使用CustomBinding的抢占式身份验证? [英] Preemptive authentication with CustomBinding?

问题描述

我正在使用WCF针对客户的SOAP服务编写客户端.

I'm writing a client against a customer's SOAP service, using WCF.

我们进行了许多尝试来使身份验证有效.我最终使用了自定义绑定，因为网络上有个随机的人说BasicHttpBinding不支持必要的安全性选项，而WsHttpBinding不支持SOAP 1.1，这正是他们使用的.

We've had a number of go-arounds trying to get the authentication working. I ended up using a Custom Binding, because some random guy on the web said that BasicHttpBinding didn't support the necessary security options, and WsHttpBinding didn't support SOAP 1.1, which is what they are using.

所以，我有什么:

var message = this.constructMessagecollection);

if (message != null)
{
    var ea = new EndpointAddress(this.webServiceUrl);

    var binding = new CustomBinding();
    binding.Elements.Add(new TextMessageEncodingBindingElement(
            MessageVersion.Soap11, Encoding.UTF8));
    binding.Elements.Add(new HttpsTransportBindingElement { AuthenticationScheme = System.Net.AuthenticationSchemes.Basic });

    using (var client = new CustomersWebserviceClient(binding, ea))
    {
        if (!String.IsNullOrWhiteSpace(this.webServiceUsername) && !String.IsNullOrWhiteSpace(this.webServicePassword))
        {
            var credentials = client.ClientCredentials.UserName;
            credentials.UserName = this.webServiceUsername;
            credentials.Password = this.webServicePassword;
        }

        var result = client.ReceiveMessage(message);
        log.writeLine(String.Format("Call to client.ReceiveMessage() returned {0}", result));
    }

    return true;
}

现在，有人问我是否可以配置我的客户端以执行抢占式身份验证.我已经进行了一些网页浏览，但发现不多.而且我不知道如何将所发现的内容整合到当前代码中.

Now, I've been asked if I can configure my client to do preemptive authentication. I've done some web browsing, and not found much. And I'm at a loss as to how to integrate what little I've found into my current code.

推荐答案

我认为您不能将WCF配置为进行预身份验证.您的选择是手动将标头添加到每个请求中，或构建一个消息检查器来执行并配置一次.无论哪种方式，这些设置都与绑定无关.我猜您可以编写自己的自定义http传输(内部使用常规的http传输)并将其添加到其中，但不确定是否值得这样做.如此处所述，您可以使用手动添加它:

I don't think you can configure WCF to pre authenticate. Your options are to add the headers manually to each request or to build a message inspector to do it and configure it once. Either way those settings are not related to the binding. I guess you could write your own custom http transport (that internally uses the regular http transport) and add it there but not sure it worth the effort. As described here, to add it manually you can use:

HttpRequestMessageProperty httpRequestProperty = new HttpRequestMessageProperty(); 

httpRequestProperty.Headers[HttpRequestHeader.Authorization] = "Basic " + 
    Convert.ToBase64String(Encoding.ASCII.GetBytes(client.ClientCredentials.UserName.UserName + ":" + 
    client.ClientCredentials.UserName.Password));

using (OperationContextScope scope = new OperationContextScope(client.InnerChannel)) 
{ 
    OperationContext.Current.OutgoingMessageProperties[HttpRequestMessageProperty.Name] = 
        httpRequestProperty;

    // Invoke client 
}

关于第二个选项，请参见此处如何

As for the second option, this see here how to add headers with a message inspector.

这篇关于使用CustomBinding的抢占式身份验证?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！