使用摘要身份驗證消耗Web服務

Question

我們正在使用C＃通過SOAP發送XML數據。 該服務需要具有#PasswordDigest和#Base64Binary Nonce #PasswordDigest #Base64Binary Nonce HttpDigest身份驗證。 我們的binding代碼：

protected BasicHttpBinding binding = new BasicHttpBinding()
{
            Name = "ShipmentServiceSoapBinding",
            CloseTimeout = new TimeSpan(0, 01, 0),
            OpenTimeout = new TimeSpan(0, 01, 0),
            ReceiveTimeout = new TimeSpan(0, 10, 0),
            SendTimeout = new TimeSpan(0, 5, 0),
            AllowCookies = false,
            BypassProxyOnLocal = false, 
            HostNameComparisonMode = HostNameComparisonMode.StrongWildcard,
            MaxBufferPoolSize = 5242880,
            MaxReceivedMessageSize = 655360,
            MessageEncoding = WSMessageEncoding.Text ,
            TextEncoding =  new UTF8Encoding(),
            UseDefaultWebProxy = true,
            ReaderQuotas = new XmlDictionaryReaderQuotas() { MaxDepth = 32, MaxStringContentLength = 81920, MaxArrayLength = 1638400, MaxBytesPerRead = 409600, MaxNameTableCharCount = 163840 },
            Security = new BasicHttpSecurity() { Mode = BasicHttpSecurityMode.TransportWithMessageCredential, 
                                                 //Message = new BasicHttpMessageSecurity() { AlgorithmSuite = SecurityAlgorithmSuite.Default, ClientCredentialType = BasicHttpMessageCredentialType.UserName}, 
                                                 Transport = new HttpTransportSecurity(){ ClientCredentialType = HttpClientCredentialType.Digest}},

};

根據我們選擇的BasicHttpSecurityMode類型，我們遇到3個不同的問題。

1. 傳輸-XML不包含任何安全信息
2. TransportCredentialOnly-我們收到的錯誤指出端點不能為https：//
3. TransportWithMessagecredential-這不使用摘要

現在，他們的ServiceReference允許我們使用ClientCredentials類，因此這是我們嘗試使用HttpDigest的方式：

typeClient.ClientCredentials.HttpDigest.ClientCredential.UserName = "username";
typeClient.ClientCredentials.HttpDigest.ClientCredential.Password = "password";

我已經閱讀了其他StackOverflow問題，對於摘要，我們應該將SoapHeader與AuthHeader一起使用，但是我們無法將其與API中提供的內容進行匹配。 還有其他方法嗎？ 還是他們的API沒有為C＃正確編寫？

Answer 1

在這種情況下，使用摘要身份驗證要復雜得多-您將需要實現IClientMessageInspector才能使其正常工作...這使您能夠以摘要身份驗證所需的方式修改http標頭。

有用的網址：

• https://stackoverflow.com/a/3257760/847363
• http://benpowell.org/supporting-the-ws-i-basic-profile-password-digest-in-a-wcf-client-proxy/
• http://social.msdn.microsoft.com/Forums/en/wcf/thread/0f09954e-3cef-45b3-a00d-f0f579a06bf7
• http://msdn.microsoft.com/zh-CN/library/system.servicemodel.dispatcher.iclientmessageinspector.aspx
• http://msdn.microsoft.com/zh-CN/library/system.servicemodel.dispatcher.iclientmessageinspector.beforesendrequest.aspx
• http://yuzhangqi.itpub.net/post/37475/500654
• http://wcfpro.wordpress.com/category/wcf-extensions/
• http://social.technet.microsoft.com/wiki/contents/articles/1322.how-to-inspect-wcf-message-headers-using-iclientmessageinspector-en-us.aspx
• http://weblogs.asp.net/paolopia/archive/2007/08/23/writing-a-wcf-message-inspector.aspx
• http://wcfpro.wordpress.com/2011/03/29/iclientmessageinspector/