HTTPS 的 HttpWebRequest 出现 403 禁止错误
HttpWebRequest for HTTPS got 403 Forbidden Error
我在从我的 C# 项目调用 GetListCollection 方法时收到错误消息“403 Forbidden”。在线 2013 和 URL 中的共享点版本以 HTTPS 开头。
我的 HTTP header 请求的代码是:
string _url = "https://my.sharepoint.com/"+ "_vti_bin/Lists.asmx";
string soapStr =
@"<?xml version=""1.0"" encoding=""utf-8""?>
<soap:Envelope xmlns:soap=""http://schemas.xmlsoap.org/soap/envelope/"" xmlns:xsi=""http://www.w3.org/2001/XMLSchema-instance"" xmlns:xsd=""http://www.w3.org/2001/XMLSchema"">
<soap:Body>
<GetListCollection xmlns=""http://schemas.microsoft.com/sharepoint/soap/"" />
</soap:Body>
</soap:Envelope>";
HttpWebRequest req = (HttpWebRequest)WebRequest.Create(_url);
req.Headers.Add("SOAPAction", "\"http://schemas.microsoft.com/sharepoint/soap/GetListCollection\"");
req.ContentType = "text/xml; encoding='utf-8'";
req.Credentials = new NetworkCredential(userName, userPassword);
req.Method = "POST";
using (Stream stm = req.GetRequestStream())
{
soapStr = string.Format(soapStr);
using (StreamWriter stmw = new StreamWriter(stm))
{
stmw.Write(soapStr);
}
}
StreamReader responseReader = new StreamReader(req.GetResponse().GetResponseStream());
谁能告诉我哪里错了或者我还需要做什么?
在fiddler中,我得到了如下响应。
HTTP/1.1 403 Forbidden
Cache-Control: private, max-age=0
Content-Type: text/plain; charset=utf-8
Server: Microsoft-IIS/8.5
X-SharePointHealthScore: 0
X-Forms_Based_Auth_Required: https://my.sharepoint.com/_forms/default.aspx?ReturnUrl=/_layouts/15/error.aspx&Source=%2f_vti_bin%2fLists.asmx
X-Forms_Based_Auth_Return_Url: https://my.sharepoint.com/_layouts/15/error.aspx
X-MSDAVEXT_Error: 917656; %e3%82%a2%e3%82%af%e3%82%bb%e3%82%b9%e3%81%8c%e6%8b%92%e5%90%a6%e3%81%95%e3%82%8c%e3%81%be%e3%81%97%e3%81%9f%e3%80%82%e3%81%93%e3%81%ae%e5%a0%b4%e6%89%80%e3%81%ae%e3%83%95%e3%82%a1%e3%82%a4%e3%83%ab%e3%82%92%e9%96%8b%e3%81%8f%e5%89%8d%e3%81%ab%e3%80%81Web+%e3%82%b5%e3%82%a4%e3%83%88%e3%82%92%e5%8f%82%e7%85%a7%e3%81%97%e3%81%a6%e3%80%81%e8%87%aa%e5%8b%95%e7%9a%84%e3%81%ab%e3%83%ad%e3%82%b0%e3%82%a4%e3%83%b3%e3%81%99%e3%82%8b%e3%82%aa%e3%83%97%e3%82%b7%e3%83%a7%e3%83%b3%e3%82%92%e9%81%b8%e6%8a%9e%e3%81%97%e3%81%a6%e3%81%8f%e3%81%a0%e3%81%95%e3%81%84%e3%80%82
X-AspNet-Version: 4.0.30319
SPRequestGuid: 7dbaf69c-a0f4-1000-ba3c-f5906d15f5d7
request-id: 7dbaf69c-a0f4-1000-ba3c-f5906d15f5d7
X-FRAME-OPTIONS: SAMEORIGIN
SPRequestDuration: 66
SPIisLatency: 0
X-IDCRL_AUTH_PARAMS_V1: IDCRL Type="BPOSIDCRL", EndPoint="/_vti_bin/idcrl.svc/", RootDomain="sharepoint.com", Policy="MBI"
X-Powered-By: ASP.NET
MicrosoftSharePointTeamServices: 16.0.0.3819
X-Content-Type-Options: nosniff
X-MS-InvokeApp: 1; RequireReadOnly
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Date: Fri, 27 Mar 2015 04:26:16 GMT
Content-Length: 13
403 FORBIDDEN
403 Forbidden 是尝试通过 HTTPS 访问服务且未在客户端正确设置证书时收到的典型错误代码。也就是说,问题可能出在多个地方,而且还取决于您尝试访问的服务器上的身份验证设置方式。
