我正在开发一个应用程序,我必须在其中使用使用 http 协议(protocol)使用 Java 开发的 Web 服务。 我正在使用 C#.NET winforms 开发应用程序。到目前为止一切正常。 Web 服务现在使用 SSL 安全性,因此服务协议(protocol)从 http 更改为 https。我在访问 https 网络服务时遇到问题。
我尝试通过提供身份验证选项卡中的身份验证参数(用户名和密码)从 SoapUI 访问 https 网络服务,如下所示:
它在 SoapUI 中运行良好。
但是我从下面的代码中提供了 Authenticaion 参数,但它不起作用:
client.ClientCredentials.UserName.UserName = "admin";
client.ClientCredentials.UserName.Password = "*******";
我将安全模式用作:TransportWithMessageCredential
和
ClientCredentialTtype 为:Basic
我的App.Config 文件如下:
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<startup>
<supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.5" />
</startup>
<system.serviceModel>
<client>
<endpoint address="https://xyz:8001/HelloWorldAPI/HelloWorldWebService"
binding="wsHttpBinding"
bindingConfiguration="myhttpsbinding" contract="API.HelloWorldWebService"
name="HelloWorldWebServicePort" />
</client>
<bindings>
<wsHttpBinding>
<binding name="myhttpsbinding">
<security mode="TransportWithMessageCredential">
<transport clientCredentialType="Basic"/>
</security>
</binding>
</wsHttpBinding>
</bindings>
</system.serviceModel>
<system.net>
<defaultProxy useDefaultCredentials="true" />
</system.net>
</configuration>
我的代码如下:
using System;
using System.Collections.Generic;
using System.Linq;
using System.Net;
using System.Net.Security;
using System.Security.Cryptography.X509Certificates;
using System.ServiceModel;
using System.Text;
using System.Threading.Tasks;
using testingtool.API;
namespace testingtool
{
class Program
{
static void Main(string[] args)
{
new APITool();
}
}
class APITool
{
UserInfo userinfo = new UserInfo();
HelloWorldWebServiceClient client = new HelloWorldWebServiceClient();
private bool ValidationCallBack(object sender, X509Certificate cert, X509Chain chain, System.Net.Security.SslPolicyErrors error)
{
return true;
}
public APITool()
{
try
{
//Authentication parameters
client.ClientCredentials.UserName.UserName = "admin";
client.ClientCredentials.UserName.Password = "*****";
ServicePointManager.ServerCertificateValidationCallback = new System.Net.Security.RemoteCertificateValidationCallback(ValidationCallBack);
//client ClientCredentials @ Application level
userinfo.userid = "myusername";
userinfo.password = "*****";
GetHelloWorldAPIVersionRequest request = new GetHelloWorldAPIVersionRequest();
APIVersionInfo versioninfo = new APIVersionInfo();
versioninfo.userinfo = userinfo;
request.APIVersionInfo = versioninfo;
APIVersionInfoResponse response = client.GetHelloWorldAPIVersion(versioninfo);
Console.WriteLine(response.Version);
}
catch (Exception ex)
{
Console.WriteLine(ex.ToString());
}
Console.ReadLine();
}
}
}
我遇到以下异常:
System.ServiceModel.Security.MessageSecurityException: The HTTP request is unauthorized with client authentication scheme 'Anonymous'. The authentication header received from the server was 'Basic realm="EJBServiceEndpointServlet Realm"'. ---> System.Net.WebException: The remote server returned an error: (401) Unauthorized.
编辑: 从客户端我已经通过 Fiddler 验证了请求窗口,如下所示: 在 AUth 选项卡中,它表示不存在 Autherization Header。
Fiddler 原始请求如下:
CONNECT 10.10.10.110:8001
HTTP/1.1 Host: 10.10.10.110:8001
Connection: Keep-Alive
User-Agent: Apache-HttpClient/4.1.1 (java 1.5)
如有任何帮助,我们将不胜感激。
最佳答案
想知道问题是否与绑定(bind)有关,但如果不检查服务配置或看到成功的 soapUI 请求就很难确定。 (注意:您可能希望包含来自 soapUI HTTP 日志的消息片段,包括 soap header 。)
在任何情况下,您都可能希望通过尝试以下绑定(bind)来确保该服务确实使用了 ws-security(消息级安全性):
<bindings>
<basicHttpBinding>
<binding name="httpBinding">
<security mode="TransportCredentialOnly">
<transport clientCredentialType="Basic" />
</security>
</binding>
</basicHttpBinding>
</bindings>
关于c# - 使用 https 协议(protocol)使用 webservice,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/24202633/