WCF REST 基本身份验证 - 无法设置授权标头 [英] WCF REST Basic Authentication - not able to set authorization header
问题描述
我创建了一个 WCF REST 服务,我正在尝试进行自定义身份验证(因为它应该适用于 http 和 https).
I have created a WCF REST service and I am trying to do custom authentication (as it should work on http and https).
我正在使用客户服务授权管理器来检查和验证授权标头.
I am using custome service authorization manager to check and validate authorization header.
当我使用 Fiddler 调用服务并通过请求传递 Authorization 标头时,我在服务授权管理器中正确接收了它.
When I call the service using Fiddler and pass Authorization header with request, I am receiving it correctly in the service authorization manager.
但是当我在 WCFChannelFactory 上设置凭据时,我没有在服务中收到 Authorization 标头.我希望授权标头应该由 WCFChannelFactory 创建并随请求传递.
But when I am setting credentials on WCFChannelFactory, I am not receiving Authorization header in the service. I expect that authorization header should be created by WCFChannelFactory and passed with request.
客户端代码如下:
WebChannelFactory<IDataService> factory = new WebChannelFactory<IDataService>("DataServiceClient1");
factory.Credentials.UserName.UserName = "user1";
factory.Credentials.UserName.Password = "password123";
var client = factory.CreateChannel();
var data = client.GetData1("Microsoft");
Console.WriteLine("Get response : {0}", data);
客户端服务配置如下:
<system.serviceModel>
<client>
<endpoint address="http://localhost.fiddler:50179/DataService.svc"
binding="webHttpBinding" bindingConfiguration="auth"
contract="RESTWebServiceSpike.IDataService"
behaviorConfiguration="web"
name="DataServiceClient1">
</endpoint>
</client>
<behaviors>
<endpointBehaviors>
<behavior name="web">
<webHttp/>
</behavior>
</endpointBehaviors>
</behaviors>
<bindings>
<webHttpBinding>
<binding name="auth">
<security mode="TransportCredentialOnly">
<transport clientCredentialType="Basic" />
</security>
</binding>
</webHttpBinding>
</bindings>
</system.serviceModel>
我的服务配置如下:
<services>
<service name="RESTWebServiceSpike.DataService" behaviorConfiguration="DataServiceBehaviour">
<endpoint address="" binding="webHttpBinding"
contract="RESTWebServiceSpike.IDataService" behaviorConfiguration="web">
</endpoint>
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="DataServiceBehaviour">
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true"/>
<serviceDebug includeExceptionDetailInFaults="true" httpHelpPageEnabled="true"/>
<serviceAuthorization serviceAuthorizationManagerType="RESTWebServiceImpl.AuthorizationManager, RESTWebServiceImpl" />
</behavior>
</serviceBehaviors>
<endpointBehaviors>
<behavior name="web">
<webHttp/>
</behavior>
</endpointBehaviors>
</behaviors>
我正在使用客户服务授权管理器来检查和验证授权标头.
I am using custome service authorization manager to check and validate authorization header.
推荐答案
我知道这已经晚了,但我偶然发现了这篇文章,所以决定填写它,以防我需要再次记住它.这对我有用:
I know this is late but I ran across this post so decided to fill this in, in case I ever need to remember this again. This worked for me:
创建消息检查器:
Create the Message Inspector:
Public Class AuthenticationHeader
Implements IClientMessageInspector
Private itsUser As String
Private itsPass As String
Public Sub New(ByVal user As String, ByVal pass As String)
itsUser = user
itsPass = pass
End Sub
Public Sub AfterReceiveReply(ByRef reply As Message, correlationState As Object) Implements IClientMessageInspector.AfterReceiveReply
Console.WriteLine("Received the following reply: '{0}'", reply.ToString())
End Sub
Public Function BeforeSendRequest(ByRef request As Message, channel As IClientChannel) As Object Implements IClientMessageInspector.BeforeSendRequest
Dim hrmp As HttpRequestMessageProperty = request.Properties("httpRequest")
Dim encoded As String = System.Convert.ToBase64String(System.Text.Encoding.GetEncoding("ISO-8859-1").GetBytes(itsUser + ":" + itsPass))
hrmp.Headers.Add("Authorization", "Basic " + encoded)
Return request
End Function
End Class
编写行为:
Write the Behavior:
Public Class AuthenticationHeaderBehavior
Implements IEndpointBehavior
Private ReadOnly itsUser As String
Private ReadOnly itsPass As String
Public Sub New(ByVal user As String, ByVal pass As String)
MyBase.New()
itsUser = user
itsPass = pass
End Sub
Public Sub AddBindingParameters(endpoint As ServiceEndpoint, bindingParameters As BindingParameterCollection) Implements IEndpointBehavior.AddBindingParameters
End Sub
Public Sub ApplyClientBehavior(endpoint As ServiceEndpoint, clientRuntime As ClientRuntime) Implements IEndpointBehavior.ApplyClientBehavior
clientRuntime.MessageInspectors.Add(New AuthenticationHeader(itsUser, itsPass))
End Sub
Public Sub ApplyDispatchBehavior(endpoint As ServiceEndpoint, endpointDispatcher As EndpointDispatcher) Implements IEndpointBehavior.ApplyDispatchBehavior
End Sub
Public Sub Validate(endpoint As ServiceEndpoint) Implements IEndpointBehavior.Validate
End Sub
End Class
将其添加到您的端点:
Add it to your endpoint:
Dim binding As New WebHttpBinding(WebHttpSecurityMode.Transport)
binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.None
ChlFactory = New WebChannelFactory(Of IMyServiceContract)(binding, New Uri(url))
ChlFactory.Endpoint.Behaviors.Add(New WebHttpBehavior())
ChlFactory.Endpoint.Behaviors.Add(New AuthenticationHeaderBehavior(user, pass))
Channel = ChlFactory.CreateChannel()
这篇关于WCF REST 基本身份验证 - 无法设置授权标头的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!