使用https协议消费webservice
Sud*_*udi 9 c# authentication ssl wcf web-services
我正在开发一个应用程序,我必须使用http协议来使用Java开发的webservice.我正在使用C#.NET winforms开发应用程序.一切正常,直到现在.但是web服务现在使用ssl安全性,因此服务URL协议从http更改为https.now我在访问https webservice时遇到了问题.
我尝试通过Auth选项卡提供Authenticaion参数(用户名和密码)从SoapUI访问https webservice,如下所示:
它从SoapUI工作正常.
但是我从代码中提供了Authenticaion参数,如下所示:
client.ClientCredentials.UserName.UserName = "admin";
client.ClientCredentials.UserName.Password = "*******";
我正在使用安全模式:TransportWithMessageCredential
和
ClientCredentialTtype:Basic
我的App.Config文件如下:
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<startup>
<supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.5" />
</startup>
<system.serviceModel>
<client>
<endpoint address="https://xyz:8001/HelloWorldAPI/HelloWorldWebService"
binding="wsHttpBinding"
bindingConfiguration="myhttpsbinding" contract="API.HelloWorldWebService"
name="HelloWorldWebServicePort" />
</client>
<bindings>
<wsHttpBinding>
<binding name="myhttpsbinding">
<security mode="TransportWithMessageCredential">
<transport clientCredentialType="Basic"/>
</security>
</binding>
</wsHttpBinding>
</bindings>
</system.serviceModel>
<system.net>
<defaultProxy useDefaultCredentials="true" />
</system.net>
</configuration>
我的代码如下:
using System;
using System.Collections.Generic;
using System.Linq;
using System.Net;
using System.Net.Security;
using System.Security.Cryptography.X509Certificates;
using System.ServiceModel;
using System.Text;
using System.Threading.Tasks;
using testingtool.API;
namespace testingtool
{
class Program
{
static void Main(string[] args)
{
new APITool();
}
}
class APITool
{
UserInfo userinfo = new UserInfo();
HelloWorldWebServiceClient client = new HelloWorldWebServiceClient();
private bool ValidationCallBack(object sender, X509Certificate cert, X509Chain chain, System.Net.Security.SslPolicyErrors error)
{
return true;
}
public APITool()
{
try
{
//Authentication parameters
client.ClientCredentials.UserName.UserName = "admin";
client.ClientCredentials.UserName.Password = "*****";
ServicePointManager.ServerCertificateValidationCallback = new System.Net.Security.RemoteCertificateValidationCallback(ValidationCallBack);
//client ClientCredentials @ Application level
userinfo.userid = "myusername";
userinfo.password = "*****";
GetHelloWorldAPIVersionRequest request = new GetHelloWorldAPIVersionRequest();
APIVersionInfo versioninfo = new APIVersionInfo();
versioninfo.userinfo = userinfo;
request.APIVersionInfo = versioninfo;
APIVersionInfoResponse response = client.GetHelloWorldAPIVersion(versioninfo);
Console.WriteLine(response.Version);
}
catch (Exception ex)
{
Console.WriteLine(ex.ToString());
}
Console.ReadLine();
}
}
}
我得到以下异常:
System.ServiceModel.Security.MessageSecurityException:HTTP请求未经授权,客户端身份验证方案为"匿名".从服务器接收的认证头是'Basic realm ="EJBServiceEndpointServlet Realm"'.---> System.Net.WebException:远程服务器返回错误:(401)未经授权.
编辑:从客户端我已经与Fiddler验证了如下的请求窗口:从AUth选项卡,它表示没有Autherization Header存在.
Fiddler Raw请求如下:
CONNECT 10.10.10.110:8001
HTTP/1.1 Host: 10.10.10.110:8001
Connection: Keep-Alive
User-Agent: Apache-HttpClient/4.1.1 (java 1.5)
任何帮助将不胜感激.
您应该更改您的应用程序配置:
<wsHttpBinding>
<binding name="myhttpsbinding">
<security mode="TransportWithMessageCredential">
<transport clientCredentialType="None" />
<message clientCredentialType="UserName" establishSecurityContext="false" negotiateServiceCredential="false"/>
</security>
</binding>
</wsHttpBinding>
在传输级别,您没有身份验证,因此<transport clientCredentialType="None" />在消息级别,您有用户名|密码身份验证,因此<message clientCredentialType="UserName"
| 归档时间: |
|
| 查看次数: |
18441 次 |
| 最近记录: |