web-services - SharePoint 2013 中的自定义 Web 服务与模拟

标签 web-services wcf sharepoint sharepoint-2013 impersonation

对于 SharePoint 2010,我们使用自定义 Web 服务(不是 SOAP!)使一些第 3 方数据可用于浏览器显示的页面中的 JS 代码。这是敏感数据,因此我们使用模拟来确保只有正确的用户才能访问它。我们的解决方案在 SharePoint 2013 中不再适用。由于原始解决方案相当复杂,我在 SP 2013 中构建了一个小而简单的服务,以研究如何设置具有模拟的 Web 服务。该服务部署到 ISAPI 的子文件夹。

这是没有模仿的基础,它有效:

测试服务.svc:

<%@ ServiceHost 
    Language="C#"
    Debug="true" 
    Service="Sandbox.TestService, $SharePoint.Project.AssemblyFullName$" 
    CodeBehind="TestService.svc.cs" 
    Factory="Microsoft.SharePoint.Client.Services.MultipleBaseAddressWebServiceHostFactory, Microsoft.SharePoint.Client.ServerRuntime, Version=15.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c" %>

TestService.svc.cs 后面的代码是:
using Microsoft.SharePoint.Client.Services;
using System;
using System.Collections.Generic;
using System.Linq;
using System.ServiceModel.Activation;
using System.ServiceModel;
using System.ServiceModel.Web;

namespace Sandbox
{
    [ServiceContract]
    [AspNetCompatibilityRequirements(RequirementsMode = AspNetCompatibilityRequirementsMode.Required)]
    public class TestService
    {
        [OperationContract]
        [WebGet(UriTemplate = "GetAllNumbers",
            ResponseFormat = WebMessageFormat.Json)]
        List<int> GetAllNumbers()
        {
            List<int> result = new List<int>();
            result.AddRange(new[] { 1, 1, 2, 3, 5, 8, 13 });
            return result;
        }
    }
}

当我在 http://pc00175/_vti_bin/Sandbox/TestService.svc/GetAllNumbers 上执行 GET 时我收到了预期的共鸣[1,1,2,3,5,8,13] .到目前为止还好。现在我尝试使用模拟:
using Microsoft.SharePoint.Client.Services;
using System;
using System.Collections.Generic;
using System.Linq;
using System.ServiceModel.Activation;
using System.ServiceModel;
using System.ServiceModel.Web;
using System.Security.Principal;

namespace Sandbox
{
    [ServiceContract]
    [AspNetCompatibilityRequirements(RequirementsMode = AspNetCompatibilityRequirementsMode.Required)]
    public class TestService
    {
        [OperationContract]
        [WebGet(UriTemplate = "GetAllNumbers",
            ResponseFormat = WebMessageFormat.Json)]
        List<int> GetAllNumbers()
        {
            List<int> result = new List<int>();
            WindowsImpersonationContext ctx = ServiceSecurityContext.Current.WindowsIdentity.Impersonate();
            try
            {
                result.AddRange(new[] { 1, 1, 2, 3, 5, 8, 13 });
            }
            finally
            {
                ctx.Undo();
            }
            return result;
        }
    }
}

现在我得到一个 System.InvalidOperationException 消息“匿名身份无法执行模拟”。调用 ServiceSecurityContext.Current.WindowsIdentity.Impersonate() 时.我需要告诉 WCF 我们需要模拟该调用。所以我添加了一个属性[OperationBehavior(Impersonation=ImpersonationOption.Required)] :
using Microsoft.SharePoint.Client.Services;
using System;
using System.Collections.Generic;
using System.Linq;
using System.ServiceModel.Activation;
using System.ServiceModel;
using System.ServiceModel.Web;
using System.Security.Principal;

namespace Sandbox
{
    [ServiceContract]
    [AspNetCompatibilityRequirements(RequirementsMode = AspNetCompatibilityRequirementsMode.Required)]
    public class TestService
    {
        [OperationContract]
        [WebGet(UriTemplate = "GetAllNumbers",
            ResponseFormat = WebMessageFormat.Json)]
        [OperationBehavior(Impersonation=ImpersonationOption.Required)]
        List<int> GetAllNumbers()
        {
            List<int> result = new List<int>();
            WindowsImpersonationContext ctx = ServiceSecurityContext.Current.WindowsIdentity.Impersonate();
            try
            {
                result.AddRange(new[] { 1, 1, 2, 3, 5, 8, 13 });
            }
            finally
            {
                ctx.Undo();
            }
            return result;
        }
    }
}

现在我在 SharePoint 日志中发现以下错误:
Error when open web service: System.InvalidOperationException: The contract operation 'GetAllNumbers' requires Windows identity for automatic impersonation. A Windows identity that represents the caller is not provided by binding ('WebHttpBinding','http://tempuri.org/') for contract ('TestService','http://tempuri.org/'.     at System.ServiceModel.Dispatcher.SecurityValidationBehavior.WindowsIdentitySupportRule.ValidateWindowsIdentityCapability(Binding binding, ContractDescription contract, OperationDescription operation)     at System.ServiceModel.Dispatcher.SecurityValidationBehavior.WindowsIdentitySupportRule.Validate(ServiceDescription description)     at System.ServiceModel.Dispatcher.SecurityValidationBehavior.System.ServiceModel.Description.IServiceBehavior.Validate(ServiceDescriptio...

然后我猜我必须在 TestService.svc 旁边添加一个 web.config 并添加 TransportCredentialsOnly 模式,但这没有帮助:
<?xml version="1.0"?>
<configuration>
  <system.serviceModel>
    <bindings>
      <webHttpBinding>
        <binding>
          <security mode="TransportCredentialOnly">
            <transport clientCredentialType="Ntlm"/>
          </security>
        </binding>
      </webHttpBinding>
    </bindings>
  </system.serviceModel>
</configuration>

我在 SharePoint 日志文件中收到相同的错误。

我希望有人对我有提示。

谢谢你读到这里!

彼得

最佳答案

如果你想使用 REST,为什么不简单地为此创建一个应用程序呢?这比在 SharePoint 中公开 WCF 服务要容易得多。然后,您可以配置自己的安全设置。

这个article应该可以帮助你。

关于web-services - SharePoint 2013 中的自定义 Web 服务与模拟,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/26546495/

相关文章:

java - 如何以编程方式(!)使用 wsdl 验证 soap 请求/响应?

wcf - 具有不同签名的相同方法的推荐命名约定?

c# - 用于 32 位 dll 访问的自托管 WCF 服务

sharepoint - Sharepoint+RtWebParts 如何处理时区?

c# - 通过引用 Sharepoint 文档添加 Outlook 附件

c# - 将参数数组传递给 Web 方法

asp.net - Web 服务 : Secure? Asp.net

java - 如何从 Joomla 调用外部网络服务

c# - "The maximum message size quota for incoming messages (65536) has been exceeded."。即使在设置更大的尺寸之后

javascript - 未捕获的 ReferenceError : Type is not defined in sp. runtime.js