堆栈内存溢出
  简体   繁体   English

在 C# 中使用 SSL (https) 使用 Web 服务

[英]Consuming web service with SSL (https) in C#

 原文  2012-05-07 11:05:29       c#/ wcf/ ssl/ security-context

问题描述

I want to consume an ssl secured web service in C#.我想使用 C# 中的 ssl 安全 Web 服务。 The request looks like this:请求如下所示:

<soapenv:Envelope
  xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
  xmlns:biw="http://tempuri.org/ws_returnTable"
  xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
  >
  <soapenv:Header>
    <wsse:Security>
      <wsse:UsernameToken>
        <wsse:Username>sasdemo</wsse:Username>
        <wsse:Password>sasch.111</wsse:Password>
      </wsse:UsernameToken>
    </wsse:Security>
  </soapenv:Header>
   <soapenv:Body>
      <biw:meansclass />
   </soapenv:Body>
</soapenv:Envelope>

The endpoint declaration in WSDL looks like this: WSDL 中的端点声明如下所示:

<wsdl:service name="meansclass">
  <wsdl:port binding="tns:meansclassSoapBinding" name="meansclassPort">
    <soap:address location="https://sas.ssz.intra.stzh.ch:8443/SASBIWS/services/Shared%20Data/ws/meansclass" /> 
  </wsdl:port>
</wsdl:service>

The app.config looks like this: app.config 看起来像这样:

<bindings>
    <basicHttpBinding>
        <binding name="meansclassSoapBinding" closeTimeout="00:01:00"
            openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00"
            allowCookies="false" bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard"
            maxBufferSize="65536" maxBufferPoolSize="524288" maxReceivedMessageSize="65536"
            messageEncoding="Text" textEncoding="utf-8" transferMode="Buffered"
            useDefaultWebProxy="true">
            <readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
                maxBytesPerRead="4096" maxNameTableCharCount="16384" />
            <security mode="Transport">
                <transport clientCredentialType="None" proxyCredentialType="None"
                    realm="" />
                <message clientCredentialType="UserName" algorithmSuite="Default" />
            </security>
        </binding>
    </basicHttpBinding>
</bindings>
<client>
    <endpoint address="https://localhost:8443/SASBIWS/services/Shared%20Data/ws/meansclass"
        binding="basicHttpBinding" bindingConfiguration="meansclassSoapBinding"
        contract="ServiceReference1.meansclassPortType" name="meansclassPort" />
</client>

I tried to access the web service with that C# code:我尝试使用该 C# 代码访问 Web 服务:

var service = new meansclassPortTypeClient();

service.ClientCredentials.UserName.UserName = "username";
service.ClientCredentials.UserName.Password = "password";

var test = service.meansclass();

But there is always an exception thrown by meansclass().但是meansclass()总会抛出异常。 In German it says:在德语中是这样说的:

Exception of type 'Client Authentication' (...) There is no security context. “客户端身份验证”类型的异常 (...) 没有安全上下文。

I have googled a lot but haven't found out what I do wrong.我用谷歌搜索了很多,但没有发现我做错了什么。 How can I make such a "security context"?我怎样才能制作这样的“安全上下文”? Or what is wrong?或者有什么问题?

1 个解决方案

解决方案1
 0  2012-05-08 03:13:11

Without additional context (view of the WSDL) I am grasping, but it is possible that you are confusing SSL security with web service security and the service is complaining about unexpected credentials in the SOAP header.没有额外的上下文(WSDL 的视图),我正在掌握,但是您可能将 SSL 安全性与 Web 服务安全性混淆,并且该服务抱怨 SOAP 标头中的意外凭据。

SSL security is applied as part of the process of transporting the web service request and response. SSL 安全性作为传输 Web 服务请求和响应过程的一部分而应用。 The requirement to coordinate an SSL interaction is trust of the server's certificate by the client by pulling the cert into the trust store being used by C#.协调 SSL 交互的要求是客户端通过将证书拉入 C# 使用的信任库来信任服务器的证书。

What is shown in the request is a 'message level' wss (web service security) username/password credential.请求中显示的是“消息级别”wss(Web 服务安全)用户名/密码凭证。

Suggestions:建议:

  1. If you have control of the service implementation, ensure that any security policies are removed from the web service.如果您可以控制服务实现,请确保从 Web 服务中删除任何安全策略。 If you do not, and you are not absolutely certain that the username and password are required for service consumption, remove the username and password from the soap header.如果不这样做,并且您不能绝对确定服务消费需要用户名和密码,请从soap 标头中删除用户名和密码。
  2. Again if you have control of the service implementation, try removing the SSL requirement and exercising the service to determine if the service can be called over an unsecured (http) connection.同样,如果您可以控制服务实现,请尝试删除 SSL 要求并执行服务以确定是否可以通过不安全 (http) 连接调用该服务。
  3. Add back in just the SSL and check for exceptions...remembering that the public certificate for the server must be trusted by the context in which C# is running.仅添加回 SSL 并检查异常...记住服务器的公共证书必须受到运行 C# 的上下文的信任。 The cert can generally be obtained by visiting the web service (https) address in a browser and using the browser's mechanism to save the cert into the appropriate trust store ( http://balajiramesh.wordpress.com/2007/12/28/save-ssl-certificate-to-cer-file/ )证书一般可以通过在浏览器中访问web服务(https)地址并利用浏览器的机制将证书保存到相应的信任库中来获取( http://balajiramesh.wordpress.com/2007/12/28/save -ssl-certificate-to-cer-file/ )

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 C# - 通过https使用REST Web服务 - C# - Consuming REST web service over https 在C#中使用SSL证书使用Rest服务 - Consuming Rest service with SSL certificate in C# 在C#中使用Web服务-List - Consuming web service in C# -List SAP中的C#Web服务使用错误 - C# Web service consuming error in SAP 使用C#消费测验Web服务 - Consuming a Quiz web service with C# 在C#应用程序中使用Java Web服务 - consuming java web service in C# applications 使用Com和Delphi在ac#类库中使用HTTPS服务 - Consuming a HTTPS service in a c# class library using Com and Delphi 使用Web API的C#消耗Java Web服务(不提供WSDL) - C# Consuming Java web service with Web API (NO WSDL available) 调用https Web服务(C#) - Calling a https web service (C#) 从C#客户端使用PHP Web服务 - Consuming PHP Web Service From C# Client
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM