我有一个 WCF 服务 (A),它使用以下配置调用另一个 WCF 服务 (B)。
<security mode="TransportCredentialOnly">
<transport clientCredentialType="Ntlm" proxyCredentialType="None" realm="" />
<message clientCredentialType="UserName" algorithmSuite="Default" />
</security>
我正在努力从 .net core (v2.2) 服务调用服务 B。我有以下设置:
BasicHttpBinding basicHttpBinding = new BasicHttpBinding();
basicHttpBinding.Security.Mode = BasicHttpSecurityMode.TransportCredentialOnly;
basicHttpBinding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Ntlm;
basicHttpBinding.Security.Transport.ProxyCredentialType = HttpProxyCredentialType.Ntlm;
basicHttpBinding.Security.Message.ClientCredentialType = BasicHttpMessageCredentialType.UserName;
// doesn't have Default as the option. Only TripleDes
//basicHttpBinding.Security.Message.AlgorithmSuite = SecurityAlgorithmSuite.TripleDes
basicHttpBinding.MaxReceivedMessageSize = int.MaxValue;
basicHttpBinding.ReceiveTimeout = new TimeSpan(250000000000);//Timespan in nanoseconds.
EndpointAddress endpointAddress = new EndpointAddress("http://");
customerServiceClient = new CustomerServiceClient(basicHttpBinding, endpointAddress);
NetworkCredential networkCredential = new NetworkCredential("user", "password", "domain");
customerServiceClient.ClientCredentials.Windows.ClientCredential = networkCredential;
customerServiceClient.ClientCredentials.Windows.AllowedImpersonationLevel = TokenImpersonationLevel.Impersonation;
我收到错误:身份验证失败,因为无法重用连接。下面是异常的部分堆栈:
{"Message":"Authentication failed because the connection could not be reused.","Data":{},"InnerException":{"Message":"Authentication failed because the connection could not be reused.","Data":{},"InnerException":null,"StackTrace":" at System.Net.Http.HttpConnection.DrainResponseAsync(HttpResponseMessage response)\r\n at System.Net.Http.AuthenticationHelper.SendWithNtAuthAsync(HttpRequestMessage request, Uri authUri, ICredentials credentials, Boolean isProxyAuth, HttpConnection connection, HttpConnectionPool connectionPool, CancellationToken cancellationToken)\r\n at System.Net.Http.HttpConnectionPool.SendWithNtConnectionAuthAsync(HttpConnection connection, HttpRequestMessage request, Boolean doRequestAuth, CancellationToken cancellationToken)\r\n at System.Net.Http.HttpConnectionPool.SendWithRetryAsync(HttpRequestMessage request, Boolean doRequestAuth, CancellationToken cancellationToken)\r\n at System.Net.Http.AuthenticationHelper.SendWithAuthAsync(HttpRequestMessage request, Uri authUri, ICredentials credentials, Boolean preAuthenticate, Boolean isProxyAuth, Boolean doRequestAuth, HttpConnectionPool pool, CancellationToken cancellationToken)\r\n at System.Net.Http.RedirectHandler.SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)\r\n at System.Net.Http.DecompressionHandler.SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)\r\n...
请告诉我如何解决此问题。此外,该 API 将部署到 PCF 中。
谢谢, 阿伦
最佳答案
目前NetCore不支持消息安全模式。因此下面的语句将不起作用。
basicHttpBinding.Security.Message.ClientCredentialType = BasicHttpMessageCredentialType.UserName;
但是NetCore2.2支持具有TransportCredentialOnly安全模式的WCF服务。
下面是调用该服务的示例。
ServiceReference1.ServiceClient client = new ServiceReference1.ServiceClient();
NetworkCredential nc = new NetworkCredential("administrator", "abcd1234!");
client.ClientCredentials.Windows.ClientCredential = nc;
var result = client.TestAsync().Result;
Console.WriteLine(result);
添加连接的服务引用后,绑定(bind)设置和端点已在 Reference.cs 文件中配置。
我们只需要修改默认的服务端点地址即可。
然后我们在客户端配置 Windows 凭据。在我这边,它有效。
请确保您的客户端项目基于 AspNet Core2.2
另外,请引用官方Github仓库中的讨论。它可能对你有用。
https://github.com/dotnet/wcf/issues/2923
如果有什么需要我帮忙的,请随时告诉我。
关于c# - WCF 调用 .net core API 中的 NTLM 身份验证,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/59720002/