安全性的 WCF 配置不起作用:引发 对安全令牌的请求具有无效或格式不正确的元素

我认为我的配置有问题。我正在尝试将受密码保护的安全性包装在IIS中（尚未实现），并且我遇到了各种异常。这次我收到安全令牌无效或格式错误的元素异常。这是我的配置：

主机：

<configuration>
  <system.web>
    <compilation debug="true" targetFramework="4.0" />
  </system.web>
  <system.webServer>
    <modules runAllManagedModulesForAllRequests="true"/>
  </system.webServer>
  <system.serviceModel>
    <bindings>
      <wsHttpBinding>
      <binding name ="WSHttpBinding_ISVC1">
        <security mode="Message">
          <message clientCredentialType="UserName" establishSecurityContext="false"/>
        </security>
      </binding>
      </wsHttpBinding>
    </bindings>
    <behaviors>
      <serviceBehaviors>
        <behavior name="SVCBehaviors">
          <serviceMetadata httpGetEnabled="true" />
          <serviceDebug includeExceptionDetailInFaults="false" />
          <serviceCredentials>
            <userNameAuthentication userNamePasswordValidationMode="Custom" customUserNamePasswordValidatorType="blahblah.SVCValidator, TrademarkGlobal.Web"/>
          </serviceCredentials>
        </behavior>
      </serviceBehaviors>
    </behaviors>
    <services>
      <service name="blahblah.SVC"
         behaviorConfiguration="SVCBehaviors">
        <endpoint address="" binding="wsHttpBinding"
   contract="blahblah.ISVC" name="WSHttpBinding_ISVC1"/>
        <endpoint contract="IMetadataExchange"
           binding="mexHttpBinding" address="mex"/>
      </service>
    </services>
  </system.serviceModel>
</configuration>
CLIENT: 
   <system.serviceModel>
    <bindings>
      <wsHttpBinding>
        <binding name="WSHttpBinding_ISVC1">
          <security mode="Message">
            <message clientCredentialType="UserName" establishSecurityContext="false"/>
          </security>
        </binding>
      </wsHttpBinding>
    </bindings>
    <client>
      <endpoint address="http://localhost:64609/SVC.svc" binding="wsHttpBinding"
          bindingConfiguration="WSHttpBinding_ISVC1" contract="ISVC">
      </endpoint>
    </client>
  </system.serviceModel>

SVC 文件 （svc.svc）：

<%@ServiceHost Service="blahblah.SVC" %>

服务（SVC 和 ISVC）现在只返回一个基本的 strin g。

SVCVALIDATOR.cs：

using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.ServiceModel;
using System.IdentityModel.Selectors;
public class SVCValidator : UserNamePasswordValidator
{
    public override void Validate(string userName, string password)
    {
        if (userName == null || password == null)
        {
            throw new ArgumentNullException();
        }
        if (userName != "gooduser" && password != "goodpass")
        {
            throw new Exception("Incorrect Username or Password");
        }
    }
}

用于运行的控制器操作：

   public class SVCController : Controller
{
    public ActionResult Index(string user = "bad", string pass = "bad")
    {
        using (SVCClient client = new SVCClient())
        {
        //SVCClient client = new SVCClient("WSHttpBinding_ISVC");
        client.ClientCredentials.UserName.UserName = user;
        client.ClientCredentials.UserName.Password = pass;
        ViewBag.Message = client.Test();
        return View("RunningSVC");
        }
    }
}

  <bindings>
      <wsHttpBinding>
      <binding name ="WSHttpBinding_ISVC1">
        <security mode="Message">
          <message clientCredentialType="UserName" establishSecurityContext="false"/>
        </security>
      </binding>
      </wsHttpBinding>
    </bindings>

 <endpoint address="" binding="wsHttpBinding"
   contract="blahblah.ISVC" name="WSHttpBinding_ISVC1" bindingConfiguration="WSHttpBinding_ISVC1" />