消费使用摘要身份验证Web服务 [英] Consuming a web service using digest authentication
问题描述
我们正在使用C#通过SOAP发送XML数据。该服务需要HttpDigest与 #PasswordDigest
认证和#使用Base64Binary现时标志
。我们的结合
code:
We are using C# to send XML data via SOAP. The service requires HttpDigest authentication with #PasswordDigest
and #Base64Binary Nonce
. Our binding
code:
protected BasicHttpBinding binding = new BasicHttpBinding()
{
Name = "ShipmentServiceSoapBinding",
CloseTimeout = new TimeSpan(0, 01, 0),
OpenTimeout = new TimeSpan(0, 01, 0),
ReceiveTimeout = new TimeSpan(0, 10, 0),
SendTimeout = new TimeSpan(0, 5, 0),
AllowCookies = false,
BypassProxyOnLocal = false,
HostNameComparisonMode = HostNameComparisonMode.StrongWildcard,
MaxBufferPoolSize = 5242880,
MaxReceivedMessageSize = 655360,
MessageEncoding = WSMessageEncoding.Text ,
TextEncoding = new UTF8Encoding(),
UseDefaultWebProxy = true,
ReaderQuotas = new XmlDictionaryReaderQuotas() { MaxDepth = 32, MaxStringContentLength = 81920, MaxArrayLength = 1638400, MaxBytesPerRead = 409600, MaxNameTableCharCount = 163840 },
Security = new BasicHttpSecurity() { Mode = BasicHttpSecurityMode.TransportWithMessageCredential,
//Message = new BasicHttpMessageSecurity() { AlgorithmSuite = SecurityAlgorithmSuite.Default, ClientCredentialType = BasicHttpMessageCredentialType.UserName},
Transport = new HttpTransportSecurity(){ ClientCredentialType = HttpClientCredentialType.Digest}},
};
我们是根据我们在选择什么类型的BasicHttpSecurityMode的3遇到不同的问题。
We are encountering 3 different problems based on what type of BasicHttpSecurityMode we are choosing.
- 交通运输 - 的XML不包括任何安全信息
- TransportCredentialOnly - 我们得到国家端点不能HTTPS错误://
- TransportWithMessagecredential - 这可不是用摘要
现在他们的ServiceReference允许我们使用ClientCredentials类,所以这里是我们如何尝试使用HttpDigest:
Now their ServiceReference allows us to use ClientCredentials class, so here is how we tried using HttpDigest:
typeClient.ClientCredentials.HttpDigest.ClientCredential.UserName = "username";
typeClient.ClientCredentials.HttpDigest.ClientCredential.Password = "password";
我读过的其他计算器问题,对消化我们应该用SOAPHEADER与AuthHeader,但有没有办法让我们与他们给什么是API中与之匹敌。是否有这样做的任何其他方式?或者是他们的API不是C#编写正确?
I've read on other StackOverflow question that for digest we should be using SoapHeader with AuthHeader, but there is no way for us to match it with what they give is in the API. Is there any other way of doing it? Or is their API not written correctly for C#?
推荐答案
这是更复杂的使用在这种情况下消化AUTH - 你将需要实施 IClientMessageInspector
来搞不定......这使您能够修改HTTP头中所需要的消化身份验证的方法。
It is much more complicated to use digest auth in this scenario - you will need to implement IClientMessageInspector
to get it working... this enables you to modify the http headers in a way that is needed for digest auth.
有用的链接:
- http://stackoverflow.com/a/3257760/847363
- 的http://benpowell.org/supporting-the-ws-i-basic-profile-password-digest-in-a-wcf-client-proxy/
- 的http://social.msdn.microsoft.com/Forums/en/wcf/thread/0f09954e-3cef-45b3-a00d-f0f579a06bf7
- http://msdn.microsoft.com/en-us/library/system.servicemodel.dispatcher.iclientmessageinspector.aspx
- http://msdn.microsoft.com/en-us/library/system.servicemodel.dispatcher.iclientmessageinspector.beforesendrequest.aspx
- http://yuzhangqi.itpub.net/post/37475/500654
- HTTP://wcfpro.word$p$pss.com/category / WCF的扩展/
- http://social.technet.microsoft.com/wiki/contents/articles/1322.how-to-inspect-wcf-message-headers-using-iclientmessageinspector-en-us.aspx
- 的http://weblogs.asp.net/paolopia/archive/2007/08/23/writing-a-wcf-message-inspector.aspx
- HTTP://wcfpro.word$p$pss.com / 2011/03/29 / iclientmessageinspector /
- http://stackoverflow.com/a/3257760/847363
- http://benpowell.org/supporting-the-ws-i-basic-profile-password-digest-in-a-wcf-client-proxy/
- http://social.msdn.microsoft.com/Forums/en/wcf/thread/0f09954e-3cef-45b3-a00d-f0f579a06bf7
- http://msdn.microsoft.com/en-us/library/system.servicemodel.dispatcher.iclientmessageinspector.aspx
- http://msdn.microsoft.com/en-us/library/system.servicemodel.dispatcher.iclientmessageinspector.beforesendrequest.aspx
- http://yuzhangqi.itpub.net/post/37475/500654
- http://wcfpro.wordpress.com/category/wcf-extensions/
- http://social.technet.microsoft.com/wiki/contents/articles/1322.how-to-inspect-wcf-message-headers-using-iclientmessageinspector-en-us.aspx
- http://weblogs.asp.net/paolopia/archive/2007/08/23/writing-a-wcf-message-inspector.aspx
- http://wcfpro.wordpress.com/2011/03/29/iclientmessageinspector/
这篇关于消费使用摘要身份验证Web服务的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!