I have a very specific problem with a WCF service I'm using:
我使用的WCF服务有一个非常具体的问题:
I have an ASP.NET page with 2 dropdowns:
我有一个ASP。有2个下拉的网页:
- The first one is populated from the ASP.NET code behind.
- 第一个是从ASP中填充的。NET代码后面。
- The other one is populated from a WCF service via a jQuery ajax call.
- 另一个是通过jQuery ajax调用从WCF服务中填充的。
Both of them use impersonation to go to the SQL Server database as the logged in user. This works well with all our customers, except for 1 environment. There I'm getting the following exception when trying to call the database from the WCF service:
它们都使用模拟来作为登录用户访问SQL Server数据库。除了1个环*,这对我们所有的客户都很有效。在这里,当我试图从WCF服务调用数据库时,会遇到以下异常:
"Login failed for user 'NT AUTHORITY\\ANONYMOUS LOGON'.","StackTrace":"
at System.Data.SqlClient.SqlInternalConnection.OnError(SqlException exception, Boolean breakConnection)\u000d\u000a
at System.Data.SqlClient.TdsParser.ThrowExceptionAndWarning(TdsParserStateObject stateObj)\u000d\u000a
at System.Data.SqlClient.TdsParser.Run(RunBehavior runBehavior, SqlCommand cmdHandler, SqlDataReader dataStream, BulkCopySimpleResultSet bulkCopyHandler, TdsParserStateObject stateObj)\u000d\u000a
at System.Data.SqlClient.SqlInternalConnectionTds.CompleteLogin(Boolean enlistOK)\u000d\u000a
at System.Data.SqlClient.SqlInternalConnectionTds.AttemptOneLogin(ServerInfo serverInfo, String newPassword, Boolean ignoreSniOpenTimeout, Int64 timerExpire, SqlConnection owningObject)\u000d\u000a
...
It seems that for some reason the WCF service is using the anonymous account to access the database, although the call from the ASP.NET code behind still works as expected and uses the expected account to access the database. The connection string uses Integrated Security=SSPI. It must be some environment specific configuration we are missing, but I can't see what exactly as the delegation and impersonation works directly from ASP.NET.
似乎由于某种原因,WCF服务正在使用匿名帐户访问数据库,尽管来自ASP的调用。NET代码仍然按预期运行,并使用预期的帐户访问数据库。连接字符串使用集成安全性=SSPI。它一定是我们缺少的一些特定于环境的配置,但是我看不出授权和模拟是如何直接从ASP.NET工作的。
Does anyone know what the problem might be?
有人知道问题是什么吗?
EDIT: The system.servicemodel section:
编辑:系统。servicemodel部分:
<system.serviceModel>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true"/>
<bindings>
<webHttpBinding>
<binding name="ServiceWebBindingName">
<security mode="TransportCredentialOnly">
<transport clientCredentialType="Windows"></transport>
</security>
</binding>
</webHttpBinding>
</bindings>
<behaviors>
<endpointBehaviors>
<behavior name="HistoryReportingEndpointBehavior">
<enableWebScript />
</behavior>
</endpointBehaviors>
<serviceBehaviors>
<behavior name="HistoryReportingServiceBehavior">
<serviceMetadata httpGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
<serviceAuthorization principalPermissionMode="UseAspNetRoles" impersonateCallerForAllOperations="true" />
</behavior>
</serviceBehaviors>
</behaviors>
<services>
<service behaviorConfiguration="HistoryReportingServiceBehavior" name="ServiceLibrary.HistoryReporting">
<endpoint address="" behaviorConfiguration="HistoryReportingEndpointBehavior" binding="webHttpBinding" bindingConfiguration="ServiceWebBindingName" name="HistoryReportingWebEndPoint" contract="ServiceLibrary.IHistoryReporting" />
</service>
</services>
</system.serviceModel>
1 个解决方案
#1
0
The error that you are getting is likely because the IIS Application Pool that your web application is using is running under an account that doesn't have SQL Server privileges. Change the Application Pool Account to one that can access SQL Server and the problem should go away.
您所得到的错误可能是因为您的web应用程序正在使用的IIS应用程序池是在没有SQL Server特权的帐户下运行的。将应用程序池帐户更改为可以访问SQL Server的帐户,问题应该会消失。
#1
0
The error that you are getting is likely because the IIS Application Pool that your web application is using is running under an account that doesn't have SQL Server privileges. Change the Application Pool Account to one that can access SQL Server and the problem should go away.
您所得到的错误可能是因为您的web应用程序正在使用的IIS应用程序池是在没有SQL Server特权的帐户下运行的。将应用程序池帐户更改为可以访问SQL Server的帐户,问题应该会消失。