java 错误 403:禁止。客户端身份验证方案“匿名”禁止 HTTP 请求
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/1820995/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Error 403: Forbidden. The HTTP request was forbidden with client authentication scheme 'Anonymous'
提问by Bernard
I'm getting this error when calling a java web service. I'm using the same source as the rest of my team and they're all able to call it no problem? This is the stack trace:
调用 Java Web 服务时出现此错误。我和我团队的其他成员使用相同的来源,他们都可以称之为没问题吗?这是堆栈跟踪:
30 Nov 2009 16:38:50,970 [4] ERROR - Error calling web service: System.ServiceModel.Security.MessageSecurityException: The HTTP request was forbidden with client authentication scheme 'Anonymous'. ---> System.Net.WebException: The remote server returned an error: (403) Forbidden.
at System.Net.HttpWebRequest.GetResponse()
at System.ServiceModel.Channels.HttpChannelFactory.HttpRequestChannel.HttpChannelRequest.WaitForReply(TimeSpan timeout)
--- End of inner exception stack trace ---
Server stack trace:
at System.ServiceModel.Channels.HttpChannelUtilities.ValidateAuthentication(HttpWebRequest request, HttpWebResponse response, WebException responseException, HttpChannelFactory factory)
at System.ServiceModel.Channels.HttpChannelUtilities.ValidateRequestReplyResponse(HttpWebRequest request, HttpWebResponse response, HttpChannelFactory factory, WebException responseException)
at System.ServiceModel.Channels.HttpChannelFactory.HttpRequestChannel.HttpChannelRequest.WaitForReply(TimeSpan timeout)
at System.ServiceModel.Channels.RequestChannel.Request(Message message, TimeSpan timeout)
at System.ServiceModel.Dispatcher.RequestChannelBinder.Request(Message message, TimeSpan timeout)
at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)
at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs)
at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)
at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)
Exception rethrown at [0]:
at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)
at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
采纳答案by AndreaG
I suppose the server side of the web service is implemented in java, but this shouldn't matter anyway.
我想 Web 服务的服务器端是用 Java 实现的,但这无论如何都无关紧要。
Maybe there is an IP-base authorization layer?
也许有一个基于 IP 的授权层?
回答by Andrzej Doyle
Get an HTTP sniffer hooked into the loop, and see what they're sending in their request compared to what you're sending. It looks like for whatever reason, your requests aren't sending appropriate authentication with them.
将 HTTP 嗅探器连接到循环中,并查看他们在请求中发送的内容与您发送的内容相比。无论出于何种原因,您的请求似乎都没有向他们发送适当的身份验证。
Note that depending on how things are set up this may not depend on your source tree and could defer to, for example, IE's Internet Settings on your machine.
请注意,根据设置的方式,这可能不取决于您的源代码树,并且可能会遵循例如您计算机上的 IE 的 Internet 设置。
回答by ZZ Coder
This error means you are make a cross-domain call but you don't have any security setup (anonymous access) in WCF transport.
此错误意味着您正在进行跨域调用,但在 WCF 传输中没有任何安全设置(匿名访问)。
Please checkout this example on how to setup certificate authentication,
请查看此示例以了解如何设置证书身份验证,
回答by srini
I have solved it.
我已经解决了。
I see that WSHttpBinding in service host is actually checking if the incoming client request certificate is present in Trusted People. So the remote certificate should present in trusted people of server.
我看到服务主机中的 WSHttpBinding 实际上正在检查传入的客户端请求证书是否存在于 Trusted People 中。因此,远程证书应存在于服务器的受信任人员中。
Or add CustomValidator and override the behavior. Good Luck
或者添加 CustomValidator 并覆盖行为。祝你好运
