2

我想将身份验证添加为 NetworkCredential 但我不知道如何设置身份验证

var binding = new BasicHttpBinding();
        var endpoint = new EndpointAddress(new Uri(string.Format("http://{0}:5050/Service.svc", Environment.MachineName)));
        var channelFactory = new ChannelFactory<ISampleService>(binding, endpoint);
        var serviceClient = channelFactory.CreateChannel();
4

2 回答 2

3

你可以在我的代码中激发灵感。我花了一些时间和一些调查。请记住,服务契约接口是由控制器实现的,我没有找到任何其他方式将服务请求放入 http 管道。由于这种配置,我可以在一个代码上运行 REST 和 SOAP 分支。

在 Startup.cs 中:

using SoapCore;
using ZNetCS.AspNetCore.Authentication.Basic;
using ZNetCS.AspNetCore.Authentication.Basic.Events;

public void ConfigureServices (IServiceCollection services)
{
   services.AddScoped<YourNamespace.BasicAuthValidator>();
   services.AddSingleton<YourNamespace.Contracts.IEnityService, YourNamespace.Controllers.ApiController>();
   services.AddAuthentication(BasicAuthenticationDefaults.AuthenticationScheme)
        .AddBasicAuthentication(op => {
            op.Realm = "YourRealm";
            op.EventsType = typeof(YourNamespace.BasicAuthValidator);
        });
    services.AddControllers();          
}

public void Configure (IApplicationBuilder app, IWebHostEnvironment env)
{
    app.UseHttpsRedirection();
    app.UseRouting();
    app.UseAuthentication();
    app.UseAuthorization();
    app.UseEndpoints(endpoints => {
    endpoints.MapControllers().RequireAuthorization(); //Use DefaultAuthorizationPolicy, ie. require authenticated users on REST interface
    endpoints.UseSoapEndpoint<YourNamespace.Contracts.IEnityService>("/SOAP/YourService.svc", this.CreateBindingForSOAP(), SoapSerializer.DataContractSerializer).RequireAuthorization();
}

BasicHttpBinding CreateBindingForSOAP ()
{
    var binding = new BasicHttpBinding(BasicHttpSecurityMode.Transport); //security is on HTTP level
    binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Basic; //http challenges filling Authorization header
    return binding;
}

然后创建用于处理基本身份验证的类:

public class BasicAuthValidator:BasicAuthenticationEvents
{
    public override Task ValidatePrincipalAsync (ValidatePrincipalContext context)
    {
        if ((context.UserName == "userName") && (context.Password == "password")) {
            var claims = new List<Claim>{new Claim(ClaimTypes.Name, context.UserName, context.Options.ClaimsIssuer)};

            var principal = new ClaimsPrincipal(new ClaimsIdentity(claims, context.Scheme.Name));
            context.Principal = principal;
        } 
            
        return Task.CompletedTask;
    }
}
于 2020-10-05T17:42:33.323 回答
2

如果您只需要 SOAP 端点并想要进行相互身份验证,我想出了以下解决方案:

public void ConfigureServices(IServiceCollection services)
{
    services.AddAuthentication(CertificateAuthenticationDefaults.AuthenticationScheme)
        .AddCertificate(options => 
        {                    
            options.Events = new CertificateAuthenticationEvents
            {
                OnCertificateValidated = context =>
                {
                    // Add additional validation
                    return Task.CompletedTask;
                }
            };
        });

    services.AddAuthorization();
    services.AddSingleton<IMyService, MyService>();
    services.AddSoapCore();
}

public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
    app.UseHttpsRedirection();
    app.UseRouting();
    app.UseCertificateForwarding();
    app.UseAuthentication();
    app.UseAuthorization();

    app.UseEndpoints(endpoints =>
    {
        endpoints.UseSoapEndpoint<IMyService>((options) =>
        {
            options.Path = "/myservice";
            options.Binding = new BasicHttpBinding();
            options.SoapSerializer = SoapSerializer.XmlSerializer;
        })
        .RequireAuthorization();
    });
}

注意:您实现的 SOAP 服务不需要是 API 控制器。另请阅读此处了解 .NET Core 中的客户端证书

于 2020-10-28T16:14:43.387 回答