WCF,以 <安全模式=“消息”> 形式发送消息时无法提取 httpheader
我对 WCF 相对较新,并且/但“似乎”已经完成了大部分工作并正常工作。
我有以下 IEndpointBehavior 和 IClientMessageInspector,我想在调用服务时附加它们。它附加了一个令牌(HTTPHeader),我想检查服务器端(IIS),
public class AuthenticationTokenEndpointBehavior : IEndpointBehavior
{
#region Member variables
public class AuthenticationTokenMessageInspector : IClientMessageInspector
{
public void AfterReceiveReply(ref Message reply, object correlationState)
{
//throw new NotImplementedException();
}
public object BeforeSendRequest(ref Message request, IClientChannel channel)
{
string token = AuthenticationTokenManager.CreateToken();
HttpRequestMessageProperty httpRequestMessage;
object httpRequestMessageObject;
if (request.Properties.TryGetValue(HttpRequestMessageProperty.Name, out httpRequestMessageObject))
{
httpRequestMessage = httpRequestMessageObject as HttpRequestMessageProperty;
}
else
{
httpRequestMessage = new HttpRequestMessageProperty();
request.Properties.Add(HttpRequestMessageProperty.Name, httpRequestMessage);
}
httpRequestMessage.Headers[AuthenticationTokenManager.AUTHENTICATION_TOKEN_NAME] = token;
return null;
}
#endregion
#region Methods
public void AddBindingParameters(ServiceEndpoint endpoint, BindingParameterCollection bindingParameters)
{
//throw new NotImplementedException();
}
public void ApplyClientBehavior(ServiceEndpoint endpoint, ClientRuntime clientRuntime)
{
AuthenticationTokenMessageInspector inspector = new AuthenticationTokenMessageInspector();
clientRuntime.MessageInspectors.Add(inspector);
}
public void ApplyDispatchBehavior(ServiceEndpoint endpoint, EndpointDispatcher endpointDispatcher)
{
//throw new NotImplementedException();
}
public void Validate(ServiceEndpoint endpoint)
{
//throw new NotImplementedException();
}
#endregion
}
我继承并覆盖了 clientproxys CreateChannel,在其中附加了我的 IEndpointBehavior。
protected override ITheService CreateChannel()
{
this.Endpoint.Behaviors.Add(new AuthenticationTokenEndpointBehavior());
return base.CreateChannel();
}
这对于我的大多数绑定都非常有效,除了使用
更新 1:为了澄清,调用了 IClientMessageInspector.BeforeSendRequest 但服务器端没有出现标头。
更新 2:我尝试添加 SoapHeader (MessageHeader),但没有成功。在第一个请求之前是否涉及某种安全“握手”?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
响应更新 2:根据绑定的具体配置,在交换应用程序消息之前,很可能会先交换携带 WS-Trust 安全令牌请求/响应的 SOAP 消息。例如,wsHttpBinding 的消息安全性的默认配置将执行此操作。
Responding to your Update 2: depending on the exact configuration of your binding there may very well be a preliminary exchange of SOAP messages carrying WS-Trust security token request/response, before your application messages are exchanged. For example the default configuration of message security for the wsHttpBinding will do this.
我在 WCF 调用的服务端使用 IDispatchMessageInspector 解决了这个问题。我一直在寻找 HTTPModule 验证,这不是简单/快速的方法。但结果还好。 @Chris Dickson,感谢您抽出时间!
I solved this using IDispatchMessageInspector at the serviceend for WCF calls. Not the easy/quick way, with the HTTPModule validation, I was looking for. But it turned out ok. @Chris Dickson, thanks for your time!