[英]Web service HTTP request is unauthorized with scheme digest
我的C#客戶端調用Web服務時遇到了一些麻煩。 有時它將返回以下錯誤:
WWW-Authenticate: Basic realm="[SomeRealm]"'. --->
System.ServiceModel.Security.MessageSecurityException:
The HTTP request is unauthorized with client authentication scheme 'Digest'.
The authentication header received from the server was 'Digest realm="[SomeRealm]",
nonce="00000717Y382188758809db0bcc622bdf37def3deabb93", stale=FALSE, qop="auth"
WWW-Authenticate: Basic realm="[SomeRealm]"'. --->
System.Net.WebException: The remote server returned an error: (401) Unauthorized.
但是我不知道為什么,而且真的很難復制,因此調試起來非常棘手。 在大多數情況下,對Web服務的調用工作正常。 有人知道為什么會這樣嗎? 或有關如何調試並獲取有關該問題的更多信息的任何提示?
更新:
好的,所以我嘗試了使用小提琴手進行的交流,但這並沒有使我變得更明智。
這是無效的請求/挑戰/請求/響應
請求
POST http://192.168.1.3/api/services HTTP/1.1
Content-Type: application/soap+xml; charset=utf-8;
action="http://www.domain.com/api/ws/event1/GetScheduledEvents"
Host: 192.168.1.3
Content-Length: 482
Accept-Encoding: gzip, deflate
Connection: Keep-Alive
挑戰
HTTP/1.1 401 Unauthorized
Date: Wed, 14 Aug 2013 07:45:49 GMT
Accept-Ranges: bytes
Connection: close
WWW-Authenticate: Digest realm="[SomeRealm]",
once="00025a89Y1892894c7fb9fe5f9de425b40c72d72de3227", stale=FALSE, qop="auth"
WWW-Authenticate: Basic realm="[SomeRealm]"
Content-Length: 180
Content-Type: text/html; charset=ISO-8859-1
<HTML><HEAD><TITLE>401 Unauthorized</TITLE></HEAD>
<BODY><H1>401 Unauthorized</H1>
Your client does not have permission to get URL /api/services from this server.
</BODY></HTML>
請求
POST http://192.168.1.3/api/services HTTP/1.1
Content-Type: application/soap+xml; charset=utf-8; action="http://www.domain.com/api/ws/event1/GetScheduledEvents"
Accept-Encoding: gzip, deflate
Authorization: Digest username="UserName",realm="[SomeRealm]",nonce="00025a89Y1892894c7fb9fe5f9de425b40c72d72de3227",uri="/api/services",cnonce="abff70e14c8f89b09abac9eaaa9de8ce",nc=00000001,qop="auth",response="df71769f9fb2bb5e1396546b7422d5fd"
Host: 192.168.1.3
Content-Length: 482
Connection: Keep-Alive
響應
HTTP/1.1 200 OK
Authentication-Info: qop=auth, rspauth="51832dfe63819c551bf666409f58b08c", cnonce="abff70e14c8f89b09abac9eaaa9de8ce", nc=00000001
Server: gSOAP/2.7
Content-Type: application/soap+xml; charset=utf-8
Content-Length: 3752
Connection: close
這是失敗的請求/挑戰/請求/響應之一
請求
POST http://192.168.1.3/api/services HTTP/1.1
Content-Type: application/soap+xml; charset=utf-8; action="http://www.domain.com/api/ws/event1/GetScheduledEvents"
Host: 192.168.1.3
Content-Length: 482
Accept-Encoding: gzip, deflate
Connection: Keep-Alive
挑戰
HTTP/1.1 401 Unauthorized
Date: Wed, 14 Aug 2013 07:45:49 GMT
Accept-Ranges: bytes
Connection: close
WWW-Authenticate: Digest realm="[SomeRealm]", nonce="00025a89Y3757607d2e481c5c24cb20f1a46b129a37218", stale=FALSE, qop="auth"
WWW-Authenticate: Basic realm="[SomeRealm]"
Content-Length: 180
Content-Type: text/html; charset=ISO-8859-1
<HTML><HEAD><TITLE>401 Unauthorized</TITLE></HEAD>
<BODY><H1>401 Unauthorized</H1>
Your client does not have permission to get URL /api/services from this server.
