使用基本 HTTP 身份验证和 ASP.NET 向 Google Search Appliance 进行身份验证 (VB)
我遇到了一个与 Google Search Appliance 和 ASP 之间的身份验证有关的问题。 通常,当向 Search Appliance 请求安全页面时,Search Appliance 会要求提供凭据,然后使用这些凭据尝试访问安全结果。 如果此尝试成功,该页面将显示在结果列表中。 由于 ASP 代表客户联系 Search Appliance,因此需要收集凭据并将其传递给 Search Appliance。 我尝试了几种不同的记录方法来完成此任务,但它们似乎不起作用。 下面是我尝试过的代码:
'Bypass SSL since discovery.gov.mb.ca does not have valid SSL cert (NOT PRODUCTION SAFE)
ServerCertificateValidationCallback = New System.Net.Security.RemoteCertificateValidationCallback(AddressOf customXertificateValidation)
googleUrl = "https://removed.com"
Dim rdr As New XmlTextReader(googleUrl)
Dim resolver As New XmlUrlResolver()
Dim myCred As New System.Net.NetworkCredential("USERNAME", "PASSWORD", Nothing)
Dim credCache As New CredentialCache()
credCache.Add(New Uri(googleUrl), "Basic", myCred)
resolver.Credentials = credCache
rdr.XmlResolver = resolver
doc = New System.Xml.XPath.XPathDocument(rdr)
path = doc.CreateNavigator()
Private Function customXertificateValidation(ByVal sender As Object, ByVal certificate As System.Security.Cryptography.X509Certificates.X509Certificate, ByVal chain As System.Security.Cryptography.X509Certificates.X509Chain, ByVal sslPolicyErrors As Net.Security.SslPolicyErrors) As Boolean
Return True
End Function
I've run into a snag though which has to do with authentication between the Google Search Appliance and ASP. Normally, when asking for secure pages from the search appliance, the search appliance asks for credentials, then uses these credentials to try and access the secure results. If this attempt is successful, the page shows up in the results list. Since ASP is contacting the search appliance on the client's behalf, it will need to collect credentials and pass them along to the search appliance. I have tried a couple of different documented ways of accomplishing this, but they don't seem to work. Below is the code I have tried:
'Bypass SSL since discovery.gov.mb.ca does not have valid SSL cert (NOT PRODUCTION SAFE)
ServerCertificateValidationCallback = New System.Net.Security.RemoteCertificateValidationCallback(AddressOf customXertificateValidation)
googleUrl = "https://removed.com"
Dim rdr As New XmlTextReader(googleUrl)
Dim resolver As New XmlUrlResolver()
Dim myCred As New System.Net.NetworkCredential("USERNAME", "PASSWORD", Nothing)
Dim credCache As New CredentialCache()
credCache.Add(New Uri(googleUrl), "Basic", myCred)
resolver.Credentials = credCache
rdr.XmlResolver = resolver
doc = New System.Xml.XPath.XPathDocument(rdr)
path = doc.CreateNavigator()
Private Function customXertificateValidation(ByVal sender As Object, ByVal certificate As System.Security.Cryptography.X509Certificates.X509Certificate, ByVal chain As System.Security.Cryptography.X509Certificates.X509Chain, ByVal sslPolicyErrors As Net.Security.SslPolicyErrors) As Boolean
Return True
End Function
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
在这里查看这个项目:CodePlex 上的 GSALib。 它是 GSA 和 GSA 迷你设备的开源 API。 它可以处理来自任何 .NET 应用程序的传递凭据、查询结果等。 虽然是用 C# 编写的,但您可以查看代码并了解它们如何处理身份验证例程或使用它来代替您自己的自定义代码,这可以为您节省大量时间。
旁注:我过去曾在 VB.NET Web 应用程序中使用 GSALib dll,没有出现任何问题。
Take a look at this project here: GSALib on CodePlex. It is an open source API for GSA and GSA mini devices. It can handle passing credentials, query results, etc. from any .NET application. Though written in C#, you can take a look at the code and see how they are handling the authentication routines or use it in place of your own custom code, it could save you quite a bit of time.
Side note: I have used the GSALib dll in a VB.NET web application with no issues in the past.