与WCF ChannelBase HTTP代理服务器基本身份验证 [英] HTTP proxy basic authentication with WCF ChannelBase

问题描述

我坚持基本身份验证的一个问题，连接的创建，在Visual Studio中，从ChannelBase得出一个Web服务。已经尝试在MSDN询问没有结果，所以我想在这里我的运气。

I'm stuck with a problem of basic authentication to connect a web service which was created, in Visual Studio, deriving from ChannelBase. Already tried to ask in MSDN with no results, so I'm trying my luck over here.

这是该方案：

一）Web服务需要基本身份验证（用户名和密码），并支持SOAP 1.1

a) the web service requires basic authentication (username and password) and supports SOAP 1.1

二）我不得不经历要求，又一个HTTP代理，基本身份验证。

b) I have to go through a HTTP proxy which requires, again, basic authentication.

我不能得到这个工作：对Web服务的验证是好的（如果测试绕过代理），但它看起来像我不能配置ChannelBase派生类的代理来处理身份验证（获得所需的认证后， HTTP响应不进行协商身份验证）。

I cannot get this to work: the authentication on the web service is fine (if tested bypassing the proxy) but it looks like I cannot configure the ChannelBase-derived class to handle the authentication at the proxy (after getting an authentication required HTTP response it does not proceed negotiating the authentication).

下面是我的app.config当前设置

here are my current settings in app.config

<configuration>
 <system.serviceModel>
  <bindings>
   <customBinding>
    <binding name="LocationWSBinding" receiveTimeout="00:02:30">
     <textMessageEncoding messageVersion="Soap11" />
     <httpTransport authenticationScheme="Basic" proxyAddress="http://The.proxy.ip" useDefaultWebProxy="false" 
      bypassProxyOnLocal="True" proxyAuthenticationScheme="Basic" />
    </binding>
   </customBinding>
  </bindings>
  <client>
   <endpoint address="http://the.web.service"
      binding ="customBinding" bindingConfiguration="LocationWSBinding"
     contract="The.Contract.Name" name="LocationWSPort" />
  </client>
 </system.serviceModel>
</configuration>

和在code，这就是我指定凭据的地方：

and in the code, this is the place where I am specifying the credentials:

TheClient WS =新TheClient（LocationWSPort）;

TheClient WS = new TheClient("LocationWSPort");

  WS.ClientCredentials.UserName.UserName = "WebServiceUsername";
  WS.ClientCredentials.UserName.Password = "WebServicepassword";
  WS.ChannelFactory.Credentials.Windows.ClientCredential = new NetworkCredential("Proxyusername","ProxyPassword");

您可以帮帮我吗？

我不知道什么是错的这阻止客户端请求时代理认证才能继续。

I don't know what's wrong which is blocking the client to proceed with proxy authentication when requested.

由于埃马努埃莱

恩里科，不好意思的回答晚了。
我曾尝试按照你的建议，和它的作品只有当我调用web服务方法不带任何参数，当我调用一个方法需要复杂类型作为参数（这是真正的电话我必须作出获得有用的有效载荷）我得到以下错误：

Enrico, sorry for the late answer. I have tried following your suggestion, and it works only if I call a webservice method without arguments, when I call a method requiring complex types as an argument (which is the real call I have to make to get useful payload) I get the following error:

