授权HTML标头丢失 [英] Authorization HTML Header going missing
问题描述
我不确定这是否是一个.NET错误/功能和IIS5中的一个或两个组合
所以这里是
我有当我在.NET中调用一个运行在
windows 2000(我假设是IIS5)的ASP.NET Web服务的情况下,还有一个web服务客户端也在.NET中,
webservice请求丢失了授权HTML标题。
这不会发生在Windows 2003下。
我正在使用followng(补丁/修复)来预先验证网络请求(这个
来自知识库文章或我认为的新闻组文章)
受保护的覆盖函数GetWebRequest(ByVal uri As System.Uri)As br />
System.Net.WebRequest
Dim webReq As System.Net.WebRequest = MyBase.GetWebRequest(uri)
If Me.PreAuthenticate Then
Dim cred As System.Net.NetworkCredential =
Me.Credentials.GetCredential(uri," Basic")
如果Not cred is Nothing Then
Dim buff As Byte()= New
System.Text.UTF8Encoding()。GetBytes(cred.UserName& ":" &安培; cred.Password)
webReq.Headers(" Authorization")=" Basic" &
Convert.ToBase64String(buff)
结束如果
结束如果
返回webReq
结束功能
网络服务和客户端也在相同的流程/应用程序下运行 -
很长的故事,但它是假冒我们应该服务器的事实
谈话还不行。
即在我的网络服务下我有2个文件夹 - 在一个文件夹中我有.asmx
我们的网络应用程序与之对话的文件,在另一个文件夹下我有一个
..asmx响应第三方服务的方式
请求第一个文件夹向第二个文件夹发出请求。
我希望有人能告诉我发生了什么。
问候
Shaun
I am not sure if this is a .NET bug/feature and IIS5 one or a combination of
the 2 so here goes
I have a situation where when I call an ASP.NET webservice running under
windows 2000 (I assume IIS5) with a webservice client also in .NET that the
webservice request loses the Authorization HTML header.
This DOES NOT happen under Windows 2003.
I am using the followng (patch/fix) to preauthenticate the web request (this
is from a KB article, or newsgroup article I think)
Protected Overrides Function GetWebRequest(ByVal uri As System.Uri) As
System.Net.WebRequest
Dim webReq As System.Net.WebRequest = MyBase.GetWebRequest(uri)
If Me.PreAuthenticate Then
Dim cred As System.Net.NetworkCredential =
Me.Credentials.GetCredential(uri, "Basic")
If Not cred Is Nothing Then
Dim buff As Byte() = New
System.Text.UTF8Encoding().GetBytes(cred.UserName & ":" & cred.Password)
webReq.Headers("Authorization") = "Basic " &
Convert.ToBase64String(buff)
End If
End If
Return webReq
End Function
Also webservice and client are running under the same process/application -
long story but it is to fake the fact that the server we are supposed to
talk to isn''t available yet.
i.e. under my webservice I have 2 folders - in one folder I have the .asmx
files that our web application talks to and under the other folder I have a
..asmx that responds the way the 3rd party service is supposed to
with requests to the first folder causing a request to the second.
I hope someone can tell me what is going on.
Regards
Shaun
推荐答案
嗨Shaun,
谢谢你你的帖子。根据你的描述,你有一个asp.net web
服务,它使用Http头来存储一些身份验证
令牌。但是当你在
win2k服务器上托管web服务时你发现这个标题会丢失(在2003服务器上工作正常),是吗?
从客户端代码你提供,似乎你使用WebRequest类
来使用webservie而不是使用wsdl.exe来生成
客户端代理,是吗?由于使用HttpHeader存储身份验证信息
将在底层协议上进行webservice回复,一般来说,我们建议我们使用SOAP HEADER存储此类信息。你会考虑使用SoapHeader吗?或者如果有任何疑问
,请随时在此发布。谢谢。
问候,
Steven Cheng
微软在线支持
安全! www.microsoft.com/security
(此帖子按原样提供,不作任何保证,并且不授予
权利。)
Hi Shaun,
Thanks for your posting. From your description, you''ve an asp.net web
service which make use of the Http header to store some authentication
tokens. But you found this header will lose when you host the webservice on
win2k server (works ok on 2003 server) ,yes?
