使用已知密码将凭证委派给 WCF 服务
我有一个 ASP Web 服务,需要与 Windows 服务托管的 WCF 端点通信,然后该端点通过 Exchange Web Services Managed API v1.1 与 Microsoft Exchange 通信
我有这段代码,在通过 Win Forms 应用程序调用时工作正常,但没有从 IIS 中的 ASP Web 服务调用时不起作用:
Dim endpointUri As String = "http://localhost:8000/EWS/Service/"
ewsClient = New EWS.WCFServiceClient("WSHttpBinding_IWCFService", endpointUri)
Dim userName As String = "first.last"
Dim domain As String = "myDomain"
Dim password As String = "abc123"
ewsClient.ClientCredentials.UserName.UserName = userName
ewsClient.ClientCredentials.UserName.Password = password
ewsClient.ClientCredentials.Windows.ClientCredential.UserName = userName
ewsClient.ClientCredentials.Windows.ClientCredential.Domain = domain
ewsClient.ClientCredentials.Windows.ClientCredential.Password = password
Dim result As String = ewsClient.SendTestMessage(uxToAddress.Text)
我尝试在域用户帐户下运行 IIS,但它仍然失败,并出现来自 Exchange 的 HTTP 401 未经授权的异常。
我也尝试过使用 WIN32 LogonUser 但这也不起作用。
如果我有要运行的用户名和密码,如何调用需要来自 ASP Web 服务的委派凭据的 wcf 服务?
服务器上的绑定:
<wsHttpBinding>
<binding name="wsHttpBindingDefault" closeTimeout="00:05:00" receiveTimeout="Infinite" maxReceivedMessageSize="1073741824" messageEncoding="Mtom">
<readerQuotas maxDepth="32" maxStringContentLength="1073741824" maxArrayLength="1073741824" maxBytesPerRead="4096" maxNameTableCharCount="16384"/>
<security mode="Message">
<transport clientCredentialType="Windows" proxyCredentialType="None" realm=""/>
<message clientCredentialType="Windows" negotiateServiceCredential="true" algorithmSuite="Default" />
</security>
</binding>
</wsHttpBinding>
<behaviors>
<serviceBehaviors>
<behavior name="EWSBehavior">
<serviceAuthorization impersonateCallerForAllOperations="true"></serviceAuthorization>
<serviceMetadata httpGetEnabled="true"/>
<serviceDebug includeExceptionDetailInFaults="true"/>
</behavior>
</serviceBehaviors>
</behaviors>
<services>
<service behaviorConfiguration="EWSBehavior" name="EWS.WCFService">
<endpoint address="" bindingConfiguration="wsHttpBindingDefault" binding="wsHttpBinding" contract="EWS.IWCFService">
<identity>
<dns value="localhost"/>
</identity>
</endpoint>
<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" />
<host>
<baseAddresses>
<add baseAddress="http://localhost:8000/EWS/Service/"/>
</baseAddresses>
</host>
</service>
</services>
客户端上的绑定(这对于工作正常的 WinForms 应用程序和不工作的 ASP Web 服务来说是相同的):
<bindings>
<wsHttpBinding>
<binding name="WSHttpBinding_IWCFService" closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00" bypassProxyOnLocal="false" transactionFlow="false" hostNameComparisonMode="StrongWildcard" maxBufferPoolSize="524288" maxReceivedMessageSize="65536" messageEncoding="Mtom" textEncoding="utf-8" useDefaultWebProxy="true" allowCookies="false">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384" maxBytesPerRead="4096" maxNameTableCharCount="16384"/>
<reliableSession ordered="true" inactivityTimeout="00:10:00" enabled="false"/>
<security mode="Message">
<transport clientCredentialType="Windows" proxyCredentialType="None" realm=""/>
<message clientCredentialType="Windows" negotiateServiceCredential="true" algorithmSuite="Default"/>
</security>
</binding>
</wsHttpBinding>
</bindings>
<client>
<endpoint address="http://localhost:8000/EWS/Service/" behaviorConfiguration="ImpersonationBehavior" binding="wsHttpBinding" bindingConfiguration="WSHttpBinding_IWCFService" contract="EWS.IWCFService" name="WSHttpBinding_IWCFService">
<identity>
<dns value="localhost"/>
</identity>
</endpoint>
</client>
<behaviors>
<endpointBehaviors>
<behavior name="ImpersonationBehavior">
<clientCredentials>
<windows allowNtlm="true" allowedImpersonationLevel="Delegation"/>
</clientCredentials>
</behavior>
</endpointBehaviors>
</behaviors>
I have an ASP Web Service that needs to talk to a windows service hosted WCF endpoint that then is talking to Microsoft Exchange via the Exchange Web Services Managed API v1.1
I have this code which works fine when called via a Win Forms app but doesn't work when called from a the ASP Web Service in IIS:
Dim endpointUri As String = "http://localhost:8000/EWS/Service/"
ewsClient = New EWS.WCFServiceClient("WSHttpBinding_IWCFService", endpointUri)
Dim userName As String = "first.last"
Dim domain As String = "myDomain"
Dim password As String = "abc123"
ewsClient.ClientCredentials.UserName.UserName = userName
ewsClient.ClientCredentials.UserName.Password = password
ewsClient.ClientCredentials.Windows.ClientCredential.UserName = userName
ewsClient.ClientCredentials.Windows.ClientCredential.Domain = domain
ewsClient.ClientCredentials.Windows.ClientCredential.Password = password
Dim result As String = ewsClient.SendTestMessage(uxToAddress.Text)
I have tried to run IIS with under a domain user account and it still fails with HTTP 401 unauthorized exceptions from Exchange.
