ASP.NET Core中的NTLM授权WCF不起作用 [英] NTLM authorization WCF in ASP.NET Core does not work

问题描述

我遇到NTLM授权问题 我有可以在asp.net上正常工作的服务，但是现在我需要在asp.net核心上使用此服务，并且我无法通过授权.

我这样配置绑定:

        var binding = new BasicHttpBinding(BasicHttpSecurityMode.TransportCredentialOnly);
        binding.OpenTimeout = binding.CloseTimeout = 
        binding.SendTimeout = binding.ReceiveTimeout = TimeSpan.FromMinutes(1);
        binding.MaxReceivedMessageSize = 20971520;
        binding.MaxBufferPoolSize = binding.MaxBufferSize = 20971520;
        binding.ReaderQuotas.MaxArrayLength =
        binding.ReaderQuotas.MaxStringContentLength =
        binding.ReaderQuotas.MaxBytesPerRead =
        binding.ReaderQuotas.MaxNameTableCharCount = 2097152;

        binding.TextEncoding = Encoding.UTF8;
        binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Ntlm;
        //binding.Security.Mode = BasicHttpSecurityMode.TransportWithMessageCredential;
        binding.TransferMode = TransferMode.Buffered;
        binding.AllowCookies = false;

然后添加

        ClientCredentials.Windows.ClientCredential.UserName = service.Login;
        ClientCredentials.Windows.ClientCredential.Password = service.Password;

然后我请求服务并获得

---> System.ServiceModel.Security.MessageSecurityException:HTTP请求未经客户端身份验证方案'Ntlm'的授权.这 从服务器收到的身份验证标头是"NTLM".

我打开提琴手，比较了两个请求(asp.net和core) 而且我发现Authorization标头中的内容有所不同，但是密码和配置文件中的登录名相同.

ASP.NET:

授权:NTLM TlRMTVNTUAABAAAAAAA4I 是 ogAAAAAAAAAAAAAAAAAAAAAAAAKADk4AAAADw ==

核心:

授权:NTLM TlRMTVNTUAABAABAAAAB4I I ogAAAAAAAAAAAAAAAAAAAAAAAAKADk4AAAADw ==

我试图编写自定义行为，以便将asp.net中的标头放入而不是BeforeSendRequest()中的核心变体，但是在第二个请求客户端中，我再次发送标头的核心变体，并且我再次收到关于NTLM的相同消息

我可以在错误的地方找到错误吗?

解决方案

我发现了此现象的原因. 在asp.net中，我没有设置域"，仅设置了登录名和密码即可. 但是在asp dotnet核心中，它对我不起作用，我添加了Domain.现在它也可以在asp dotnet核心中使用.

    var credentials = new NetworkCredential
    {
        UserName = service.Login,
        Password = service.Password,
        Domain = service.Domain
    };
    service.ClientCredentials.Windows.ClientCredential = credentials;

I encountered with problem NTLM authorization I have service which work on asp.net without any problems, but now I need to work with this service on asp.net core, and I can't pass authorization.

I configure binding like this:

        var binding = new BasicHttpBinding(BasicHttpSecurityMode.TransportCredentialOnly);
        binding.OpenTimeout = binding.CloseTimeout = 
        binding.SendTimeout = binding.ReceiveTimeout = TimeSpan.FromMinutes(1);
        binding.MaxReceivedMessageSize = 20971520;
        binding.MaxBufferPoolSize = binding.MaxBufferSize = 20971520;
        binding.ReaderQuotas.MaxArrayLength =
        binding.ReaderQuotas.MaxStringContentLength =
        binding.ReaderQuotas.MaxBytesPerRead =
        binding.ReaderQuotas.MaxNameTableCharCount = 2097152;

        binding.TextEncoding = Encoding.UTF8;
        binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Ntlm;
        //binding.Security.Mode = BasicHttpSecurityMode.TransportWithMessageCredential;
        binding.TransferMode = TransferMode.Buffered;
        binding.AllowCookies = false;

Then added

        ClientCredentials.Windows.ClientCredential.UserName = service.Login;
        ClientCredentials.Windows.ClientCredential.Password = service.Password;

Then I do some request to service and get

---> System.ServiceModel.Security.MessageSecurityException: The HTTP request is unauthorized with client authentication scheme 'Ntlm'. The authentication header received from the server was 'NTLM'.

I opened fiddler and compared two requests ( asp.net and core) And I found difference in Authorization header, but password and login the same in config file.

ASP.NET :

Authorization: NTLM TlRMTVNTUAABAAAAB4IYogAAAAAAAAAAAAAAAAAAAAAKADk4AAAADw==

Core :

Authorization: NTLM TlRMTVNTUAABAAAAB4IIogAAAAAAAAAAAAAAAAAAAAAKADk4AAAADw==

I tried to write custom behavior in order to put header from asp.net instead of core variant in BeforeSendRequest(), but in the second request client again send core variant of header and I again get the same message about NTLM

May be I try to find mistake in a wrong place?

解决方案

I found out reason of this behavior. In asp.net I don't set Domain, only login and password and it works. But in asp dotnet core it does not work for me, I added Domain. And now it work in asp dotnet core too.

    var credentials = new NetworkCredential
    {
        UserName = service.Login,
        Password = service.Password,
        Domain = service.Domain
    };
    service.ClientCredentials.Windows.ClientCredential = credentials;

这篇关于ASP.NET Core中的NTLM授权WCF不起作用的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！