我认为 this article will be helpful to boot. Then see this thread,因为讨论指出了几个可能对您有帮助的问题和想法。
此错误发生于 NetworkCredential class could not be utilized in Office 365, Microsoft supports claims-based authentication in Office 365。
SharePoint Online Client Components SDK 已发布,其中包含
SharePointOnlineCredentials class 访问 SharePoint Online 资源。
如何在 Office 365 中使用 SharePoint Web 服务
以下示例演示了如何在 Office 365 中对请求进行身份验证:
string endpointUrl = webUri + "/_vti_bin/Lists.asmx";
var envelope =
"<?xml version=\"1.0\" encoding=\"utf-8\"?>" +
"<soap:Envelope xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\" xmlns:soap=\"http://schemas.xmlsoap.org/soap/envelope/\">" +
"<soap:Body>" +
"<GetListCollection xmlns=\"http://schemas.microsoft.com/sharepoint/soap/\" />" +
"</soap:Body>" +
"</soap:Envelope>";
var request = (HttpWebRequest) WebRequest.Create(endpointUrl);
request.ContentType = "text/xml; encoding='utf-8'";
request.Credentials = GetCredentials(userName, password);
request.Headers.Add("X-FORMS_BASED_AUTH_ACCEPTED", "f");
request.Method = "POST";
using (var requestStream = request.GetRequestStream())
{
using (var streamWriter = new StreamWriter(requestStream))
{
streamWriter.Write(envelope);
}
}
using (var response = request.GetResponse())
{
using (var responseStream = response.GetResponseStream())
{
var streamReader = new StreamReader(responseStream);
var data = streamReader.ReadToEnd();
}
}
哪里
public static SharePointOnlineCredentials GetCredentials(string userName, string password)
{
var securePassword = new SecureString();
foreach (var ch in password) securePassword.AppendChar(ch);
return new SharePointOnlineCredentials(userName, securePassword);
}
我在从我的 C# 项目调用 GetListCollection 方法时收到错误消息“403 Forbidden”。在线 2013 和 URL 中的共享点版本以 HTTPS 开头。
我的 HTTP header 请求的代码是:
string _url = "https://my.sharepoint.com/"+ "_vti_bin/Lists.asmx";
string soapStr =
@"<?xml version=""1.0"" encoding=""utf-8""?>
<soap:Envelope xmlns:soap=""http://schemas.xmlsoap.org/soap/envelope/"" xmlns:xsi=""http://www.w3.org/2001/XMLSchema-instance"" xmlns:xsd=""http://www.w3.org/2001/XMLSchema"">
<soap:Body>
<GetListCollection xmlns=""http://schemas.microsoft.com/sharepoint/soap/"" />
</soap:Body>
</soap:Envelope>";
HttpWebRequest req = (HttpWebRequest)WebRequest.Create(_url);
req.Headers.Add("SOAPAction", "\"http://schemas.microsoft.com/sharepoint/soap/GetListCollection\"");
req.ContentType = "text/xml; encoding='utf-8'";
req.Credentials = new NetworkCredential(userName, userPassword);
req.Method = "POST";
using (Stream stm = req.GetRequestStream())
{
soapStr = string.Format(soapStr);
using (StreamWriter stmw = new StreamWriter(stm))
{
stmw.Write(soapStr);
}
}
StreamReader responseReader = new StreamReader(req.GetResponse().GetResponseStream());
谁能告诉我哪里错了或者我还需要做什么?
