我们正在使用C#通过SOAP发送XML数据。该服务需要使用#PasswordDigest和#Base64Binary Nonce进行HttpDigest身份验证。我们的binding代码:
protected BasicHttpBinding binding = new BasicHttpBinding()
{
Name = "ShipmentServiceSoapBinding",
CloseTimeout = new TimeSpan(0, 01, 0),
OpenTimeout = new TimeSpan(0, 01, 0),
ReceiveTimeout = new TimeSpan(0, 10, 0),
SendTimeout = new TimeSpan(0, 5, 0),
AllowCookies = false,
BypassProxyOnLocal = false,
HostNameComparisonMode = HostNameComparisonMode.StrongWildcard,
MaxBufferPoolSize = 5242880,
MaxReceivedMessageSize = 655360,
MessageEncoding = WSMessageEncoding.Text ,
TextEncoding = new UTF8Encoding(),
UseDefaultWebProxy = true,
ReaderQuotas = new XmlDictionaryReaderQuotas() { MaxDepth = 32, MaxStringContentLength = 81920, MaxArrayLength = 1638400, MaxBytesPerRead = 409600, MaxNameTableCharCount = 163840 },
Security = new BasicHttpSecurity() { Mode = BasicHttpSecurityMode.TransportWithMessageCredential,
//Message = new BasicHttpMessageSecurity() { AlgorithmSuite = SecurityAlgorithmSuite.Default, ClientCredentialType = BasicHttpMessageCredentialType.UserName},
Transport = new HttpTransportSecurity(){ ClientCredentialType = HttpClientCredentialType.Digest}},
};
根据我们选择的BasicHttpSecurityMode的类型,我们遇到了3个不同的问题。
现在他们的ServiceReference允许我们使用ClientCredentials类,所以我们尝试使用HttpDigest:
typeClient.ClientCredentials.HttpDigest.ClientCredential.UserName = "username";
typeClient.ClientCredentials.HttpDigest.ClientCredential.Password = "password";
我已经读过其他StackOverflow问题,对于摘要我们应该使用带有AuthHeader的SoapHeader,但是我们无法将它与它们在API中提供的内容相匹配。这样做还有其他办法吗?或者他们的API没有为C#正确编写?
答案 0 :(得分:3)
在这种情况下使用摘要身份验证要复杂得多 - 您需要实现IClientMessageInspector才能使其正常运行...这使您能够以摘要身份验证所需的方式修改http标头
有用的链接: