通过负载均衡器连接到同一服务器的 WCF 服务时出现身份验证错误

tag-icon tag-icon networking windows-server-2008-r2 load-balancing wcf
通过负载均衡器连接到同一服务器的 WCF 服务时出现身份验证错误

我有 2 台服务器。每台服务器都安装了一个 WCF 服务。客户端通过负载均衡器连接到服务。负载均衡器将请求分发到这 2 台服务器。当负载均衡器将请求重定向到客户端所在的同一台服务器时,会发生安全错误。当负载均衡器将请求重定向到另一台服务器时,一切正常。错误:

System.ServiceModel.Security.SecurityNegotiationException: The server has rejected the client credentials.
 ---> System.Security.Authentication.InvalidCredentialException: The server has rejected the client credentials.
 ---> System.ComponentModel.Win32Exception: The logon attempt failed
 --- End of inner exception stack trace ---
   at System.Net.Security.NegoState.EndProcessAuthentication(IAsyncResult result)
   at System.ServiceModel.Channels.WindowsStreamSecurityUpgradeProvider.WindowsStreamSecurityUpgradeInitiator.InitiateUpgradeAsyncResult.OnCompleteAuthenticateAsClient(IAsyncResult result)
   at System.ServiceModel.Channels.StreamSecurityUpgradeInitiatorAsyncResult.CompleteAuthenticateAsClient(IAsyncResult result)
   --- End of inner exception stack trace ---
   at System.Runtime.AsyncResult.End[TAsyncResult](IAsyncResult result)
   at System.ServiceModel.Channels.ServiceChannel.SendAsyncResult.End(SendAsyncResult result)
   at System.ServiceModel.Channels.ServiceChannel.EndCall(String action, Object[] outs, IAsyncResult result)
   at System.ServiceModel.Channels.ServiceChannelProxy.TaskCreator.<>c__DisplayClass7_0`1.<CreateGenericTask>b__0(IAsyncResult asyncResult)
   at System.Threading.Tasks.TaskFactory`1.FromAsyncCoreLogic(IAsyncResult iar, Func`2 endFunction, Action`1 endAction, Task`1 promise, Boolean requiresSynchronization)
--- End of stack trace from previous location where exception was thrown ---
   at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task

配置如下:

<binding name="bindingName"
         receiveTimeout="02:00:00"
         sendTimeout="02:00:00"
         maxBufferPoolSize="1524288"
         maxReceivedMessageSize="20553600">
  <readerQuotas maxArrayLength="1024000000" />
  <security mode="Transport">
    <transport clientCredentialType="Windows" protectionLevel="EncryptAndSign" />
    <message clientCredentialType="Windows" />
  </security>
</binding>

<endpoint
    address="net.tcp://localhost:5555/endpoint"
    binding="netTcpBinding"
    bindingConfiguration="bindingName"
    contract="IContract">
    <identity>
        <dns />
    </identity> 
</endpoint>

<behavior name="behaviorName">
  <serviceMetadata httpGetEnabled="False"/>
  <serviceDebug includeExceptionDetailInFaults="False"/>
      <serviceThrottling maxConcurrentCalls="128000"
                     maxConcurrentSessions="128000"
                     maxConcurrentInstances="128000" />
</behavior>

相关内容