ASMX Web服务托管在HTTP上，但我需要WSDL来生成端点为HTTPS。 [英] ASMX Web Service hosted on HTTP, but I need the WSDL to generate the endpoint as HTTPS.

问题描述

我知道这听起来很荒谬。也许有些人遇到过我在这里的事情。我有一个旧的ASMX Web服务，它在一台服务器上运行了好几年。最近该服务器已被2替换为负载均衡器（Windows Server 2012 R2）。基础结构团队喜欢配置Web服务的方式是将SSL证书放在负载均衡器上，然后在传递给选择的任何服务器之前剥离安全性。因此，在每个Web服务器上，该站点实际上都设置为HTTP。



问题是因为这是一个标准的ASMX站点，使用.NET（4），WSDL是由.NET生成的。它知道站点在服务器上托管为HTTP而不是HTTPS，因此当它生成WSDL时，端点部分也是HTTP。由于站点名称解析为负载均衡器，因此如果从WSDL中提取端点，它会尝试转到HTTP而不是HTTPS，当然也会失败。如果使用Visual Studio中的传统工具使用Web服务，则似乎不会发生这种情况。我想当它构建引用时，它必须只使用受保护的WSDL URL并忽略服务中配置的端点。但是，如果您动态启动Web服务（在线有大量示例如何执行此操作），而不使用它，通常从以下内容开始：

System.Net.WebClient client = new System.Net.WebClient（）;

System.IO.Stream stream = client.OpenRead（http：//localhost/webservicedemo/webservice.asmx？wsdl）;

//获取描述服务的WSDL文件。

ServiceDescription description = ServiceDescription.Read（stream）;



您阅读的ServiceDescription并且用于动态地进一步向下启动将使用这些端点。



在不编写大量代码的情况下查看此内容的最简单方法是访问Web服务浏览器，选择方法，输入简单值，然后点击Invoke。这迅速使用WSDL打开一个新窗口调用Web服务...作为HTTP（当然失败）。



所以，我的问题......可以我重写生成的WSDL，以便在请求WSDL时，端点部分说使用HTTPS而不是HTTP，即使该站点在技术上在每台服务器上配置为HTTP？

I know this sounds ridiculous. Maybe some of you have encountered something like I have here. I have an old ASMX web service that's run on a single server for several years. Recently that server has been replaced with 2 with a load balancer (Windows Server 2012 R2). The way the Infrastructure team likes to configure web services is to put the SSL certificate on the load balancer and then strip the security before passing to whichever server is selected. So, on each of the web servers, the site is actually setup as HTTP.

The problem is that since this is a standard ASMX site, using .NET (4), the WSDL is generated by .NET. It knows the site is hosted as HTTP and not HTTPS on the server, so when it generates the WSDL, the endpoints section is also HTTP. Since the site name resolves to the load balancer then if you extract the endpoint from the WSDL, it tries to go to HTTP instead of HTTPS and of course fails. This doesn't seem to happen if you consume the web service using the traditional tools in Visual Studio. I guess when it builds the reference it must just use the WSDL URL which is secured and ignores the endpoints configured in the service. However, if you launch the web service dynamically (there are tons of examples online how to do this), without consuming it, you usually start with something like this:
System.Net.WebClient client = new System.Net.WebClient();
System.IO.Stream stream = client.OpenRead("http://localhost/webservicedemo/webservice.asmx?wsdl");
// Get a WSDL file describing a service.
ServiceDescription description = ServiceDescription.Read(stream);

The ServiceDescription you read in and use to launch dynamically a bit further down will use those endpoints.

The simplest way to see this without writing a lot of code was to access the web service in a browser, choose the method, type in the simple values, and hit Invoke. This promptly used the WSDL to open a new window calling the web service... as HTTP (which of course fails).

So, my question... Can I override the generated WSDL so that when the WSDL is requested, the endpoint section says to use HTTPS instead of HTTP, even though the site is technically configured on each server as HTTP?

推荐答案

如果有人在绝望中漫无目的地通过CodeProject论坛，那么答案就是SoapExtensionReflector类。它通过允许您通过动态反射覆盖WSDL来实现这一目的。经过Google推出一周后，我发现了这一点。链接在这里： http://blogs.msdn.com/b/kaevans /archive/2005/11/16/493496.aspx [ ^ ]



万一消失，只需这样做：

If anyone ever rambling through the CodeProject forums in desperation for something like this, the answer is the SoapExtensionReflector Class. It does the trick by allowing you to override the WSDL through reflection on the fly. I found this after pouring through Google for a week. The link is here: http://blogs.msdn.com/b/kaevans/archive/2005/11/16/493496.aspx[^]

In case that ever goes away, just do this:

using System;
using System.Web.Services.Description;

namespace Msdn.Web.Services.Samples
{
    public class HttpsReflector : SoapExtensionReflector
    {
        public override void ReflectMethod()
        {
            //no-op
        }

        public override void ReflectDescription()
        {
            ServiceDescription description = ReflectionContext.ServiceDescription;
            foreach (Service service in description.Services)
            {
                foreach (Port port in service.Ports)
                {
                    foreach (ServiceDescriptionFormatExtension extension in port.Extensions)
                    {
                        SoapAddressBinding binding = extension as SoapAddressBinding;
                        if (null != binding)
                        {
                            binding.Location = binding.Location.Replace("http://", "https://");
                        }
                    }
                }
            }
        }
    }
}
Using Visual Studio 2005, I created the class above and put it in the App_Code folder in my web site.  Then, in the web.config file, I added the following section within configuration/system.web:

<webServices>

<soapExtensionReflectorTypes>

<add type="Msdn.Web.Services.Samples.HttpsReflector, App_code"/>

</soapExtensionReflectorTypes>

</webServices>

Matt Philmon，你的答案很棒。

但是如果我有一些用户使用http而有些用户使用https。

ReflectDescription只会出现一次，有没有办法覆盖它？

Matt Philmon, your answer is great.
but what if i have some users that work with http and some with https.
the ReflectDescription will occur only once, is there a way to override this?

如果它们都在同一个环境中...那么我不知道。我将它部署到开发，测试，阶段和生产环境。因此，我们总是推出反射器的代码（在App_Code文件夹中）。如果我不想使用它（比如在不安全的开发环境中），我只是将那个位从web.config中删除。

If it's all in the same environment... then I don't know. I deploy this to a dev, test, stage, and production environment. Therefore, we always push out the bit of code for the reflector (in the App_Code folder). If I don't want it used (like in the dev environment which isn't secured), I just leave that bit out of the web.config.

这篇关于ASMX Web服务托管在HTTP上，但我需要WSDL来生成端点为HTTPS。的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！