[英]HTTP request from a C# desktop application to a Siteminder-protected server
I have developed a C# desktop application which makes HTTPS requests to the customers' servers ( usually Documentum/SharePoint/Alfresco/NemakiWare/etc HTTPS-based servers ). 我开发了一个C#桌面应用程序 ,它向客户的服务器( 通常是Documentum / SharePoint / Alfresco / NemakiWare / etc基于HTTPS的服务器 )发出HTTPS请求 。
Several customers have asked us to support their servers which are protected by CA SSO ( new name of Siteminder ). 一些客户要求我们支持受CA SSO ( Siteminder的新名称 )保护的服务器。
QUESTION: What do I need to do to allow my application to send HTTPS requests (and receive responses) with CA SSO-protected servers? 问题:如何允许我的应用程序使用受CA SSO保护的服务器发送HTTPS请求(并接收响应),我需要做些什么?
To authenticate with CA SSO and then connect to the desired URL we need to access a protected resource on a web server configured to use CA SSO authentication: 要使用CA SSO进行身份验证,然后连接到所需的URL,我们需要访问配置为使用CA SSO身份验证的Web服务器上的受保护资源:
This is accomplished with the following steps: 这是通过以下步骤完成的:
Open a connection (HTTP request in this case) to the URI of the protected resource. 打开连接(在这种情况下为HTTP请求)到受保护资源的URI。 Since the request has not yet been authenticated, the CA SSO agent will issue a redirect to a login page.
由于请求尚未经过身份验证,因此CA SSO代理将向登录页面发出重定向。 In the code,
AllowAutoRedirect
is set to false. 在代码中,
AllowAutoRedirect
设置为false。 This is important as the redirect URL will be required for the subsequent POST of login data in step 3 below. 这很重要,因为在下面的步骤3中,后续的登录数据POST将需要重定向URL。 If
AllowAutoRedirect
were True, the response would not include a Location header and the subsequent POST would be made to the original URL, which would then redirect to the login page again. 如果
AllowAutoRedirect
为True,则响应将不包含Location标头,并且后续POST将对原始URL进行,然后将再次重定向到登录页面。 However, a POST occurs between a client and the server, any POST data carried in the payload of the request of step 3 will be lost during the redirect. 但是,在客户端和服务器之间发生POST,在重定向期间,步骤3的请求的有效负载中携带的任何POST数据都将丢失。
Dim request As HttpWebRequest
Dim response As HttpWebResponse
Dim url As String = PROTECTED_URL
request = WebRequest.Create(url)
request.AllowAutoRedirect = False
response = request.GetResponse
' make sure we have a valid response
If response.StatusCode <> HttpStatusCode.Found Then
Throw New InvalidProgramException
End If
' get the login page
url = response.Headers("Location")
request = WebRequest.Create(url)
request.AllowAutoRedirect = False
response = request.GetResponse
The next step involves creating an HTTPS request that POSTs all the form data, including userid and password, back to the server. 下一步是创建一个HTTPS请求,将所有表单数据(包括用户ID和密码)POST回服务器。 The purpose of an authentication agent is to verify a user's identity by validating their userid and password.
身份验证代理的目的是通过验证用户标识和密码来验证用户的身份。 Thus, their URLs naturally use SSL (secure sockets layer) and are encrypted for us, so we do not required further encryption in our program.
因此,他们的URL自然使用SSL(安全套接字层)并为我们加密,因此我们不需要在我们的程序中进一步加密。 However, the formatting of the POST data is interesting in as much as there are two alternatives.
但是,POST数据的格式化很有意思,因为有两种选择。 The sample program uses the simpler approach of setting the content type to application/x-www-form-urlencoded.
示例程序使用更简单的方法将内容类型设置为application / x-www-form-urlencoded。 Here the POST data is formatted similar to a query string and sent as part of the next request.
POST数据的格式类似于查询字符串,并作为下一个请求的一部分发送。
Dim postData As String
postData = ""
For Each inputName As String In tags.Keys
If inputName.Substring(0, 2).ToLower = "sm" Then
postData &= inputName & "=" & _
HttpUtility.UrlEncode(tags(inputName)) & "&"
End If
Next
postData += "postpreservationdata=&"
postData += "USER=" + HttpUtility.UrlEncode(USERNAME) & "&"
postData += "PASSWORD=" + HttpUtility.UrlEncode(PASSWORD)
request = WebRequest.Create(url)
cookies = New CookieContainer
request.CookieContainer = cookies
request.ContentType = FORM_CONTENT_TYPE
request.ContentLength = postData.Length
request.Method = POST_METHOD
request.AllowAutoRedirect = False ' Important
Dim sw As StreamWriter = New StreamWriter(request.GetRequestStream())
sw.Write(postData)
sw.Flush()
sw.Close()
response = request.GetResponse
Same idea as Mohit's answer, but it can be done with a much simpler code: 与Mohit的答案相同,但可以通过更简单的代码完成:
//Make initial request for SM to give you some cookies and the authentication URI
RestClient client = new RestClient("http://theResourceDomain/myApp");
client.CookieContainer = new CookieContainer();
IRestResponse response = client.Get(new RestRequest("someProduct/orders"));
//Now add credentials.
client.Authenticator = new HttpBasicAuthenticator("username", "password");
//Get resource from the SiteMinder URI which will redirect back to the API URI upon authentication.
response = client.Get(new RestRequest(response.ResponseUri));
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.