SharePoint 2010:从 NetSuite 使用 Web 服务 - 403 禁止错误 [英] SharePoint 2010: consuming web services from NetSuite - 403 Forbidden error
问题描述
我的公司正在开发一个新的 SharePoint 网站,该网站将使用基于表单的身份验证,以允许我们的客户登录该网站以获取订阅者的特定内容(下载、许可信息等).
My company is working on a new SharePoint site, which will use Forms Based Authentication to allow our customers to log into the site for subscriber specific content (downloads, license info, etc).
所有这些客户都位于我们的 CRM NetSuite 中,我们希望我们的客户服务团队在这里更新客户信息并将他们分配给 FBA 角色(这些角色已添加到 SharePoint 中的组).
All these customers are located within our CRM, NetSuite, which is where we want our customer care teams to update a customers information and assign them to FBA roles (the roles are already added to Groups in SharePoint).
为此,我希望创建 SOAP XML 文件,NetSuite 自己的开发语言 SuiteScript 可以使用它来发送 SOAP 请求并处理响应.
To do this, I'm looking to create SOAP XML files, that can be used by NetSuite's own development language, SuiteScript, which would send the SOAP request, and the process the response.
例如:我正在使用soapUI构建以下XML:
For example: Using soapUI I'm constructing the following XML:
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:dir="http://schemas.microsoft.com/sharepoint/soap/directory/">
<soapenv:Header/>
<soapenv:Body>
<dir:GetUserInfo>
<dir:userLoginName>myUserName</dir:userLoginName>
</dir:GetUserInfo>
</soapenv:Body>
</soapenv:Envelope>
问题是我的 XML 响应在使用 soapUI 执行此 XML 时为 403 FORBIDDEN - 原始响应是:
The problem is that my XML response, when executing this XML using soapUI, is 403 FORBIDDEN - the Raw response is:
HTTP/1.1 403 Forbidden
Cache-Control: private, max-age=0
Server: Microsoft-IIS/7.5
SPRequestGuid: 36264ce4-9702-44bb-9693-23852a5e0c99
X-SharePointHealthScore: 1
X-Forms_Based_Auth_Required: http://mySPserver/_layouts/login.aspxReturnUrl=/_layouts/Error.aspx&Source=%2f_vti_bin%2fusergroup.asmx
X-Forms_Based_Auth_Return_Url: http://ec2-devmoss1/_layouts/Error.aspx
X-MSDAVEXT_Error: 917656; Access denied. Before opening files in this location, you must first browse to the web site and select the option to login automatically.
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
MicrosoftSharePointTeamServices: 14.0.0.4762
Date: Tue, 19 Jul 2011 19:25:47 GMT
Content-Length: 13
403 FORBIDDEN
我猜我需要使用 XML 中的凭据以某种方式登录,但我该怎么做?我尝试在我的 <soapenv:Header>...
I'm guessing I need to log in somehow using credentials within the XML, but how do I do that? I tried using this in my <soapenv:Header>...
<soapenv:Header>
<h:BasicAuth xmlns:h="http://soap-authentication.org/basic/2001/10/" SOAP-ENV:mustUnderstand="1">
<Name>user</Name>
<Password>password</Password>
</h:BasicAuth>
</soapenv:Header>
但是我的原始回复变成了:
but then my Raw response becomes:
HTTP/1.1 400 Bad Request
Cache-Control: private
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
MicrosoftSharePointTeamServices: 14.0.0.4762
Date: Tue, 19 Jul 2011 19:43:12 GMT
Content-Length: 0
任何人都可以就如何为此或任何 SharePoint Web 服务方法正确形成 XML SOAP 调用提供建议,或将我指向解释它的文章/问题(附答案)?我尝试使用谷歌搜索并查看 stackoverflow(当然),但我找不到我需要的信息/解决方案.
Can anyone advise on how to correctly form an XML SOAP call for this, or any, SharePoint web service method, or point me to an article/question (with answer) that explains it? I tried googling and looking through stackoverflow (of course ), but I just cannot find the information/solution I need.
(抱歉问了这么长的问题)
(sorry for the really long question)
凯文
推荐答案
在温暖、模糊的 .Net 世界...
使用 FBA 访问 SharePoint 网站上的网络服务需要一些额外的工作.
Accessing webservices on a SharePoint site using FBA takes a little extra work.
在 .Net 中,这非常简单.事实上,有一篇包含代码示例的 MSDN 文章以及关于如何做到这一点的所有内容.总之,您首先在 Authentication.asmx 上调用 Login 方法,并在以后的所有 Web 服务请求中使用返回的 cookie.
In .Net, it's pretty simple. In fact, there's a MSDN article with code samples and all on precisely how to do that. In summary, you first call the Login method on Authentication.asmx, and use the returned cookie in all future web service requests.
.Net 之外
在一个漆黑的暴风雨之夜,我冒险进入了非微软的世界.无人区.如果没有 .Net 生成的 Web 服务代理,我们将滚动自己的 SOAP 消息以与 SharePoint Web 服务进行通信.
One dark and stormy night, I ventured out into the non-Microsoft world. No-man's land. Without the .Net generated web service proxies, we were rolling our own SOAP messages to communicate with SharePoint webservices.
我的饼干呢?
如果没有 .Net 代理,您就不能像 MSDN 文章建议的那样使用 CookieContainer.Authentication.asmx 对 Login 的描述显示了以下 SOAP 响应:
Without the .Net proxy, you can't use CookieContainer as the MSDN article suggests. Authentication.asmx's description for Login shows the following SOAP response:
响应 XML 仅包含身份验证 cookie 的名称.真正的饼干去哪儿了?给我我的饼干!!!
The response XML simply contains the authentication cookie's name. Where did the actual cookie go? GIMME MY COOKIE!!!
获取 cookie
事实证明 cookie 是在 SOAP 标头中发送的.如果登录成功,响应的 SOAP 标头将如下所示:
It turns out the cookie is sent in the SOAP header. If login is successful, the response's SOAP header will look something like this:
上面的 Set-Cookie 字段为我们提供了名为 .ASPXAUTH 的 FBA cookie,其值为 987A98.......
The Set-Cookie field above gives us the FBA cookie called .ASPXAUTH, with value 987A98.......
使用 cookie
要将 cookie 用于 Web 服务请求,我们需要通过添加 Cookie 字段将其包含在 SOAP 请求标头中:
To use the cookie for web service requests, we need to include it in the SOAP request header by adding a Cookie field:
您可以通过用分号分隔名称/值对来包含多个 cookie.设置 .ASPXAUTH cookie 后,您就可以发送请求并正常返回响应.
You can include multiple cookies by separating the name/value pairs with semi-colons. Once the .ASPXAUTH cookie is set, you can send the request and a response should be returned as normal.
ISA 防线后的无人区
位于具有 Forms 身份验证的 ISA 服务器后面的 SharePoint 站点可以类似地处理.不同之处在于我们必须从 ISA 服务器而不是 SharePoint 获取身份验证 cookie.这可以通过发布到/CookieAuth.dll?Logon url 来完成.我不会详细介绍,但找出要使用的适当 url 和查询字符串应该不难.
SharePoint sites behind an ISA server with Forms authentication can be handled similarly. The difference is that we have to get the authentication cookies from the ISA server instead of SharePoint. That can be done by POSTing to the /CookieAuth.dll?Logon url. I won't go over the details, but it shouldn't be hard to figure out the appropriate url and querystring to use.
在原来的博客消失然后重新出现后,我又发现了这个.为后代添加,以防博客消失.
这篇关于SharePoint 2010:从 NetSuite 使用 Web 服务 - 403 禁止错误的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
