使用摘要身份验证使用web服务

本文关键字：web 服务身份验证 | 更新日期: 2023-09-27 18:27:34

我们使用C#通过SOAP发送XML数据。该服务需要使用#PasswordDigest和#Base64Binary Nonce进行HttpDigest身份验证。我们的binding代码：

protected BasicHttpBinding binding = new BasicHttpBinding()
{
            Name = "ShipmentServiceSoapBinding",
            CloseTimeout = new TimeSpan(0, 01, 0),
            OpenTimeout = new TimeSpan(0, 01, 0),
            ReceiveTimeout = new TimeSpan(0, 10, 0),
            SendTimeout = new TimeSpan(0, 5, 0),
            AllowCookies = false,
            BypassProxyOnLocal = false, 
            HostNameComparisonMode = HostNameComparisonMode.StrongWildcard,
            MaxBufferPoolSize = 5242880,
            MaxReceivedMessageSize = 655360,
            MessageEncoding = WSMessageEncoding.Text ,
            TextEncoding =  new UTF8Encoding(),
            UseDefaultWebProxy = true,
            ReaderQuotas = new XmlDictionaryReaderQuotas() { MaxDepth = 32, MaxStringContentLength = 81920, MaxArrayLength = 1638400, MaxBytesPerRead = 409600, MaxNameTableCharCount = 163840 },
            Security = new BasicHttpSecurity() { Mode = BasicHttpSecurityMode.TransportWithMessageCredential, 
                                                 //Message = new BasicHttpMessageSecurity() { AlgorithmSuite = SecurityAlgorithmSuite.Default, ClientCredentialType = BasicHttpMessageCredentialType.UserName}, 
                                                 Transport = new HttpTransportSecurity(){ ClientCredentialType = HttpClientCredentialType.Digest}},
};

根据我们选择的BasicHttpSecurityMode类型，我们遇到了3个不同的问题。

传输-XML不包括任何安全信息
TransportCredentialOnly-我们得到的错误表明端点不能是https：//
TransportWithMessagecredential-这不是在使用摘要

现在他们的ServiceReference允许我们使用ClientCredentials类，所以下面是我们如何尝试使用HttpDigest：

typeClient.ClientCredentials.HttpDigest.ClientCredential.UserName = "username";
typeClient.ClientCredentials.HttpDigest.ClientCredential.Password = "password";

我读过关于StackOverflow的另一个问题，即对于摘要，我们应该使用SoapHeader和AuthHeader，但我们无法将其与API中提供的内容相匹配。还有别的办法吗？还是他们的API没有为C#正确编写？

使用摘要身份验证使用web服务

在这种情况下使用摘要身份验证要复杂得多——您需要实现IClientMessageInspector才能使其工作。。。这使您能够以摘要身份验证所需的方式修改http标头。

有用的链接：

https://stackoverflow.com/a/3257760/847363
http://benpowell.org/supporting-the-ws-i-basic-profile-password-digest-in-a-wcf-client-proxy/
http://social.msdn.microsoft.com/Forums/en/wcf/thread/0f09954e-3cef-45b3-a00d-f0f579a06bf7
http://msdn.microsoft.com/en-us/library/system.servicemodel.dispatcher.iclientmessageinspector.aspx
http://msdn.microsoft.com/en-us/library/system.servicemodel.dispatcher.iclientmessageinspector.beforesendrequest.aspx
http://yuzhangqi.itpub.net/post/37475/500654
http://wcfpro.wordpress.com/category/wcf-extensions/
http://social.technet.microsoft.com/wiki/contents/articles/1322.how-to-inspect-wcf-message-headers-using-iclientmessageinspector-en-us.aspx
http://weblogs.asp.net/paolopia/archive/2007/08/23/writing-a-wcf-message-inspector.aspx
http://wcfpro.wordpress.com/2011/03/29/iclientmessageinspector/