

    0 讨论(0)
  • 佛祖请我去吃肉
    2020-12-31 10:19

    If you run self hosted WCF service (without IIS) you can enable anonymous clients just by adding to the config file (in server) the next settings:

    <behaviors>
    <serviceBehaviors>
        <behavior name="limitedAuthBehavior">
            <serviceAuthenticationManager authenticationSchemes="Anonymous, Basic, Digest, Negotiate"/>
            <!-- ... -->
        </behavior>
    </serviceBehaviors>
</behaviors>

    Also, set clientCredentialType to "InheritedFromHost":

    <bindings>
      <basicHttpBinding>
        <binding name="secureBinding">
          <security mode="Transport">
            <transport clientCredentialType="InheritedFromHost" />
          </security>
        </binding>
      </basicHttpBinding>
</bindings>

    References:

    Using Multiple Authentication Schemes with WCF

    Understanding HTTP Authentication

    0 讨论(0)
  • 说谎
    2020-12-31 10:25

    When you host WCF service in IIS with security type transport and client credential type certificate, put your client certificate on Root store and enable anonymous authentication in IIS. Enable anonymous authentication in IIS. But most importantly, add your certificate to root store.

    0 讨论(0)
 看不清?
提交回复
热议问题