I have also tried using WIN32 LogonUser but that too didn't work either.
How can I call a wcf service that requires delegated credentials from a ASP Web Service if I have the username and password that I want to run using?
Bindings on the server:
<wsHttpBinding>
<binding name="wsHttpBindingDefault" closeTimeout="00:05:00" receiveTimeout="Infinite" maxReceivedMessageSize="1073741824" messageEncoding="Mtom">
<readerQuotas maxDepth="32" maxStringContentLength="1073741824" maxArrayLength="1073741824" maxBytesPerRead="4096" maxNameTableCharCount="16384"/>
<security mode="Message">
<transport clientCredentialType="Windows" proxyCredentialType="None" realm=""/>
<message clientCredentialType="Windows" negotiateServiceCredential="true" algorithmSuite="Default" />
</security>
</binding>
</wsHttpBinding>
<behaviors>
<serviceBehaviors>
<behavior name="EWSBehavior">
<serviceAuthorization impersonateCallerForAllOperations="true"></serviceAuthorization>
<serviceMetadata httpGetEnabled="true"/>
<serviceDebug includeExceptionDetailInFaults="true"/>
</behavior>
</serviceBehaviors>
</behaviors>
<services>
<service behaviorConfiguration="EWSBehavior" name="EWS.WCFService">
<endpoint address="" bindingConfiguration="wsHttpBindingDefault" binding="wsHttpBinding" contract="EWS.IWCFService">
<identity>
<dns value="localhost"/>
</identity>
</endpoint>
<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" />
<host>
<baseAddresses>
<add baseAddress="http://localhost:8000/EWS/Service/"/>
</baseAddresses>
</host>
</service>
</services>
Bindings on the client (this is the same for both the WinForms app which is working fine and the ASP Web Service that isn't working):
<bindings>
<wsHttpBinding>
<binding name="WSHttpBinding_IWCFService" closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00" bypassProxyOnLocal="false" transactionFlow="false" hostNameComparisonMode="StrongWildcard" maxBufferPoolSize="524288" maxReceivedMessageSize="65536" messageEncoding="Mtom" textEncoding="utf-8" useDefaultWebProxy="true" allowCookies="false">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384" maxBytesPerRead="4096" maxNameTableCharCount="16384"/>
<reliableSession ordered="true" inactivityTimeout="00:10:00" enabled="false"/>
<security mode="Message">
<transport clientCredentialType="Windows" proxyCredentialType="None" realm=""/>
<message clientCredentialType="Windows" negotiateServiceCredential="true" algorithmSuite="Default"/>
</security>
</binding>
</wsHttpBinding>
</bindings>
<client>
<endpoint address="http://localhost:8000/EWS/Service/" behaviorConfiguration="ImpersonationBehavior" binding="wsHttpBinding" bindingConfiguration="WSHttpBinding_IWCFService" contract="EWS.IWCFService" name="WSHttpBinding_IWCFService">
<identity>
<dns value="localhost"/>
</identity>
</endpoint>
</client>
<behaviors>
<endpointBehaviors>
<behavior name="ImpersonationBehavior">
<clientCredentials>
<windows allowNtlm="true" allowedImpersonationLevel="Delegation"/>
</clientCredentials>
</behavior>
</endpointBehaviors>
</behaviors>
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论