.net core 2及更高版本:具有NTLM授权的连接服务WcfServiceClient SOAP如何?

时间:2018-12-19 19:28:07

标签: wcf soap asp.net-core-2.0 ntlm-authentication

我正在.net core 2.1上运行应用程序。 我通过连接的服务添加了wsdl Web服务,该服务成功为我生成了WcfServiceClient。

使用基本自动化时,它可以精细

这是我用来调用helloword soap方法的类:

public string HellowWorld(string input)
{
    string wsRes = null;
    try
    {
        var service = new WorkerProcessServiceClient();
        var url = $"http://ServerUrl/Directory/WsName.svc";
        UriBuilder uriBuilder = new UriBuilder(url);

        service.Endpoint.Address = new EndpointAddress(uriBuilder.Uri);
        service.ClientCredentials.UserName.UserName = Username;
        service.ClientCredentials.UserName.Password = Password;

        using (OperationContextScope scope = new OperationContextScope(service.InnerChannel))
        {
            HttpRequestMessageProperty httpRequestProperty = new HttpRequestMessageProperty();
            httpRequestProperty.Headers[System.Net.HttpRequestHeader.Authorization] =
                "Basic " + Convert.ToBase64String(Encoding.ASCII.GetBytes(service.ClientCredentials.UserName.UserName
                + ":"
                + service.ClientCredentials.UserName.Password));
            OperationContext.Current.OutgoingMessageProperties[HttpRequestMessageProperty.Name] = httpRequestProperty;
            wsRes = service.HelloWorldAsync(input, RetailContext).GetAwaiter().GetResult();
            service.Close();
        }
    }
    catch (Exception ex)
    {
        wsRes = ex.Message;
    }
    return wsRes;
}

这对于在基本授权上运行的服务器可以很好地工作。我在 SOAP UI 中使用了相同的凭据,并且运行良好。而且我什至不需要指定 enter image description here

<==>现在是问题<=>

我有第二台运行 NTLM授权的服务器。 我做了所有的事情:'(但似乎没有任何作用。

1-我将service.clientCredential.Username更改为service.clientCredential.Windows,并添加了service.clientCredential.Windows.domain

2-我也将标题从"Basic " + Convert...更改为"Ntlm " + Convert...

3-我在标题中添加了域,并将其放在第一个和最后一个位置。

当我使用 SOAP UI 时,它工作正常。 enter image description here

我不知道该怎么办,请帮忙。

2 个答案:

答案 0 :(得分:1)

我终于找到了。

因此,这里是我的新代码,以通过NTLM授权获得服务

    private WcfServiceClient MyNtlmConfiguredService()
    {
        BasicHttpBinding basicHttpBinding = new BasicHttpBinding();
        basicHttpBinding.Security.Mode = BasicHttpSecurityMode.TransportCredentialOnly;
        //this is for enabling Ntlm if you wanna work with basic you just 
        // you just replace HttpClientCredentialType.Ntlm by HttpClientCredentialType.Basic
        basicHttpBinding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Ntlm;

        EndpointAddress endpoint = new EndpointAddress("http://ServerUrl/Directory/WsName.svc");

        var client = new WcfServiceClient(basicHttpBinding, endpoint);

        NetworkCredential myCreds = new NetworkCredential("Username", "pas**rd", "Domain");

        client.ClientCredentials.Windows.ClientCredential = myCreds;
        client.ClientCredentials.Windows.AllowedImpersonationLevel = System.Security.Principal.TokenImpersonationLevel.Impersonation;

        return client;
    }

然后正常调用WebService 

MyNtlmConfiguredService().HellowWorld(input).getAwaiter().getResult();

现在进行基本授权:

    private CustomerWcfServiceClient MyBasicConfiguredService()
    {
        var service = new CustomerWcfServiceClient();
        CustomerWcfServiceClient client = null;
        string wsRes = null;

        BasicHttpBinding basicHttpBinding = new BasicHttpBinding();
        basicHttpBinding.Security.Mode = BasicHttpSecurityMode.TransportCredentialOnly;//mandatory
        basicHttpBinding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Basic;//mandatory

        EndpointAddress endpoint = new EndpointAddress("http://ServerUrl/Directory/WsName.svc");

        client = new CustomerWcfServiceClient(basicHttpBinding, endpoint);


        client.ClientCredentials.UserName.UserName = "UserName";
        client.ClientCredentials.UserName.Password = "Pa**word";

        return client;
    }

然后正常调用WebService 

MyBasicConfiguredService().HellowWorld(input).getAwaiter().getResult();

每个人都快乐编码

答案 1 :(得分:0)

对于Windows身份验证,.net核心应用程序通过运行身份,例如,当您在IIS中托管时,它通过应用程序身份运行。

有两个选项供您选择:

  1. 配置在域帐户用户下运行的.net核心应用。

  2. 如果您希望在代码中配置用户名和密码,可以尝试WindowsIdentity.RunImpersonated

    public class HomeController : Controller
{
    [DllImport("advapi32.dll", SetLastError = true, CharSet = CharSet.Unicode)]
    public static extern bool LogonUser(String lpszUsername, String lpszDomain, String lpszPassword,
            int dwLogonType, int dwLogonProvider, out SafeAccessTokenHandle phToken);
    const int LOGON32_PROVIDER_DEFAULT = 0;
    //This parameter causes LogonUser to create a primary token.   
    const int LOGON32_LOGON_INTERACTIVE = 2;
    public IActionResult About()
    {
        SafeAccessTokenHandle safeAccessTokenHandle;
        bool returnValue = LogonUser("username", "domain", "password",
            LOGON32_LOGON_INTERACTIVE, LOGON32_PROVIDER_DEFAULT,
            out safeAccessTokenHandle);
        WindowsIdentity.RunImpersonated(safeAccessTokenHandle, () =>
        {
            NTLMWebServiceSoapClient client = new NTLMWebServiceSoapClient(NTLMWebServiceSoapClient.EndpointConfiguration.NTLMWebServiceSoap);
            var result = client.HelloWorldAsync().Result;
            ViewData["Message"] = result.Body.HelloWorldResult;
        });

        return View();
    }

}
相关问题
最新问题