调用使用Windows凭据保护的ASMX服务

时间:2013-01-10 18:47:27

标签: web-services asp.net-mvc-4 windows-authentication

我已经获得了一个Web服务(ASMX)来消耗我需要使用 Windows凭据的女巫。

所以,我已经设置了我的客户端VPN并调用了WSDL,保存为XML文件并使用svcutil.exe生成代理类,到目前为止,非常好......

我正在将服务称为

// Web Service
client = new CmListSync.Models.WebCorePlayersSoapClient();
client.ClientCredentials.Windows.AllowedImpersonationLevel = System.Security.Principal.TokenImpersonationLevel.Impersonation;
client.ClientCredentials.Windows.ClientCredential = new System.Net.NetworkCredential(cUser, cPass, cDoma);

并在web.config我有这个设置:

  <system.serviceModel>
    <bindings>
      <wsHttpBinding>
        <binding name="WebCorePlayersSoap" closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00" bypassProxyOnLocal="false" transactionFlow="false" hostNameComparisonMode="StrongWildcard" maxBufferPoolSize="524288" maxReceivedMessageSize="65536" messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true" allowCookies="false">
          <readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384" maxBytesPerRead="4096" maxNameTableCharCount="16384" />
          <reliableSession ordered="true" inactivityTimeout="00:10:00" enabled="true" />
          <security mode="None">
            <transport clientCredentialType="Windows" proxyCredentialType="None" realm="" />
            <message clientCredentialType="Windows" algorithmSuite="Default" negotiateServiceCredential="true" />
          </security>
        </binding>
      </wsHttpBinding>
    </bindings>
    <client>
      <endpoint address="http://vm-wssrv01/players.asmx" binding="wsHttpBinding"
        bindingConfiguration="WebCorePlayersSoap" contract="WebCorePlayersSoap"
        name="WebCorePlayersSoap" />
    </client>
  </system.serviceModel>

但是当我尝试调用该服务时,我得到一个例外:

  

HTTP请求未经授权,客户端身份验证方案为“匿名”。从服务器收到的身份验证标头是'Basic realm = \“vm-wssrv01 \”'。

我缺少什么?该服务不应该正常验证,因为我提供了Windows凭据? 我还应该做些什么?

我尝试过:

  • 将安全模式设置为 Message ,我收到与上述问题相同的错误
  • 将安全模式设置为 TransportWithMessageCredential 我得到了: 提供的URI方案'http'无效;预期'https'。\ r \ nParameter 名称:通过
  • 将安全模式设置为 Transport ,我得到了:绑定验证失败,因为WSHttpBinding不支持基于传输安全性的可靠会话(HTTPS )。无法打开通道工厂或服务主机。使用消息安全性通过HTTP进行安全可靠的消息传递。

来自John Saunders评论:

我已切换到basicHttpBinding 

  <system.serviceModel>
    <bindings>
      <basicHttpBinding>
        <binding name="WebCorePlayersSoap" closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00" bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard" maxBufferPoolSize="524288" maxReceivedMessageSize="65536" messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true" allowCookies="false">
          <readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384" maxBytesPerRead="4096" maxNameTableCharCount="16384" />
          <security mode="None">
            <transport clientCredentialType="Windows" proxyCredentialType="Windows" realm="vm-wssrv01" />
            <message clientCredentialType="UserName" algorithmSuite="Default" />
          </security>
        </binding>
      </basicHttpBinding>
    </bindings>
    <client>
      <endpoint address="http://vm-wssrv01/players.asmx" binding="basicHttpBinding"
        bindingConfiguration="WebCorePlayersSoap" contract="WebCorePlayersSoap"
        name="WebCorePlayersSoap" />
    </client>
  </system.serviceModel>

并尝试将security模式更改为:

  • TransportWithMessageCredential {“提供的URI方案'http'无效;预期'https'。\ r \ n参数名称:via”}

  • TransportCredentialOnly {“HTTP请求未经授权,客户端身份验证方案'协商'。从服务器收到的身份验证标头为'Basic realm = \”vm-wssrv01 \“'。”}

  • Message {“BasicHttp绑定要求BasicHttpBinding.Security.Message.ClientCredentialType等效于安全消息的BasicHttpMessageCredentialType.Certificate凭证类型。为UserName凭证选择Transport或TransportWithMessageCredential安全性。”}

  • Transport {“提供的URI方案'http'无效;预期'https'。\ r \ n参数名称:via”}

  • None {“HTTP请求未经授权,客户端身份验证方案为'Anonymous'。从服务器收到的身份验证标头为'Basic realm = \”vm-wssrv01 \“'。”}

我的想法用完了:( 该服务仅限HTTP,而不是HTTPS,我没有要使用的证书......

1 个答案:

答案 0 :(得分:5)

3天后,在 John Saunders 的大力帮助下,他表示ASMX服务唯一可能的绑定是basicHttpBinding(我的搜索答案开始是更加专注)我进入了这个:

在服务来电者中,必须使用client.ClientCredentials.UserName作为:

// Web Service
client = new CmListSync.Models.WebCorePlayersSoapClient();
client.ClientCredentials.UserName.UserName = cUser;
client.ClientCredentials.UserName.Password = cPass;

在配置部分,需要使用:

  <system.serviceModel>
    <bindings>
      <basicHttpBinding>
        <binding name="WebCorePlayersSoap" closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00" bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard" maxBufferPoolSize="524288" maxReceivedMessageSize="65536" messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true" allowCookies="false">
          <readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384" maxBytesPerRead="4096" maxNameTableCharCount="16384" />
          <security mode="TransportCredentialOnly">
            <transport clientCredentialType="Basic" />
          </security>
        </binding>
      </basicHttpBinding>
    </bindings>
    <client>
      <endpoint address="http://vm-wssrv01/players.asmx" binding="basicHttpBinding"
        bindingConfiguration="WebCorePlayersSoap" contract="WebCorePlayersSoap"
        name="WebCorePlayersSoap">
        <identity>
          <dns value="localhost" />
        </identity>
      </endpoint>
    </client>
  </system.serviceModel>
相关问题
最新问题