那些遇到过的问题

SharePoint 2013中的自定义Web服务,具有模拟功能

Pet*_* P. 5 sharepoint impersonation wcf web-services sharepoint-2013

对于SharePoint 2010,我们使用自定义Web服务(非SOAP!)在浏览器显示的页面中为JS代码提供一些第三方数据.这是敏感数据,因此我们使用模拟来确保只有合适的用户才能访问它.我们的解决方案在SharePoint 2013中不再起作用.由于原始解决方案非常复杂,我在SP 2013中构建了一个小而简单的服务,以研究如何设置具有模拟的Web服务.该服务部署到ISAPI的子文件夹.

这是没有冒充的基础,它起作用:

TestService.svc:

<%@ ServiceHost 
    Language="C#"
    Debug="true" 
    Service="Sandbox.TestService, $SharePoint.Project.AssemblyFullName$" 
    CodeBehind="TestService.svc.cs" 
    Factory="Microsoft.SharePoint.Client.Services.MultipleBaseAddressWebServiceHostFactory, Microsoft.SharePoint.Client.ServerRuntime, Version=15.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c" %>
Run Code Online (Sandbox Code Playgroud)

TestService.svc.cs中的代码是:

using Microsoft.SharePoint.Client.Services;
using System;
using System.Collections.Generic;
using System.Linq;
using System.ServiceModel.Activation;
using System.ServiceModel;
using System.ServiceModel.Web;

namespace Sandbox
{
    [ServiceContract]
    [AspNetCompatibilityRequirements(RequirementsMode = AspNetCompatibilityRequirementsMode.Required)]
    public class TestService
    {
        [OperationContract]
        [WebGet(UriTemplate = "GetAllNumbers",
            ResponseFormat = WebMessageFormat.Json)]
        List<int> GetAllNumbers()
        {
            List<int> result = new List<int>();
            result.AddRange(new[] { 1, 1, 2, 3, 5, 8, 13 });
            return result;
        }
    }
}
Run Code Online (Sandbox Code Playgroud)

当我执行GET时,http://pc00175/_vti_bin/Sandbox/TestService.svc/GetAllNumbers我收到预期的共鸣[1,1,2,3,5,8,13].好到目前为止.现在我尝试使用模拟:

using Microsoft.SharePoint.Client.Services;
using System;
using System.Collections.Generic;
using System.Linq;
using System.ServiceModel.Activation;
using System.ServiceModel;
using System.ServiceModel.Web;
using System.Security.Principal;

namespace Sandbox
{
    [ServiceContract]
    [AspNetCompatibilityRequirements(RequirementsMode = AspNetCompatibilityRequirementsMode.Required)]
    public class TestService
    {
        [OperationContract]
        [WebGet(UriTemplate = "GetAllNumbers",
            ResponseFormat = WebMessageFormat.Json)]
        List<int> GetAllNumbers()
        {
            List<int> result = new List<int>();
            WindowsImpersonationContext ctx = ServiceSecurityContext.Current.WindowsIdentity.Impersonate();
            try
            {
                result.AddRange(new[] { 1, 1, 2, 3, 5, 8, 13 });
            }
            finally
            {
                ctx.Undo();
            }
            return result;
        }
    }
}
Run Code Online (Sandbox Code Playgroud)

现在我收到一个System.InvalidOperationException,并显示消息"匿名身份无法执行模拟".打电话时ServiceSecurityContext.Current.WindowsIdentity.Impersonate().我需要告诉WCF我们需要模拟该调用.所以我添加了一个属性[OperationBehavior(Impersonation=ImpersonationOption.Required)]:

using Microsoft.SharePoint.Client.Services;
using System;
using System.Collections.Generic;
using System.Linq;
using System.ServiceModel.Activation;
using System.ServiceModel;
using System.ServiceModel.Web;
using System.Security.Principal;

namespace Sandbox
{
    [ServiceContract]
    [AspNetCompatibilityRequirements(RequirementsMode = AspNetCompatibilityRequirementsMode.Required)]
    public class TestService
    {
        [OperationContract]
        [WebGet(UriTemplate = "GetAllNumbers",
            ResponseFormat = WebMessageFormat.Json)]
        [OperationBehavior(Impersonation=ImpersonationOption.Required)]
        List<int> GetAllNumbers()
        {
            List<int> result = new List<int>();
            WindowsImpersonationContext ctx = ServiceSecurityContext.Current.WindowsIdentity.Impersonate();
            try
            {
                result.AddRange(new[] { 1, 1, 2, 3, 5, 8, 13 });
            }
            finally
            {
                ctx.Undo();
            }
            return result;
        }
    }
}
Run Code Online (Sandbox Code Playgroud)

现在,我在SharePoint日志中发现以下错误:

Error when open web service: System.InvalidOperationException: The contract operation 'GetAllNumbers' requires Windows identity for automatic impersonation. A Windows identity that represents the caller is not provided by binding ('WebHttpBinding','http://tempuri.org/') for contract ('TestService','http://tempuri.org/'.     at System.ServiceModel.Dispatcher.SecurityValidationBehavior.WindowsIdentitySupportRule.ValidateWindowsIdentityCapability(Binding binding, ContractDescription contract, OperationDescription operation)     at System.ServiceModel.Dispatcher.SecurityValidationBehavior.WindowsIdentitySupportRule.Validate(ServiceDescription description)     at System.ServiceModel.Dispatcher.SecurityValidationBehavior.System.ServiceModel.Description.IServiceBehavior.Validate(ServiceDescriptio...
Run Code Online (Sandbox Code Playgroud)

然后我猜我必须在TestService.svc旁边添加一个web.config并添加TransportCredentialsOnly模式,但这没有帮助:

<?xml version="1.0"?>
<configuration>
  <system.serviceModel>
    <bindings>
      <webHttpBinding>
        <binding>
          <security mode="TransportCredentialOnly">
            <transport clientCredentialType="Ntlm"/>
          </security>
        </binding>
      </webHttpBinding>
    </bindings>
  </system.serviceModel>
</configuration>
Run Code Online (Sandbox Code Playgroud)

我在SharePoint日志文件中得到相同的错误.

我希望有人对我有所暗示.

感谢您阅读这篇文章!

彼得

hbu*_*ens 0

如果您想使用 REST,为什么不为此创建一个应用程序呢?这比在 SharePoint 中公开 WCF 服务要容易得多。然后您可以配置自己的安全设置。

这篇文章应该可以帮助你解决这个问题。

归档时间:

查看次数:

1516 次

最近记录:

10 年,8 月 前
相关归档
如何在一个web.config中组合http和https的WCF服务配置? 26
在.net中用于RESTful服务的框架 22
如何定义以透明方式拦截所有服务的全局JAX-WS MessageHandler? 19
如何从C#使用ColdFusion Web服务? 15
WCF服务:对测试有用的公开服务 10
如何使用Visual Studio生成的异步WCF调用? 10
UIWebView未检测到网页cookie 6
Web.config的最大大小是多少? 5
IIS7发布/放置/补丁/删除WCF oData - 身份验证失败401.3 5
进行客户端 WCF 调用时如何防止“System.AccessViolationException”? 5
难疑归档
从脚本本身获取Bash脚本的源目录 4672
如果我有jQuery背景,"在AngularJS中思考"? 4518
是否可以将CSS应用于角色的一半? 2717
在Windows命令行上是否有相应的"哪个"? 2231
如何将package.json中的每个依赖项更新为最新版本? 1871
接口和抽象类之间有什么区别? 1705
按值复制数组 1638
Apache Camel究竟是什么? 1310
在Python中反转一个字符串 1288
我如何开始使用Node.js 1264