尝试从我的Web客户端应用程序调用RESTful服务(我已使用此示例中的UserNameAuthenticator进行RESTful服务Adding basic HTTP auth to a WCF REST service)时出现错误,如
The HTTP request is unauthorized with client authentication scheme 'Anonymous'. The authentication header received from the server was 'Basic Realm'.
客户端CS代码
BasicHttpBinding binding = new BasicHttpBinding();
binding.SendTimeout = TimeSpan.FromSeconds(25);
binding.Security.Transport.ClientCredentialType =
HttpClientCredentialType.Basic;
EndpointAddress address = new EndpointAddress("http://localhost:12229/RestServiceImpl.svc");
ChannelFactory<RestService.IRestServiceImpl> factory =
new ChannelFactory<RestService.IRestServiceImpl>(binding, address);
RestService.IRestServiceImpl channel = factory.CreateChannel();
channel.GetStudent();
客户端Web.config
<system.serviceModel>
<services>
<service name="RestService.RestServiceImpl">
<endpoint address="http://localhost:12229/RestServiceImpl.svc"
binding="basicHttpBinding" bindingConfiguration="BasicHttpBinding_ExternalSystemsService_v1Interface"
contract="RestService.IRestServiceImpl"
name="ExternalSystemsService_v1Port" />
</service>
</services>
<bindings>
<basicHttpBinding>
<binding name="BasicHttpBinding_ExternalSystemsService_v1Interface"
closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:10:00"
sendTimeout="00:01:00" allowCookies="false" bypassProxyOnLocal="false"
hostNameComparisonMode="StrongWildcard" maxBufferSize="65536"
maxBufferPoolSize="524288" maxReceivedMessageSize="65536"
messageEncoding="Text" textEncoding="utf-8" transferMode="Buffered"
useDefaultWebProxy="true">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
maxBytesPerRead="4096" maxNameTableCharCount="16384" />
<security mode="TransportCredentialOnly">
<transport clientCredentialType="None" proxyCredentialType="None"
realm="" />
<message clientCredentialType="UserName" algorithmSuite="Default" />
</security>
</binding>
</basicHttpBinding>
</bindings>
</system.serviceModel>
和RESTful服务Web.config
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="webHttpTransportSecurity">
<security mode="TransportCredentialOnly">
<transport clientCredentialType="None" proxyCredentialType="None" realm="" />
<message clientCredentialType="UserName" algorithmSuite="Default" />
</security>
</binding>
</basicHttpBinding>
</bindings>
<services>
<service name="RestService.RestServiceImpl">
<endpoint name="ExternalSystemsService_v1Port" address="" binding="basicHttpBinding" bindingConfiguration="BasicHttpBinding_ExternalSystemsService_v1Interface" contract="RestService.IRestServiceImpl"></endpoint>
</service>
</services>
<behaviors>
<endpointBehaviors>
<behavior>
<webHttp />
</behavior>
</endpointBehaviors>
<serviceBehaviors>
<behavior name="SecureRESTSvcTestBehavior">
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="false" />
<serviceDebug includeExceptionDetailInFaults="true" />
<serviceCredentials>
<userNameAuthentication userNamePasswordValidationMode="Custom" customUserNamePasswordValidatorType="RESTfulSecuritySH.CustomUserNameValidator, RESTfulSecuritySH" />
</serviceCredentials>
</behavior>
</serviceBehaviors>
</behaviors>
<serviceHostingEnvironment multipleSiteBindingsEnabled="true" />
</system.serviceModel>
有什么建议吗?
答案 0 :(得分:1)
对我而言,有一点是在您的客户端CS代码中,您以编程方式设置传输客户端凭据类型:
binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Basic;
但是在客户端和服务器配置文件中,您都设置了消息客户端凭据类型。注意transport元素的clientCredentialType属性如何设置为“None”,message element的clientCredentialType设置为“UserName”:
<transport clientCredentialType="None" proxyCredentialType="None" realm="" />
<message clientCredentialType="UserName" algorithmSuite="Default" />
我一直试图让它在开发过程中关闭安全性,然后慢慢重新开启。
这也是一个新的开发项目吗?我很好奇你为什么要在ASP.NET Web API上使用WCF来提供RESTful服务。