问题描述
我有一个C#应用程序,该应用程序通过使用Web请求向SharePoint Online进行身份验证.它对我来说很棒,但是其他人却遇到了以下错误:
I have a C# app which authenticates to SharePoint Online by using web requests. It works great for me, but someone else is getting the following error:
<?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wst="http://schemas.xmlsoap.org/ws/2005/02/trust" xmlns:psf="http://schemas.microsoft.com/Passport/SoapServices/SOAPFault">
<S:Body>
<S:Fault>
<S:Code>
<S:Value>S:Sender</S:Value>
<S:Subcode>
<S:Value>wst:FailedAuthentication</S:Value>
</S:Subcode>
</S:Code>
<S:Reason>
<S:Text xml:lang="en-US">Authentication Failure</S:Text>
</S:Reason>
<S:Detail>
<psf:error>
<psf:value>0x80048821</psf:value>
<psf:internalerror>
<psf:code>0x80041034</psf:code>
<psf:text>The specified member name is either invalid or empty.
</psf:text>
</psf:internalerror>
</psf:error>
</S:Detail>
</S:Fault>
</S:Body>
</S:Envelope>
此错误是什么意思?我很确定他们输入的是正确的用户名和密码.我可以在某处找到SharePoint Online错误代码列表,以帮助我识别问题吗?
这是我的C#代码:
var request = (HttpWebRequest)WebRequest.Create(@"https://login.microsoftonline.com/extSTS.srf");
request.AllowAutoRedirect = false;
request.ContentType = @"application/json; odata=verbose";
request.CookieContainer = this.CookieContainer;
request.Method = @"POST";
request.UserAgent = @"Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)";
string soapRequest = Strings.SharePointOnlineAuthenticationRequest
.Replace(@"$(UserName)", this.UserName)
.Replace(@"$(Password)", this.Password)
.Replace(@"$(Address)", this.SiteUrl);
byte[] contentBytes = new ASCIIEncoding().GetBytes(soapRequest);
request.ContentLength = contentBytes.Length;
using (var requestStream = request.GetRequestStream())
{
requestStream.Write(contentBytes, 0, contentBytes.Length);
}
Strings.SharePointOnlineAuthenticationRequest
这是我正在发送的SOAP请求.在运行时替换"$(UserName)","$(Password)"和"$(Address)"标记.
This is the SOAP request I am sending. The "$(UserName)", "$(Password)", and "$(Address)" tokens are replaced at runtime.
<value>
<s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:a="http://www.w3.org/2005/08/addressing" xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<s:Header>
<a:Action s:mustUnderstand="1=">http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue</a:Action>
<a:ReplyTo>
<a:Address>http://www.w3.org/2005/08/addressing/anonymous</a:Address>
</a:ReplyTo>
<a:To s:mustUnderstand="1=">https://login.microsoftonline.com/extSTS.srf</a:To>
<o:Security s:mustUnderstand="1=" xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<o:UsernameToken>
<o:Username>$(UserName)</o:Username>
<o:Password>$(Password)</o:Password>
</o:UsernameToken>
</o:Security>
</s:Header>
<s:Body>
<t:RequestSecurityToken xmlns:t="http://schemas.xmlsoap.org/ws/2005/02/trust">
<wsp:AppliesTo xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
<a:EndpointReference>
<a:Address>$(Address)</a:Address>
</a:EndpointReference>
</wsp:AppliesTo>
<t:KeyType>http://schemas.xmlsoap.org/ws/2005/05/identity/NoProofKey</t:KeyType>
<t:RequestType>http://schemas.xmlsoap.org/ws/2005/02/trust/Issue</t:RequestType>
<t:TokenType>urn:oasis:names:tc:SAML:1.0:assertion</t:TokenType>
</t:RequestSecurityToken>
</s:Body>
</s:Envelope>
</value>
推荐答案
最近更改了用户名,我发现在更改名称后缺少ADFS声明的问题:请参阅技术文章AD FS 2.0:更改用户名后,输出声明集中缺少声明
Has the user's name recently changed, I have seen issues where the ADFS claims are missing after a name change: see techet article AD FS 2.0: Claims Are Missing From The Output Claim Set After A User's Name Has Changed
这篇关于SharePoint Online身份验证失败的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!