在具有 SSL 和 HTTP 身份验证的 WCF 客户端中使用哪种安全模式? [英] Which security mode to use in WCF client with SSL and HTTP Authentication?

问题描述

我需要在我的 WCF 客户端中使用 SSL 和 HTTP 身份验证来连接到 Web 服务.我有如下所示的 wcf 客户端绑定配置和代码来加载证书并传递用户名和密码以进行 http 授权.当我尝试这个时，我收到一个错误http 请求未经客户端身份验证方案 '匿名' 授权.来自服务器的身份验证是 'Basic realm="ws.dataway.com:443'".远程服务器返回了一个错误:(401) 未经授权.谁能告诉我如何解决这个问题以及需要在绑定配置中更改什么?谢谢！

I need to use SSL and HTTP authentication in my WCF client to connect to a web service. I have wcf client binding configuration as shown below and code to load certificate and pass the user name and password for http authorization. When I tried this, I am receiving an error "The http request is unauthorized with client authentication scheme 'Anonymous'. The authentication from the server was 'Basic realm="ws.dataway.com:443'". The remote server returned an error: (401) Unauthorized. Can anyone please tell how to resolve this and what needs to be changed in the binding configuration? Thanks!

            <basicHttpBinding>
            <binding name="OrderBinding" closeTimeout="00:01:00"
                openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00"
                allowCookies="false" bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard"
                maxBufferSize="65536" maxBufferPoolSize="524288" maxReceivedMessageSize="65536"
                messageEncoding="Text" textEncoding="utf-8" transferMode="Buffered"
                useDefaultWebProxy="true">
                <readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
                    maxBytesPerRead="4096" maxNameTableCharCount="16384" />
               <security mode="Transport">
                     <transport clientCredentialType="Certificate" proxyCredentialType="None"
                        realm="" />
               </security>
            </binding>
            </basicHttpBinding>

代码:

            ClientCredentials loginCredentials = new ClientCredentials();
            loginCredentials.UserName.UserName = this.UserId;
            loginCredentials.UserName.Password = this.Password;
            loginCredentials.ClientCertificate.SetCertificate(StoreLocation.LocalMachine, StoreName.My, X509FindType.FindByIssuerName, "link.com");

            var defaultCredentials = channelFactory.Endpoint.Behaviors.Find<ClientCredentials>();
            channelFactory.Endpoint.Behaviors.Remove(defaultCredentials);
            channelFactory.Endpoint.Behaviors.Add(loginCredentials);

推荐答案

试试这个自定义绑定:

  <customBinding>
    <binding name="Secured">
      <textMessageEncoding messageVersion="Soap11" />
      <httpsTransport authenticationScheme="Basic" 
                      realm="ws.dataway.com:443"
                      requireClientCertificate="true" />
    </binding>
  </customBinding>

这篇关于在具有 SSL 和 HTTP 身份验证的 WCF 客户端中使用哪种安全模式?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！