</BODY></HTML>
請求
POST http://192.168.1.3/api/services HTTP/1.1
Content-Type: application/soap+xml; charset=utf-8; action="http://www.domain.com/api/ws/event1/GetScheduledEvents"
Accept-Encoding: gzip, deflate
Authorization: Digest username="UserName",realm="[SomeRealm]",nonce="00025a89Y3757607d2e481c5c24cb20f1a46b129a37218",uri="/api/services",cnonce="9daae13f56820d9edf12cbf7e41f894b",nc=00000001,qop="auth",response="18d885af71eb74d1476da0f3668bf00e"
Host: 192.168.1.3
Content-Length: 482
Connection: Keep-Alive
響應
HTTP/1.1 401 Unauthorized
WWW-Authenticate: Digest realm="[SomeRealm]", nonce="00025a89Y412766b2f55e4fc54dbd441b95cc713e08ccb", stale=FALSE, qop="auth"
WWW-Authenticate: Basic realm="[SomeRealm]"
Server: gSOAP/2.7
Content-Type: text/xml; charset=utf-8
Content-Length: 0
Connection: close
在WCF端點上設置安全性時,我遇到了很多問題,而找出隱晦錯誤原因的最簡單方法(我有很多)是在主機和客戶端上都打開Web服務的日志跟蹤。 我還發現使用Fiddler作為消息攔截器/代理很好用。 使用這些工具,您將獲得有關Web服務中正在發生的事情的更多信息。
這是打開跟蹤的鏈接: 如何打開WCF跟蹤?
這是使用Fiddler探查問題的鏈接: 如何使用Fiddler監視WCF服務
祝你好運。
Web服務“ 基本”或“摘要”所使用的身份驗證類型。 因為並非所有瀏覽器都支持摘要
因此,似乎該錯誤實際上是在服務器端。 據我所知,這是一個線程問題,這似乎是合理的,因為我在服務器上遇到了很多請求。
調用 SAP PI Web 服務時,HTTP 請求未經客戶端身份驗證方案“Ntlm”授權
[英]The HTTP request is unauthorized with client authentication scheme 'Ntlm' while calling SAP PI web service
Wcf服務異常“使用客戶端身份驗證方案未授權HTTP請求”
[英]Wcf service exception “The HTTP request is unauthorized with client authentication scheme”
HTTP 請求未經客戶端身份驗證方案“Ntlm”授權
[英]The HTTP request is unauthorized with client authentication scheme 'Ntlm'
使用客戶端身份驗證方案“匿名”對HTTP請求進行未經授權的授權?
[英]The HTTP request is unauthorized with client authentication scheme 'Anonymous'?
請求失敗,HTTP 狀態為 401:調用 Web 服務時未經授權
[英]The request failed with HTTP status 401: Unauthorized while calling web service
WCF-TransportWithMessageCredential使用客戶端身份驗證方案“匿名”對HTTP請求進行未授權
[英]WCF-TransportWithMessageCredential The HTTP request is unauthorized with client authentication scheme 'Anonymous'
HTTP請求未經授權使用客戶端身份驗證方案“Negotiate”。 身份驗證標頭
[英]The HTTP request is unauthorized with client authentication scheme 'Negotiate'. the authentication header
異常= HTTP請求未經客戶端身份驗證方案“匿名”授權
[英]Exception = The HTTP request is unauthorized with client authentication scheme 'Anonymous'
客戶端身份驗證方案“匿名”未授權HTTP請求。 消耗wsdl文件
[英]The HTTP request is unauthorized with client authentication scheme 'Anonymous'. consuming wsdl file
OnVif集成錯誤-客戶端身份驗證方案“摘要”未經授權
[英]OnVif integration error - unauthorized with client authentication scheme 'Digest'
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.