azure - Azure Troubleshooting HTTP 500: Validate user in memberhsip provider is not called
问题描述
Azure log has the following error when I try to send a request to a WCF service
In the working case the validate user of the membershipprovider is called, then AfterReceiveRequest is called and finally the webservice is invoked.
But in the non-working case the validateuser is not called. It directly goes on to AfterReceiveRequest and then webservice throws an exception that it can't understand the header.
The azure application gateway routes the request to the VM. It somehow looks the header or membership provider is not being recognized. SSL is managed at the gateway level.
<behaviors>
<serviceBehaviors>
<behavior name="DefaultBehavior">
<serviceMetadata httpGetEnabled ="true" httpsGetEnabled ="true" />
<serviceDebug httpHelpPageEnabled="true" includeExceptionDetailInFaults="true" />
<serviceCredentials>
<userNameAuthentication userNamePasswordValidationMode="Custom" customUserNamePasswordValidatorType="IDServices.CustomMembershipProvider,IDServices"/>
</serviceCredentials>
<useRequestHeadersForMetadataAddress />
</behavior>
<behavior name="">
<serviceMetadata httpGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="false" />
</behavior>
</serviceBehaviors>
<endpointBehaviors>
<behavior name="endbehavior1">
<dataContractSerializer maxItemsInObjectGraph="2147483647" />
</behavior>
</endpointBehaviors>
</behaviors>
{ "timeStamp": "2019-03-11T16:18:29+00:00",
"resourceId": "/SUBSCRIPTIONS/245CA15E-8C11-4F4C-B6D7-9F3E8EC5943F/RESOURCEGROUPS/JXCHANGERG/PROVIDERS/MICROSOFT.NETWORK/APPLICATIONGATEWAYS/JHAAPPGW",
"operationName": "ApplicationGatewayAccess", "category": "ApplicationGatewayAccessLog", "properties":
{"instanceId":"appgw_0","clientIP":"009.04.06.009","clientPort":"65374","httpMethod":"POST","requestUri":"/PImage.svc","requestQuery":"",
"userAgent":"Apache-HttpClient/4.1.1 (java 1.5)","httpStatus":"500","httpVersion":"HTTP/1.1","receivedBytes":"2638","sentBytes":"917","timeTaken":"0.018","sslEnabled":"on",
"sslCipher":"ECDHE-RSA-AES256-GCM-SHA384","sslProtocol":"TLSv1.2","serverRouted":"40.124.51.221:80","serverStatus":"500","serverResponseLatency":"0.016","host":"jt.inaresecure.com"},
"time": "2019-03-11T16:18:29.0000000Z"}
Can anyone help me with what could be the problem. Is the request failing on the server? All I get is a Security header fault. The code works on every other machine and server except this VM on azure. The request uses the application gateway to route to the VM where the WCF service is hosted on SSL
<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/">
<s:Body>
<s:Fault>
<faultcode>s:MustUnderstand</faultcode>
<faultstring xml:lang="en-US">The header 'Security' from the namespace 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd' was not understood by the recipient of this message, causing the message to not be processed. This error typically indicates that the sender of this message has enabled a communication protocol that the receiver cannot process. Please ensure that the configuration of the client's binding is consistent with the service's binding.</faultstring>
</s:Fault>
</s:Body>
</s:Envelope>
This is the IIS log for the same call probably a different time because of my request
The request is set up to Use SSL. Why does it have 80 in the log? Is it not doing a SSL request? This is a request from SOAP UI
2019-03-11 17:27:44 10.0.0.4 POST /PCServices/2019/MySerivce.svc - 80 - 20.45.4.43 Apache-HttpClient/4.1.1+(java+1.5) - 500 0 0 1468
解决方案
可能是 HTTP 请求失败的原因。如果您从 HTTPS 调用和向 HTTPS 调用,则身份验证会自动完成。但是您必须在 HTTP 请求中强制进行身份验证。
if (HttpContext.Current.Request.Url.Scheme.ToUpper().Equals("HTTP"))
{
CustomMembershipProvider auth = new CustomMembershipProvider();
auth.Validate(Username,Pswd);
}
推荐阅读
- ruby-on-rails - 按属性搜索时重定向到模型对象的“显示”视图(非 ID)
- ruby-on-rails - 如何从我的 rspec 测试中访问“请求”和“会话”对象?
- javascript - ReactJS,试图从 JIRA 的 REST API 获取 JSON 数据,但无法这样做。
- c# - 无法从 Paypal IPN 获取 Context.Request 参数
- java - 通过 xpath 获取特定类的最后添加元素到 DOM
- python - 在 Multiindex pandas DataFrame 中追加到级别
- bash - 在bash中批量更改多个文件名并保存输出
- powershell - 无法按部门属性搜索
- ios - Adobe AIR 中的 iOS 通用链接 - 文档?
- angular - 瑞德创 &