我有一个.NET Core 2.0应用程序,需要从其中一个控制器调用WCF客户端,并传递用户凭据进行身份验证。
在.net核心应用程序中,我使用连接服务(WCF Web服务引用提供程序)为WCF客户端创建了一个引用,现在正在配置该调用。请注意,我可以使用相同的端点形成4.6框架应用程序,没有任何问题。
这是我的代码:
var binding = new BasicHttpBinding {Security = {Mode = BasicHttpSecurityMode.Transport}};
var address = new EndpointAddress("https://my-endpoint.asmx");
var client = new MyAppSoapClient(binding, address);
var credentials = CredentialCache.DefaultNetworkCredentials;
client.ClientCredentials.Windows.ClientCredential = credentials;
client.ClientCredentials.Windows.AllowedImpersonationLevel = System.Security.Principal.TokenImpersonationLevel.Impersonation;
var response = client.GetStuff("param").Result;
我遇到了一些问题:
它必须是https电话 我需要将当前登录的用户凭据传递给该呼叫
我得到的当前错误如下:
The HTTP request is unauthorized with client authentication scheme 'Anonymous'. The authentication header received from the server was 'Negotiate, NTLM'
此外,ConnectedService.json(由WCF Web服务引用提供程序自动创建)具有预定义的端点Uri ..我不明白为什么我需要手动将地址传递给客户端(代码似乎强迫我这样做) ..理想情况下,我想根据环境在json中动态修改。
谢谢。
我注意到您将当前登录的用户作为Windows凭据(这也是启用模拟所必需的)传递,但您没有为传输层安全性显式设置客户端凭据。
BasicHttpBinding binding = new BasicHttpBinding();
binding.Security.Mode = BasicHttpSecurityMode.Transport;
binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Windows;
此外,ConnectedService.json(由WCF Web服务引用提供程序自动创建)具有预定义的端点Uri ..我不明白为什么我需要手动将地址传递给客户端(代码似乎强迫我这样做)
您可以修改自动生成代理客户端的方法来构造客户端代理类(位于reference.cs中) 修改绑定安全性
private static System.ServiceModel.Channels.Binding GetBindingForEndpoint(EndpointConfiguration endpointConfiguration)
{
if ((endpointConfiguration == EndpointConfiguration.WebService1Soap))
{
System.ServiceModel.BasicHttpBinding result = new System.ServiceModel.BasicHttpBinding();
result.Security.Mode = System.ServiceModel.BasicHttpSecurityMode.Transport;
result.Security.Transport.ClientCredentialType = System.ServiceModel.HttpClientCredentialType.Windows;
result.MaxBufferSize = int.MaxValue;
result.ReaderQuotas = System.Xml.XmlDictionaryReaderQuotas.Max;
result.MaxReceivedMessageSize = int.MaxValue;
result.AllowCookies = true;
return result;
}
修改端点。
private static System.ServiceModel.EndpointAddress GetEndpointAddress(EndpointConfiguration endpointConfiguration)
{
if ((endpointConfiguration == EndpointConfiguration.WebService1Soap))
{
return new System.ServiceModel.EndpointAddress("http://10.157.13.69:8001/webservice1.asmx");
构造客户端代理类。
ServiceReference1.WebService1SoapClient client = new WebService1SoapClient(WebService1SoapClient.EndpointConfiguration.WebService1Soap);
client.ClientCredentials.Windows.AllowedImpersonationLevel = System.Security.Principal.TokenImpersonationLevel.Impersonation;
client.ClientCredentials.Windows.ClientCredential.UserName = "administrator";
client.ClientCredentials.Windows.ClientCredential.Password = "123456";
如果有什么我可以帮忙,请随时告诉我。
我的绑定缺少安全性Ntlm凭证类型(见下文)。
问题解决了。
var binding = new BasicHttpBinding {Security = {Mode = BasicHttpSecurityMode.Transport,
Transport = new HttpTransportSecurity(){ClientCredentialType = HttpClientCredentialType.Ntlm } }};