From the client code you provided, seems you''re using the WebRequest class
to consume the webservie rather than use the wsdl.exe to generate the
client proxy ,yes? Since the using HttpHeader to store authentication info
will make the webservice reply on the underlying protocal, generally, we
recommend that we use th SOAP HEADER to store such info.
would you consider using the SoapHeader or if there is any certain concerns
on this, please feel free to post here. Thanks.
Regards,
Steven Cheng
Microsoft Online Support
Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)
Hi Steven
如果客户端与
同一台机器上托管的服务器通话,则会失去授权标头。但是当在Windows 2000上运行的
客户端与另一台机器通信时(Windows
2003)
然后授权标题就在那里
我使用.NET工具(wsdl.exe)生成我的客户端和服务器基于
WSDL
(由我们需要谈论的java syatem)然后使用
以下新闻组中的
信息覆盖网页请求以获得预先认证
工作
( http://groups.google.co.uk/groups?q=...on&hl=en&lr=&s
elm =%23euI3BFUCHA.2832%40tkmsftngp10& rnum = 5)
不幸的是使用SOAP Header不是一个选项,因为它不受支持
by the我们需要遵守的规范。
我可以敲一个演示项目来模仿我们在做什么我如果你愿意的话。
Shaun
" Steven Cheng [MSFT]" <,V - ****** @ online.microsoft.com>在消息中写道
news:kK ************** @ cpmsftngxa10.phx.gbl ...
Hi Steven
No what happens is that when the client talks to the server hosted on the
same machine the Authorization header goes missing. However when the
client running on the windows 2000 talks to a different machine (Windows
2003)
then the Authorization header is there
I used the .NET tools (wsdl.exe) to generate my client and servers based on
the WSDL
(generated by the java syatem we need to talk to) and then used the
information from
the following newsgroup to override the web request to get preauthentication
to work
(http://groups.google.co.uk/groups?q=...on&hl=en&lr=&s
elm=%23euI3BFUCHA.2832%40tkmsftngp10&rnum=5)
Unfortunately using the SOAP Header isn''t an option as it is not supported
by the specification we need to adhere to.
I can knock up a demo project(s) to emulate what we are doing if you wish.
Shaun
"Steven Cheng[MSFT]" <v-******@online.microsoft.com> wrote in message
news:kK**************@cpmsftngxa10.phx.gbl...
嗨Shaun,
感谢您的发帖。根据您的描述,您有一个asp.net web
服务,该服务利用Http标头来存储一些身份验证令牌。但是你发现当你在win2k服务器上托管web服务
时这个标题会丢失(在2003服务器上工作正常),是吗?
从你提供的客户端代码看来,你似乎在使用WebRequest类使用webservie而不是使用wsdl.exe来生成
客户端代理,是吗?由于使用HttpHeader存储身份验证
info将在底层协议上进行webservice回复,一般来说,我们建议我们使用SOAP HEADER来存储这些信息。
你会考虑使用SoapHeader或者如果对此有任何特定的
担忧,请随时在此处发布。谢谢。
问候,
Steven Cheng
微软在线支持
获得安全! www.microsoft.com/security
(此帖已提供按原样,没有任何保证,也没有赋予
权利。)
Hi Shaun,
Thanks for your posting. From your description, you''ve an asp.net web
service which make use of the Http header to store some authentication
tokens. But you found this header will lose when you host the webservice on win2k server (works ok on 2003 server) ,yes?
From the client code you provided, seems you''re using the WebRequest class
to consume the webservie rather than use the wsdl.exe to generate the
client proxy ,yes? Since the using HttpHeader to store authentication info will make the webservice reply on the underlying protocal, generally, we
recommend that we use th SOAP HEADER to store such info.
would you consider using the SoapHeader or if there is any certain concerns on this, please feel free to post here. Thanks.
Regards,
Steven Cheng
Microsoft Online Support
Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)
感谢您的回复Shaun ,
我会查看你的附加代码并做一些测试。一旦我取得进一步进展,我会更新
你。谢谢。
问候,
Steven Cheng
微软在线支持
安全! www.microsoft.com/security
(此帖子按原样提供,不作任何保证,并且不授予
权利。)
Thanks for your response Shaun,
I''ll have a look at your attached code and do some tests. And I''ll update
you as soon as I got any further progress. Thanks.
Regards,
Steven Cheng
Microsoft Online Support
Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)
这篇关于授权HTML标头丢失的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
