.net core调用wcf中的认证方案
Authentication scheme in .net core calling wcf
我有一个 .net core 2.1 web api,它使用 windows 身份验证调用 WCF 服务:
appsettings.json
"MyService": {
"BasicHttpBinding": {
"Security": {
"Mode": "TransportCredentialOnly",
"Transport": {
"ClientCredentialType": "Windows"
}
}
},
"UserPrincipalName": "mydomain/myUser"
},
mydomain/myUser - 它是有权调用 MyService 和 MyMethod()
的用户
code.cs
using (var client = new ServiceClient<IMyService>(BasicHttpBinding, new EndpointAddress(new Uri(myServiceUrl), UpnEndpointIdentity)))
{
var result = client.Proxy.MyMethod();
return result;
}
当我尝试从我的应用程序调用 wcf 服务时出现错误:
The HTTP request is unauthorized with client authentication scheme
'Negotiate'. The authentication header received from the server was 'Negotiate'
我试图在 startup.cs 中指明身份验证模式:
services.AddAuthentication(IISDefaults.Negotiate);
但运气不好,异常还是重现了。
我该如何解决这个问题?
如果使用windows认证,客户端调用服务器时需要提供windows凭证:
Service1Client service1Client = new Service1Client();
service1Client.ClientCredentials.Windows.ClientCredential.UserName = "Administrator";
service1Client.ClientCredentials.Windows.ClientCredential.Password = "Password";
如果客户端不提供windows凭证,会报错:
如果问题仍然存在,请随时告诉我。
更新
尝试使用WCF Web 服务参考 添加服务参考以调用服务:
ServiceReference1.Service1Client service1Client = new ServiceReference1.Service1Client();
给大家介绍下我的项目,部署在IIS中:
<?xml version="1.0"?>
<configuration>
<appSettings>
<add key="aspnet:UseTaskFriendlySynchronizationContext" value="true" />
</appSettings>
<system.web>
<compilation debug="true" targetFramework="4.7.2" />
<httpRuntime targetFramework="4.7.2"/>
</system.web>
<system.serviceModel>
<behaviors>
<serviceBehaviors>
<behavior name="serviceBehaviour">
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true"/>
<serviceDebug includeExceptionDetailInFaults="false" />
</behavior>
</serviceBehaviors>
</behaviors>
<bindings>
<basicHttpBinding>
<binding name="HttpBinding_IService">
<readerQuotas maxDepth="32" maxStringContentLength="1000000" maxArrayLength="163840000" maxBytesPerRead="4096" maxNameTableCharCount="16384" />
<security mode="Transport">
<transport clientCredentialType="Windows" proxyCredentialType="None"/>
</security>
</binding>
</basicHttpBinding>
</bindings>
<services>
<service name="WcfService1.Service1" behaviorConfiguration="serviceBehaviour">
<endpoint address="Service" binding="basicHttpBinding" bindingConfiguration="HttpBinding_IService" contract="WcfService1.IService1" />
</service>
</services>
</system.serviceModel>
<system.webServer>
<modules runAllManagedModulesForAllRequests="true"/>
<!--
To browse web app root directory during debugging, set the value below to true.
Set to false before deployment to avoid disclosing web app folder information.
-->
<directoryBrowse enabled="true"/>
</system.webServer>
</configuration>
这是web.config。
在IIS中,我为WCF添加了两个绑定,一个是http,一个是https,使用https需要证书:
我们还需要关闭匿名身份验证并启用windows身份验证:
如果Mode设置为Transport,我们还需要添加htts绑定和证书。
您可以尝试以上步骤重新部署,希望您能成功。
我有一个 .net core 2.1 web api,它使用 windows 身份验证调用 WCF 服务:
appsettings.json
"MyService": {
"BasicHttpBinding": {
"Security": {
"Mode": "TransportCredentialOnly",
"Transport": {
"ClientCredentialType": "Windows"
}
}
},
"UserPrincipalName": "mydomain/myUser"
},
mydomain/myUser - 它是有权调用 MyService 和 MyMethod()
的用户code.cs
using (var client = new ServiceClient<IMyService>(BasicHttpBinding, new EndpointAddress(new Uri(myServiceUrl), UpnEndpointIdentity)))
{
var result = client.Proxy.MyMethod();
return result;
}
当我尝试从我的应用程序调用 wcf 服务时出现错误:
The HTTP request is unauthorized with client authentication scheme 'Negotiate'. The authentication header received from the server was 'Negotiate'
我试图在 startup.cs 中指明身份验证模式:
services.AddAuthentication(IISDefaults.Negotiate);
但运气不好,异常还是重现了。
我该如何解决这个问题?
如果使用windows认证,客户端调用服务器时需要提供windows凭证:
Service1Client service1Client = new Service1Client();
service1Client.ClientCredentials.Windows.ClientCredential.UserName = "Administrator";
service1Client.ClientCredentials.Windows.ClientCredential.Password = "Password";
如果客户端不提供windows凭证,会报错:
如果问题仍然存在,请随时告诉我。
更新
尝试使用WCF Web 服务参考 添加服务参考以调用服务:
ServiceReference1.Service1Client service1Client = new ServiceReference1.Service1Client();
给大家介绍下我的项目,部署在IIS中:
<?xml version="1.0"?>
<configuration>
<appSettings>
<add key="aspnet:UseTaskFriendlySynchronizationContext" value="true" />
</appSettings>
<system.web>
<compilation debug="true" targetFramework="4.7.2" />
<httpRuntime targetFramework="4.7.2"/>
</system.web>
<system.serviceModel>
<behaviors>
<serviceBehaviors>
<behavior name="serviceBehaviour">
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true"/>
<serviceDebug includeExceptionDetailInFaults="false" />
</behavior>
</serviceBehaviors>
</behaviors>
<bindings>
<basicHttpBinding>
<binding name="HttpBinding_IService">
<readerQuotas maxDepth="32" maxStringContentLength="1000000" maxArrayLength="163840000" maxBytesPerRead="4096" maxNameTableCharCount="16384" />
<security mode="Transport">
<transport clientCredentialType="Windows" proxyCredentialType="None"/>
</security>
</binding>
</basicHttpBinding>
</bindings>
<services>
<service name="WcfService1.Service1" behaviorConfiguration="serviceBehaviour">
<endpoint address="Service" binding="basicHttpBinding" bindingConfiguration="HttpBinding_IService" contract="WcfService1.IService1" />
</service>
</services>
</system.serviceModel>
<system.webServer>
<modules runAllManagedModulesForAllRequests="true"/>
<!--
To browse web app root directory during debugging, set the value below to true.
Set to false before deployment to avoid disclosing web app folder information.
-->
<directoryBrowse enabled="true"/>
</system.webServer>
</configuration>
这是web.config。
在IIS中,我为WCF添加了两个绑定,一个是http,一个是https,使用https需要证书:
我们还需要关闭匿名身份验证并启用windows身份验证:
如果Mode设置为Transport,我们还需要添加htts绑定和证书。
您可以尝试以上步骤重新部署,希望您能成功。