.net核心2及更高版本:连接服务WcfServiceClient SOAP与NTLM授权如何？

Question

我正在.net核心2.1上运行一个应用程序。我通过连接的服务添加了一个wsdl服务，成功地生成了一个WcfServiceClient。

当使用Basic自动化时，它可以工作精细。

下面是我用来调用helloword soap方法的类：

public string HellowWorld(string input)
{
    string wsRes = null;
    try
    {
        var service = new WorkerProcessServiceClient();
        var url = $"http://ServerUrl/Directory/WsName.svc";
        UriBuilder uriBuilder = new UriBuilder(url);

        service.Endpoint.Address = new EndpointAddress(uriBuilder.Uri);
        service.ClientCredentials.UserName.UserName = Username;
        service.ClientCredentials.UserName.Password = Password;

        using (OperationContextScope scope = new OperationContextScope(service.InnerChannel))
        {
            HttpRequestMessageProperty httpRequestProperty = new HttpRequestMessageProperty();
            httpRequestProperty.Headers[System.Net.HttpRequestHeader.Authorization] =
                "Basic " + Convert.ToBase64String(Encoding.ASCII.GetBytes(service.ClientCredentials.UserName.UserName
                + ":"
                + service.ClientCredentials.UserName.Password));
            OperationContext.Current.OutgoingMessageProperties[HttpRequestMessageProperty.Name] = httpRequestProperty;
            wsRes = service.HelloWorldAsync(input, RetailContext).GetAwaiter().GetResult();
            service.Close();
        }
    }
    catch (Exception ex)
    {
        wsRes = ex.Message;
    }
    return wsRes;
}

这在运行在Basic授权上的服务器上运行得很好。我在SOAP 中使用了相同的凭据，而且它运行得很好。而且我甚至不需要指定

​

<==>现在是问题<=>

我有第二台服务器，它与NTLM授权一起运行。我做了所有的事情：“(但似乎什么都不起作用。

1-我把我的service.clientCredential.Username改成了service.clientCredential.Windows，我添加了service.clientCredential.Windows.domain

2-我也将标题从"Basic " + Convert...更改为"Ntlm " + Convert...

3-我在标题中添加了域，并将其放在第一位和最后位置。

当我使用SOAP 时，它运行得很好。

​

我不知道还能做些什么--请帮帮忙。

Answer 1

我终于发现了。

所以在这里我的新代码获得NTLM授权的服务

    private WcfServiceClient MyNtlmConfiguredService()
    {
        BasicHttpBinding basicHttpBinding = new BasicHttpBinding();
        basicHttpBinding.Security.Mode = BasicHttpSecurityMode.TransportCredentialOnly;
        //this is for enabling Ntlm if you wanna work with basic you just 
        // you just replace HttpClientCredentialType.Ntlm by HttpClientCredentialType.Basic
        basicHttpBinding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Ntlm;

        EndpointAddress endpoint = new EndpointAddress("http://ServerUrl/Directory/WsName.svc");

        var client = new WcfServiceClient(basicHttpBinding, endpoint);

        NetworkCredential myCreds = new NetworkCredential("Username", "pas**rd", "Domain");

        client.ClientCredentials.Windows.ClientCredential = myCreds;
        client.ClientCredentials.Windows.AllowedImpersonationLevel = System.Security.Principal.TokenImpersonationLevel.Impersonation;

        return client;
    }

然后你就叫你的WebService正常

MyNtlmConfiguredService().HellowWorld(input).getAwaiter().getResult();

下面是基本授权：

    private CustomerWcfServiceClient MyBasicConfiguredService()
    {
        var service = new CustomerWcfServiceClient();
        CustomerWcfServiceClient client = null;
        string wsRes = null;

        BasicHttpBinding basicHttpBinding = new BasicHttpBinding();
        basicHttpBinding.Security.Mode = BasicHttpSecurityMode.TransportCredentialOnly;//mandatory
        basicHttpBinding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Basic;//mandatory

        EndpointAddress endpoint = new EndpointAddress("http://ServerUrl/Directory/WsName.svc");

        client = new CustomerWcfServiceClient(basicHttpBinding, endpoint);


        client.ClientCredentials.UserName.UserName = "UserName";
        client.ClientCredentials.UserName.Password = "Pa**word";

        return client;
    }

然后你就叫你的WebService正常

MyBasicConfiguredService().HellowWorld(input).getAwaiter().getResult();

快乐编码每一个

Answer 2

对于，.net核心应用程序传递运行中的标识，例如，当您在IIS中托管时，它运行传递应用程序标识。

这里有两种选择：

1. 配置在域帐户用户下运行的.net核心应用程序。
2. 如果您更喜欢在代码中配置用户名和密码，您可以尝试WindowsIdentity.RunImpersonated.public类HomeController : DllImport("advapi32.dll"，SetLastError = true，CharSet = CharSet.Unicode)公共静态extern bool LogonUser(String lpszUsername，String lpszDomain，String lpszPassword，int dwLogonType，int dwLogonProvider，out SafeAccessTokenHandle phToken)；const int LOGON32_PROVIDER_DEFAULT = 0；//此参数导致LogonUser创建主令牌。const int LOGON32_LOGON_INTERACTIVE = 2；public IActionResult About() { SafeAccessTokenHandle safeAccessTokenHandle；bool returnValue =LogonUser(“用户名”、“域”、“密码”、LOGON32_LOGON_INTERACTIVE、LOGON32_PROVIDER_DEFAULT、out safeAccessTokenHandle)；=> () { NTLMWebServiceSoapClient client = new NTLMWebServiceSoapClient(NTLMWebServiceSoapClient.EndpointConfiguration.NTLMWebServiceSoap)；变量结果= client.HelloWorldAsync().Result；ViewData“消息”= result.Body.HelloWorldResult；}；返回视图()；}