在 linux 机器上运行 c# 应用程序时,SOAP 身份验证失败 [英] SOAP authentication fails when running a c# app on a linux box
问题描述
我正在尝试通过 c# 应用程序连接到第三方 SOAP 服务.在 Windows 机器上运行应用程序时,以下代码有效:
I'm trying to connect to a third-party SOAP service via a c# app. The following code works when running the app on a Windows machine:
var ws = new MyWebServiceClient();
ws.ClientCredentials.Windows.ClientCredential = new System.Net.NetworkCredential("myusername", "mypassword", "mydomain");
var response = ws.SomeEndpoint();
Element xmlResult = response.Result.SomeEndpoint;
...
但是如果我从 Linux 或 Mac OS 运行 相同的代码,它会失败:
But if I run the same code from Linux or Mac OS, it fails with:
HTTP 请求未经授权,客户端身份验证方案为协商".从服务器收到的身份验证标头是协商,NTLM".
我有一个 python 应用程序,它可以在 任何 操作系统上运行时使用相同的 SOAP 服务而不会遇到问题,所以问题不在我的 linux 发行版/设置中.
I have a python app that can consume that same SOAP service when running on any operating system without running into issues, so the problem isn't in my linux distribution/setup.
是否有人在 .NET Core 中遇到过类似问题或找到了解决方法?
我发现 这个问题报告 表明 .NET core 的早期版本存在可能导致类似于我所看到的行为的限制/错误,但它声称这些问题在 RC2 之后得到解决.
I found this issue report that suggests that the earlier versions of .NET core had limitations/bugs that could cause behavior similar to what I'm seeing, but it claims that those issues were resolved after RC2.
假设问题报告错误并且问题仍然存在于 .NET core 的 Linux/Mac 发行版中,有谁知道我如何获得 CredentialCache代码> 解决方法,在那篇文章中建议,使用 SOAP 客户端?我是 .NET 的新手,super 是 .NET 的肥皂客户端的新手,如果这是一个幼稚的问题,我深表歉意.
Assuming that issue report is wrong and that the issue still remains in the Linux/Mac distribution of .NET core, does anyone know how I can get the CredentialCache workaround, suggested in that article, working with a SOAP client? I'm pretty new to .NET and super new to .NET soap clients, so I apologize if that's a naive question.
似乎对于非 Windows,.NET 核心在协商失败后无法尝试 NTLM.我从 python 应用程序中知道,NTLM 可以与这个特定的 SOAP 服务一起使用.如何强制它跳过协商"并直接转到 NTLM? 上面文章中的 CredentialCache 解决方法似乎就是这样做的.我只是不知道如何使用 SOAP 服务使其工作......
It seems that, for non-Windows, .NET core is failing to attempt NTLM after Negotiate fails. I know, from the python app, that NTLM works with this particular SOAP service. How can I force it to skip "Negotiate" and and go straight to NTLM? It seems that that is what the CredentialCache workaround, from the above article, is doing. I just can't figure out how to make that work with a SOAP service...
推荐答案
.Net Core SOAP 客户端,带有 NTLM 身份验证和 CredentialCache
BasicHttpBinding basicHttpBinding = new BasicHttpBinding();
basicHttpBinding.Security.Mode = BasicHttpSecurityMode.TransportCredentialOnly;
basicHttpBinding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Ntlm;
EndpointAddress endpoint = new EndpointAddress("http://myservice");
var factory = new ChannelFactory<IMyService>(basicHttpBinding, endpoint);
CredentialCache myCredentialCache = new CredentialCache();
NetworkCredential myCreds = new NetworkCredential("username", "password", "domain");
myCredentialCache.Add("ContoscoMail", 45, "NTLM", myCreds);
factory.Credentials.Windows.ClientCredential =
myCredentialCache.GetCredential("ContosoMail", 45, "NTLM");
var client = factory.CreateChannel();
// ... use the webservice
更新:这是 2.1 中修复的错误
正如在此处遇到的那样,并已作为错误修复此处,它应该适用于 .net core 2.1(未发布并计划用于 2018 年第一季度).所以现在,当从 Linux 连接时,您应该尝试使用另一种类型的身份验证(查看 RuntimeInformation.IsOSPlatform).
Update: it's a bug fixed in 2.1
As already encountered here and fixed as a bug here, it should work with .net core 2.1 (not released and scheduled for Q1 2018).
So right now, you should try to use another type of authentication when connecting from Linux (look at RuntimeInformation.IsOSPlatform).
这篇关于在 linux 机器上运行 c# 应用程序时,SOAP 身份验证失败的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
