.NET SOAP不在请求标头中发送BASIC auth

时间:2017-04-21 13:28:18

标签: c# .net soap basic-authentication

想要与SOAP Web服务进行通信,我从wsdl文件中获得了SvcUtil.exe创建的C#类。

当将下面的请求发送到安全服务器(带有BASIC身份验证的HTTPS)时,我收到一个System.ServiceModel.Security.MessageSecurityException,当通过让流量通过Burp代理检查HTTP请求时,我看到没有BASIC身份验证信息是通过。 C#代码中的SOAP请求是否缺少,或者BASIC auth不起作用的问题是什么?

var binding = new WSHttpBinding();
binding.MessageEncoding = WSMessageEncoding.Mtom;

binding.Security.Mode = SecurityMode.Transport;
binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Basic;
binding.Name = "BasicAuthSecured";

SearchServicePortClient searchClient = new SearchServicePortClient(binding,  new EndpointAddress("https://myUrl:Port/myService"));
searchClient.ClientCredentials.UserName.UserName = "username";
searchClient.ClientCredentials.UserName.Password = "pw";

query soap = new query();
//...

queryResponse response = searchClient.query(soap);

提前致谢

2 个答案:

答案 0 :(得分:1)

这是另一种方法,虽然不知道它是否是最好的

using (var client = _clientFactory.GetClient())
{
    var credentials = Utils.EncodeTo64("user123:password");
    client.ChannelFactory.CreateChannel();
    using (OperationContextScope scope = new OperationContextScope(client.InnerChannel))
    {
        var httpRequestProperty = new HttpRequestMessageProperty();
        httpRequestProperty.Headers[HttpRequestHeader.Authorization] = "Basic " + credentials;
        OperationContext.Current.OutgoingMessageProperties[HttpRequestMessageProperty.Name] = httpRequestProperty;
        //operation
        client.Send(request);
    }
}

答案 1 :(得分:0)

尝试使用TransportWithMessageCredential:

binding.Security.Mode = SecurityMode.TransportWithMessageCredential;