本文介绍了在ASP.NET c#中向现有WebService添加Kerberos身份验证的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
存在连接到代理服务器的现有WebService,我需要向其中添加Kerberos身份验证策略。
我知道有关于Kerberos身份验证的现有主题,但有人能分享一些关于如何在WebService上添加Kerberos身份验证的代码片段吗?
几乎所有的Kerberos主题都只讨论Kerberos身份验证的工作原理。提前谢谢。推荐答案
首先启用WSE3,然后启用策略。在web.config文件中执行此操作
<configSections>
<section name="microsoft.web.services3"
type="Microsoft.Web.Services3.Configuration.WebServicesConfiguration,
Microsoft.Web.Services3, Version=3.0.0.0, Culture=neutral,
PublicKeyToken=31bf3856ad364e35" />
</configSections>
<system.web>
<compilation debug="true">
<assemblies>
<add assembly="Microsoft.Web.Services3, Version=3.0.0.0,
Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
</assemblies>
</compilation>
<webServices>
<soapExtensionImporterTypes>
<add type="Microsoft.Web.Services3.Description.WseExtensionImporter,
Microsoft.Web.Services3, Version=3.0.0.0, Culture=neutral,
PublicKeyToken=31bf3856ad364e35" />
</soapExtensionImporterTypes>
<soapServerProtocolFactory
type="Microsoft.Web.Services3.WseProtocolFactory,Microsoft.Web.Services3,
Version=3.0.0.0,Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
</webServices>
</system.web>
<microsoft.web.services3>
<policy fileName="wse3policyCache.config" />
<tokenIssuer>
<statefulSecurityContextToken enabled="false" />
</tokenIssuer>
</microsoft.web.services3>
添加策略文件并配置策略:将配置文件添加到项目‘FileName.config’中,然后向其添加以下标记:
<policies xmlns="http://schemas.microsoft.com/wse/2005/06/policy">
<policy name="KerberosService">
<authorization>
<allow user="MawhibaAkram" />
<deny role="*" />
</authorization>
<kerberosSecurity establishSecurityContext="true"
renewExpiredSecurityContext="true" requireSignatureConfirmation="false"
messageProtectionOrder="SignBeforeEncryptAndEncryptSignature"
requireDerivedKeys="true" ttlInSeconds="300">
<protection>
<request
signatureOptions="IncludeAddressing, IncludeTimestamp,
IncludeSoapBody"
encryptBody="true" />
<response signatureOptions="IncludeAddressing, IncludeTimestamp,
IncludeSoapBody"
encryptBody="true" />
<fault signatureOptions="IncludeAddressing, IncludeTimestamp,
IncludeSoapBody"
encryptBody="false" />
</protection>
</kerberosSecurity>
<requireActionHeader />
</policy>
</policies>
在Web服务上应用策略:在服务类之前添加以下代码:
[Policy("KerberosService")]
这归功于Akruooz。
https://www.codeproject.com/Articles/27554/Authentication-in-web-services-using-C-and-Kerbero
有关详细信息,请查看该链接。
这篇关于在ASP.NET c#中向现有WebService添加Kerberos身份验证的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!