1

在尝试从我的 Web 客户端应用程序调用 RESTful 服务(我已使用此示例中的 UserNameAuthenticator 进行 RESTful 服务添加基本 HTTP 身份验证到 WCF REST 服务)时,我收到一个错误,例如 

The HTTP request is unauthorized with client authentication scheme 'Anonymous'. The authentication header received from the server was 'Basic Realm'.

客户端 CS 代码

BasicHttpBinding binding = new BasicHttpBinding();
binding.SendTimeout = TimeSpan.FromSeconds(25);
binding.Security.Transport.ClientCredentialType =
HttpClientCredentialType.Basic;
EndpointAddress address = new  EndpointAddress("http://localhost:12229/RestServiceImpl.svc");
ChannelFactory<RestService.IRestServiceImpl> factory =
new ChannelFactory<RestService.IRestServiceImpl>(binding, address);
RestService.IRestServiceImpl channel = factory.CreateChannel();
channel.GetStudent();

客户端 Web.config

<system.serviceModel>
    <services>
      <service name="RestService.RestServiceImpl">
        <endpoint address="http://localhost:12229/RestServiceImpl.svc"
          binding="basicHttpBinding" bindingConfiguration="BasicHttpBinding_ExternalSystemsService_v1Interface"
          contract="RestService.IRestServiceImpl"
          name="ExternalSystemsService_v1Port" />
      </service>
    </services>
    <bindings>
      <basicHttpBinding>
        <binding name="BasicHttpBinding_ExternalSystemsService_v1Interface"
                         closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:10:00"
                         sendTimeout="00:01:00" allowCookies="false" bypassProxyOnLocal="false"
                         hostNameComparisonMode="StrongWildcard" maxBufferSize="65536"
                         maxBufferPoolSize="524288" maxReceivedMessageSize="65536"
                         messageEncoding="Text" textEncoding="utf-8" transferMode="Buffered"
                         useDefaultWebProxy="true">
          <readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
              maxBytesPerRead="4096" maxNameTableCharCount="16384" />
          <security mode="TransportCredentialOnly">
            <transport clientCredentialType="None" proxyCredentialType="None"
                realm="" />
            <message clientCredentialType="UserName" algorithmSuite="Default" />
          </security>
        </binding>
      </basicHttpBinding>
    </bindings>
  </system.serviceModel>

和 RESTful 服务 Web.config

 <system.serviceModel>
    <bindings>
      <basicHttpBinding>
        <binding name="webHttpTransportSecurity">
          <security mode="TransportCredentialOnly">
            <transport clientCredentialType="None" proxyCredentialType="None" realm="" />
            <message clientCredentialType="UserName" algorithmSuite="Default" />
          </security>
          </binding>
      </basicHttpBinding>
    </bindings>
    <services>
      <service name="RestService.RestServiceImpl">
        <endpoint name="ExternalSystemsService_v1Port" address="" binding="basicHttpBinding" bindingConfiguration="BasicHttpBinding_ExternalSystemsService_v1Interface" contract="RestService.IRestServiceImpl"></endpoint>
      </service>
    </services>
    <behaviors>
      <endpointBehaviors>
        <behavior>
          <webHttp />
        </behavior>
      </endpointBehaviors>
      <serviceBehaviors>
        <behavior name="SecureRESTSvcTestBehavior">
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="false" />
          <serviceDebug includeExceptionDetailInFaults="true" />
          <serviceCredentials>
            <userNameAuthentication userNamePasswordValidationMode="Custom" customUserNamePasswordValidatorType="RESTfulSecuritySH.CustomUserNameValidator, RESTfulSecuritySH" />
          </serviceCredentials>
        </behavior>
      </serviceBehaviors>
    </behaviors>
    <serviceHostingEnvironment multipleSiteBindingsEnabled="true" />
  </system.serviceModel>

有什么建议吗?

4

1 回答 1

1

让我印象深刻的一件事是,在您的客户端 CS 代码中,您以编程方式设置传输的客户端凭据类型:

binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Basic;

但是在客户端和服务器配置文件中,您都设置了消息客户端凭据类型。请注意传输元素的 clientCredentialType 属性是如何设置为“None”的,而消息元素的 clientCredentialType 是如何设置为“UserName”的:

<transport clientCredentialType="None" proxyCredentialType="None" realm="" />
<message clientCredentialType="UserName" algorithmSuite="Default" />

我总是尝试在关闭安全性的情况下让它在开发中工作,然后慢慢将其重新打开。

这也是一个新的开发项目吗?我很好奇您为什么要使用 WCF over ASP.NET Web API 来提供 RESTful 服务。

于 2012-11-08T14:37:27.163 回答