{"The server did not provide a meaningful reply; this might be caused by a contract mismatch, a premature session shutdown or an internal server error."}
[System.ServiceModel.CommunicationException]: {"The server did not provide a meaningful reply; this might be caused by a contract mismatch, a premature session shutdown or an internal server error."}
_className: null
_data: {System.Collections.ListDictionaryInternal}
_dynamicMethods: null
_exceptionMethod: null
_exceptionMethodString: null
_helpURL: null
_HResult: -2146233087
_innerException: null
_ipForWatsonBuckets: 83189596
_message: "The server did not provide a meaningful reply; this might be caused by a contract mismatch, a premature session shutdown or an internal server error."
_remoteStackIndex: 1
_remoteStackTraceString: "\r\nServer stack trace: \r\n   at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)\r\n   at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)\r\n   at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)\r\n\r\nException rethrown at [0]: \r\n"
_safeSerializationManager: {System.Runtime.Serialization.SafeSerializationManager}
_source: null
_stackTrace: {sbyte[80]}
_stackTraceString: null
_watsonBuckets: null
_xcode: -532462766
_xptrs: 0
Data: {System.Collections.ListDictionaryInternal}
HelpLink: null
HResult: -2146233087
InnerException: null
IsTransient: false
Message: "The server did not provide a meaningful reply; this might be caused by a contract mismatch, a premature session shutdown or an internal server error."
Source: "mscorlib"
StackTrace: "\r\nServer stack trace: \r\n   at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)\r\n   at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)\r\n   at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)\r\n\r\nException rethrown at [0]: \r\n   at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)\r\n   at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)\r\n   at [.......] in E:\\VisualStudioPrj\\HTTPproxyTroubleshoot\\HTTPproxyTroubleshoot\\Program.cs:line 88"
TargetSite: {Void HandleReturnMessage(System.Runtime.Remoting.Messaging.IMessage, System.Runtime.Remoting.Messaging.IMessage)}

现在，我确信数据合同是确定（这是工作，如果我不设置WebRequest.DefaultWebProxy）。
对于FTP，那么，这些SOAP调用由Windows服务来协调它们运行两个线程之一进行：另一个正在FTP照顾来电，而是和我通过代理，否则答案需要这些不过境将被格式化为HTML是绕FTP搞乱通信...

Now, I am sure that the data contract is OK (it is working if I do not set WebRequest.DefaultWebProxy). As for the FTP, well, these SOAP calls are done by one of the two threads run by the Windows service which coordinates them: the other is taking care of FTP calls instead, and I need these not to transit through the proxy otherwise the answer will be formatted as HTML which is messing around the FTP communications...

推荐答案

您遇到的问题是由于的 WCF将使用同一套既为服务认证和上游Web代理服务器认证客户端凭据。由于您的服务需要不同的一对证书的比你的上游Web代理确实，该请求没有被正确验证，并随后被封锁。

The problem you're experiencing is due to the fact that WCF will use the same set of client credentials both for service authentication and for upstream web proxy authentication. Since your service requires a different pair of credentials than your upstream web proxy does, the request is not being properly authenticated and subsequently gets blocked.

既然你只能指定一组关于<一个凭据href=\"http://msdn.microsoft.com/en-us/library/system.servicemodel.description.clientcredentials.aspx\"相对=nofollow> ClientCredentials 类，解决的办法是为设置凭据在较低级别与Web代理服务器来使用，使用的 WebRequest.DefaultWebProxy 属性。

Since you can specify only a single set of credentials on the ClientCredentials class, the solution is to set the credentials to use with the web proxy at a lower level, using the WebRequest.DefaultWebProxy property.

下面是一个例子：

var webProxy = new WebProxy
{
    Address = "http://myproxy:8080",
    Credentials = new NetworkCredential("username", "password")
};

WebRequest.DefaultWebProxy = webProxy;

您应该然后告诉WCF使用刚通过的 WebProxy 类：

You should then tell WCF to use the default proxy that was just configured through the WebProxy class:

<bindings>
    <customBinding>
        <binding name="MyBinding">
            <textMessageEncoding messageVersion="Soap11" />
            <httpTransport authenticationScheme="Basic"
                           useDefaultWebProxy="true" 
                           bypassProxyOnLocal="true"
                           proxyAuthenticationScheme="Basic" />
        </binding>
    </customBinding>
</bindings>

相关资源：

如何在WCF客户端提供的Web代理身份验证凭据专用

• How to supply dedicated credentials for web proxy authentication in a WCF client

这篇关于与WCF ChannelBase HTTP代理服务器基本身份验证的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！