我编写了一个Windows应用程序来测试与客户端SAP Web服务的连接.Web服务调用需要X509证书安全性.
在互联网上阅读各种文章之后,我想出了三种方法将X509证书附加到Web服务调用上.不幸的是,所有这些尝试都返回'401 Unauthorized Access'.但是,我可以通过IE中的URL连接到Web服务.
有没有人对我可能做错了什么?我使用的是WSE 3.0,我用来附加证书的三种方法如下: -
证书
X509Certificate2 oCert = GetSecurityCertificate(oCertificate);
svc.ClientCertificates.Add(oCert);
代币
X509SecurityToken oToken = GetSecurityToken(oCertificate);
svc.RequestSoapContext.Security.Tokens.Add(oToken);
政策
SAPX509Assertion sapX509Assertion = new SAPX509Assertion(oCertificate, oStoreLocation, oStoreName, oFindType);
svc.SetPolicy(sapX509Assertion.Policy());
GetSecurityToken()和GetSecuirtyCertificate都搜索证书存储区.SAPX509Assertion执行此操作: -
public SAPX509Assertion(String certSubject, StoreLocation oStoreLocation, StoreName oStoreName, X509FindType oFindType)
{
ClientX509TokenProvider = new X509TokenProvider(oStoreLocation,
oStoreName, certSubject, oFindType);
ServiceX509TokenProvider = new X509TokenProvider(oStoreLocation,
oStoreName, certSubject, oFindType);
Protection.Request.EncryptBody = false;
Protection.Response.EncryptBody = false;
}
更新 OK,我现在有一个WCF调用.我无法使用Eugarps显示的BasicHttpBinding方法,因为它抱怨我连接到https地址并期望http ...这是有道理的.我现在的代码是: -
var binding = new WSHttpBinding();
binding.MaxReceivedMessageSize = int.MaxValue;
binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Windows;
binding.Security.Mode = …