想要与SOAP Web服务进行通信,我从wsdl文件中获得了SvcUtil.exe创建的C#类。
当将下面的请求发送到安全服务器(带有BASIC身份验证的HTTPS)时,我收到一个System.ServiceModel.Security.MessageSecurityException,当通过让流量通过Burp代理检查HTTP请求时,我看到没有BASIC身份验证信息是通过。 C#代码中的SOAP请求是否缺少,或者BASIC auth不起作用的问题是什么?
var binding = new WSHttpBinding();
binding.MessageEncoding = WSMessageEncoding.Mtom;
binding.Security.Mode = SecurityMode.Transport;
binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Basic;
binding.Name = "BasicAuthSecured";
SearchServicePortClient searchClient = new SearchServicePortClient(binding, new EndpointAddress("https://myUrl:Port/myService"));
searchClient.ClientCredentials.UserName.UserName = "username";
searchClient.ClientCredentials.UserName.Password = "pw";
query soap = new query();
//...
queryResponse response = searchClient.query(soap);
提前致谢
答案 0 :(得分:1)
这是另一种方法,虽然不知道它是否是最好的
using (var client = _clientFactory.GetClient())
{
var credentials = Utils.EncodeTo64("user123:password");
client.ChannelFactory.CreateChannel();
using (OperationContextScope scope = new OperationContextScope(client.InnerChannel))
{
var httpRequestProperty = new HttpRequestMessageProperty();
httpRequestProperty.Headers[HttpRequestHeader.Authorization] = "Basic " + credentials;
OperationContext.Current.OutgoingMessageProperties[HttpRequestMessageProperty.Name] = httpRequestProperty;
//operation
client.Send(request);
}
}
答案 1 :(得分:0)
尝试使用TransportWithMessageCredential:
binding.Security.Mode = SecurityMode.TransportWithMessageCredential;