[英]Consuming a web service using digest authentication
We are using C# to send XML data via SOAP. 我们正在使用C#通过SOAP发送XML数据。 The service requires HttpDigest authentication with
#PasswordDigest
and #Base64Binary Nonce
. 该服务需要具有
#PasswordDigest
和#Base64Binary Nonce
#PasswordDigest
#Base64Binary Nonce
HttpDigest身份验证。 Our binding
code: 我们的
binding
代码:
protected BasicHttpBinding binding = new BasicHttpBinding()
{
Name = "ShipmentServiceSoapBinding",
CloseTimeout = new TimeSpan(0, 01, 0),
OpenTimeout = new TimeSpan(0, 01, 0),
ReceiveTimeout = new TimeSpan(0, 10, 0),
SendTimeout = new TimeSpan(0, 5, 0),
AllowCookies = false,
BypassProxyOnLocal = false,
HostNameComparisonMode = HostNameComparisonMode.StrongWildcard,
MaxBufferPoolSize = 5242880,
MaxReceivedMessageSize = 655360,
MessageEncoding = WSMessageEncoding.Text ,
TextEncoding = new UTF8Encoding(),
UseDefaultWebProxy = true,
ReaderQuotas = new XmlDictionaryReaderQuotas() { MaxDepth = 32, MaxStringContentLength = 81920, MaxArrayLength = 1638400, MaxBytesPerRead = 409600, MaxNameTableCharCount = 163840 },
Security = new BasicHttpSecurity() { Mode = BasicHttpSecurityMode.TransportWithMessageCredential,
//Message = new BasicHttpMessageSecurity() { AlgorithmSuite = SecurityAlgorithmSuite.Default, ClientCredentialType = BasicHttpMessageCredentialType.UserName},
Transport = new HttpTransportSecurity(){ ClientCredentialType = HttpClientCredentialType.Digest}},
};
We are encountering 3 different problems based on what type of BasicHttpSecurityMode we are choosing. 根据我们选择的BasicHttpSecurityMode类型,我们遇到3个不同的问题。
Now their ServiceReference allows us to use ClientCredentials class, so here is how we tried using HttpDigest: 现在,他们的ServiceReference允许我们使用ClientCredentials类,因此这是我们尝试使用HttpDigest的方式:
typeClient.ClientCredentials.HttpDigest.ClientCredential.UserName = "username";
typeClient.ClientCredentials.HttpDigest.ClientCredential.Password = "password";
I've read on other StackOverflow question that for digest we should be using SoapHeader with AuthHeader, but there is no way for us to match it with what they give is in the API. 我已经阅读了其他StackOverflow问题,对于摘要,我们应该将SoapHeader与AuthHeader一起使用,但是我们无法将其与API中提供的内容进行匹配。 Is there any other way of doing it?
还有其他方法吗? Or is their API not written correctly for C#?
还是他们的API没有为C#正确编写?
It is much more complicated to use digest auth in this scenario - you will need to implement IClientMessageInspector
to get it working... this enables you to modify the http headers in a way that is needed for digest auth. 在这种情况下,使用摘要身份验证要复杂得多-您将需要实现
IClientMessageInspector
才能使其正常工作...这使您能够以摘要身份验证所需的方式修改http标头。
Helpful links: 有用的网址:
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.