在fiddler中,我得到了如下响应。
HTTP/1.1 403 Forbidden
Cache-Control: private, max-age=0
Content-Type: text/plain; charset=utf-8
Server: Microsoft-IIS/8.5
X-SharePointHealthScore: 0
X-Forms_Based_Auth_Required: https://my.sharepoint.com/_forms/default.aspx?ReturnUrl=/_layouts/15/error.aspx&Source=%2f_vti_bin%2fLists.asmx
X-Forms_Based_Auth_Return_Url: https://my.sharepoint.com/_layouts/15/error.aspx
X-MSDAVEXT_Error: 917656; %e3%82%a2%e3%82%af%e3%82%bb%e3%82%b9%e3%81%8c%e6%8b%92%e5%90%a6%e3%81%95%e3%82%8c%e3%81%be%e3%81%97%e3%81%9f%e3%80%82%e3%81%93%e3%81%ae%e5%a0%b4%e6%89%80%e3%81%ae%e3%83%95%e3%82%a1%e3%82%a4%e3%83%ab%e3%82%92%e9%96%8b%e3%81%8f%e5%89%8d%e3%81%ab%e3%80%81Web+%e3%82%b5%e3%82%a4%e3%83%88%e3%82%92%e5%8f%82%e7%85%a7%e3%81%97%e3%81%a6%e3%80%81%e8%87%aa%e5%8b%95%e7%9a%84%e3%81%ab%e3%83%ad%e3%82%b0%e3%82%a4%e3%83%b3%e3%81%99%e3%82%8b%e3%82%aa%e3%83%97%e3%82%b7%e3%83%a7%e3%83%b3%e3%82%92%e9%81%b8%e6%8a%9e%e3%81%97%e3%81%a6%e3%81%8f%e3%81%a0%e3%81%95%e3%81%84%e3%80%82
X-AspNet-Version: 4.0.30319
SPRequestGuid: 7dbaf69c-a0f4-1000-ba3c-f5906d15f5d7
request-id: 7dbaf69c-a0f4-1000-ba3c-f5906d15f5d7
X-FRAME-OPTIONS: SAMEORIGIN
SPRequestDuration: 66
SPIisLatency: 0
X-IDCRL_AUTH_PARAMS_V1: IDCRL Type="BPOSIDCRL", EndPoint="/_vti_bin/idcrl.svc/", RootDomain="sharepoint.com", Policy="MBI"
X-Powered-By: ASP.NET
MicrosoftSharePointTeamServices: 16.0.0.3819
X-Content-Type-Options: nosniff
X-MS-InvokeApp: 1; RequireReadOnly
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Date: Fri, 27 Mar 2015 04:26:16 GMT
Content-Length: 13
403 FORBIDDEN
403 Forbidden 是尝试通过 HTTPS 访问服务且未在客户端正确设置证书时收到的典型错误代码。也就是说,问题可能出在多个地方,而且还取决于您尝试访问的服务器上的身份验证设置方式。
我认为 this article will be helpful to boot. Then see this thread,因为讨论指出了几个可能对您有帮助的问题和想法。
此错误发生于 NetworkCredential class could not be utilized in Office 365, Microsoft supports claims-based authentication in Office 365。
SharePoint Online Client Components SDK 已发布,其中包含
SharePointOnlineCredentials class 访问 SharePoint Online 资源。
如何在 Office 365 中使用 SharePoint Web 服务
以下示例演示了如何在 Office 365 中对请求进行身份验证:
string endpointUrl = webUri + "/_vti_bin/Lists.asmx";
var envelope =
"<?xml version=\"1.0\" encoding=\"utf-8\"?>" +
"<soap:Envelope xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\" xmlns:soap=\"http://schemas.xmlsoap.org/soap/envelope/\">" +
"<soap:Body>" +
"<GetListCollection xmlns=\"http://schemas.microsoft.com/sharepoint/soap/\" />" +
"</soap:Body>" +
"</soap:Envelope>";
var request = (HttpWebRequest) WebRequest.Create(endpointUrl);
request.ContentType = "text/xml; encoding='utf-8'";
request.Credentials = GetCredentials(userName, password);
request.Headers.Add("X-FORMS_BASED_AUTH_ACCEPTED", "f");
request.Method = "POST";
using (var requestStream = request.GetRequestStream())
{
using (var streamWriter = new StreamWriter(requestStream))
{
streamWriter.Write(envelope);
}
}
using (var response = request.GetResponse())
{
using (var responseStream = response.GetResponseStream())
{
var streamReader = new StreamReader(responseStream);
var data = streamReader.ReadToEnd();
}
}
哪里
public static SharePointOnlineCredentials GetCredentials(string userName, string password)
{
var securePassword = new SecureString();
foreach (var ch in password) securePassword.AppendChar(ch);
return new SharePointOnlineCredentials(userName, securePassword);
}