azure - Azure Troubleshooting HTTP 500: Validate user in memberhsip provider is not called

问题描述

Azure log has the following error when I try to send a request to a WCF service

In the working case the validate user of the membershipprovider is called, then AfterReceiveRequest is called and finally the webservice is invoked.

But in the non-working case the validateuser is not called. It directly goes on to AfterReceiveRequest and then webservice throws an exception that it can't understand the header.

The azure application gateway routes the request to the VM. It somehow looks the header or membership provider is not being recognized. SSL is managed at the gateway level.

<behaviors>
      <serviceBehaviors>
        <behavior name="DefaultBehavior">

          <serviceMetadata  httpGetEnabled ="true" httpsGetEnabled ="true"  />
          <serviceDebug httpHelpPageEnabled="true" includeExceptionDetailInFaults="true" />
          <serviceCredentials>
            <userNameAuthentication userNamePasswordValidationMode="Custom" customUserNamePasswordValidatorType="IDServices.CustomMembershipProvider,IDServices"/>
          </serviceCredentials>
          <useRequestHeadersForMetadataAddress />

        </behavior>

        <behavior name="">
          <serviceMetadata httpGetEnabled="true" />
          <serviceDebug includeExceptionDetailInFaults="false" />
        </behavior>
      </serviceBehaviors>
      <endpointBehaviors>
        <behavior name="endbehavior1">
          <dataContractSerializer maxItemsInObjectGraph="2147483647" />
        </behavior>
      </endpointBehaviors>
    </behaviors>


  { "timeStamp": "2019-03-11T16:18:29+00:00",
     "resourceId": "/SUBSCRIPTIONS/245CA15E-8C11-4F4C-B6D7-9F3E8EC5943F/RESOURCEGROUPS/JXCHANGERG/PROVIDERS/MICROSOFT.NETWORK/APPLICATIONGATEWAYS/JHAAPPGW",
     "operationName": "ApplicationGatewayAccess", "category": "ApplicationGatewayAccessLog", "properties":
     {"instanceId":"appgw_0","clientIP":"009.04.06.009","clientPort":"65374","httpMethod":"POST","requestUri":"/PImage.svc","requestQuery":"",
     "userAgent":"Apache-HttpClient/4.1.1 (java 1.5)","httpStatus":"500","httpVersion":"HTTP/1.1","receivedBytes":"2638","sentBytes":"917","timeTaken":"0.018","sslEnabled":"on",
     "sslCipher":"ECDHE-RSA-AES256-GCM-SHA384","sslProtocol":"TLSv1.2","serverRouted":"40.124.51.221:80","serverStatus":"500","serverResponseLatency":"0.016","host":"jt.inaresecure.com"}, 
    "time": "2019-03-11T16:18:29.0000000Z"}

Can anyone help me with what could be the problem. Is the request failing on the server? All I get is a Security header fault. The code works on every other machine and server except this VM on azure. The request uses the application gateway to route to the VM where the WCF service is hosted on SSL

<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/">
   <s:Body>
      <s:Fault>
         <faultcode>s:MustUnderstand</faultcode>
         <faultstring xml:lang="en-US">The header 'Security' from the namespace 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd' was not understood by the recipient of this message, causing the message to not be processed.  This error typically indicates that the sender of this message has enabled a communication protocol that the receiver cannot process.  Please ensure that the configuration of the client's binding is consistent with the service's binding.</faultstring>
      </s:Fault>
   </s:Body>
</s:Envelope>

This is the IIS log for the same call probably a different time because of my request

The request is set up to Use SSL. Why does it have 80 in the log? Is it not doing a SSL request? This is a request from SOAP UI

2019-03-11 17:27:44 10.0.0.4 POST /PCServices/2019/MySerivce.svc - 80 - 20.45.4.43 Apache-HttpClient/4.1.1+(java+1.5) - 500 0 0 1468

标签： azurewcfsslvirtual-machine