从BizTalk使用带有身份验证凭据的Web服务

时间:2021-04-11 09:49:19

I am trying to consume a web service from BizTalk by supplying credentials in the SOAP adapter port.

我试图通过在SOAP适配器端口中提供凭据来从BizTalk使用Web服务。

I type in the Web Service URL and then I have the choice of Anonymous, Basic, Digest and NTLM authentication types.

我键入Web服务URL,然后我可以选择匿名,基本,摘要和NTLM身份验证类型。

How do I supply my username, password and domain?.. when testing with soapUI it works perfectly.

如何提供我的用户名,密码和域名?..在使用soapUI进行测试时,它可以完美运行。

The only way I get to supply credentials is Basic or Digest but no matter what I fill in I get a "not authroized" error.

我提供凭据的唯一方法是Basic或Digest,但无论我填写什么,我都会收到“not autroroized”错误。

The strange thing is that it actually works when I choose the NTLM authentication type but how does it get acces when I have not supplied the credentials. And there is no way that my server has direct access to the service?

奇怪的是,当我选择NTLM身份验证类型时它实际上有效,但是当我没有提供凭据时它是如何获取访问权限的。我的服务器无法直接访问该服务?

1 个解决方案

#1


There are details lacking from your question - How is the web service secured? When you say it works using soapUI - how exactly? have you checked how the credentials were supplied to the service? could it be that the soapUI was running under a user with permissions for the service in question, and that this is why it works (similar to a BizTalk call working under NTLM authentication?)

您的问题中缺少详细信息 - 如何保护Web服务?当你说它使用soapUI工作时 - 究竟是怎么回事?你检查过凭证是如何提供给服务的吗?可能是soapUI在具有相关服务权限的用户下运行,这就是它工作的原因(类似于在NTLM身份验证下工作的BizTalk调用?)

As you're undoubtedly aware, to use Basic or Digest you simply have to provide the correct credentials in the send port and, assuming they are correct, and the web service is configured correctly, things should work nicely.

您无疑知道,要使用Basic或Digest,您只需在发送端口中提供正确的凭据,并且假设它们是正确的,并且Web服务配置正确,那么事情应该很好地工作。

To test this carefully I would first make sure you are running whatever client (soapUI or custom test code) under a user that has no permissions to call service (assuming that is not the case already), make sure you know the credentials, and have succesfully called the service, with the right credentials, from another client (also prove that it fails if you provide the wrong password, for example), then use the same username/password combination in the send port.

为了仔细测试,我首先要确保你在没有权限调用服务的用户下运行任何客户端(soapUI或自定义测试代码)(假设情况已经不是这样),确保你知道凭据,并且成功地使用正确的凭据从另一个客户端调用该服务(例如,如果您提供了错误的密码,也证明它失败),然后在发送端口中使用相同的用户名/密码组合。

by the way - it will also be useful to check the proxy settings; things can get quite confusing if it is the proxy that is rejecting the request and not the service as it happened to me on a few occasions.

顺便说一下 - 检查代理设置也很有用;如果它是拒绝请求的代理而不是在某些情况下发生在我身上的服务,那么事情会变得非常混乱。

in all cases HttpAnalyzer of Fiddler can be very useful in understanding what is happening following the traffic on the wire

在所有情况下,Fiddler的HttpAnalyzer对于了解线路上的流量后发生的事情非常有用

#1


There are details lacking from your question - How is the web service secured? When you say it works using soapUI - how exactly? have you checked how the credentials were supplied to the service? could it be that the soapUI was running under a user with permissions for the service in question, and that this is why it works (similar to a BizTalk call working under NTLM authentication?)

您的问题中缺少详细信息 - 如何保护Web服务?当你说它使用soapUI工作时 - 究竟是怎么回事?你检查过凭证是如何提供给服务的吗?可能是soapUI在具有相关服务权限的用户下运行,这就是它工作的原因(类似于在NTLM身份验证下工作的BizTalk调用?)

As you're undoubtedly aware, to use Basic or Digest you simply have to provide the correct credentials in the send port and, assuming they are correct, and the web service is configured correctly, things should work nicely.

您无疑知道,要使用Basic或Digest,您只需在发送端口中提供正确的凭据,并且假设它们是正确的,并且Web服务配置正确,那么事情应该很好地工作。

To test this carefully I would first make sure you are running whatever client (soapUI or custom test code) under a user that has no permissions to call service (assuming that is not the case already), make sure you know the credentials, and have succesfully called the service, with the right credentials, from another client (also prove that it fails if you provide the wrong password, for example), then use the same username/password combination in the send port.

为了仔细测试,我首先要确保你在没有权限调用服务的用户下运行任何客户端(soapUI或自定义测试代码)(假设情况已经不是这样),确保你知道凭据,并且成功地使用正确的凭据从另一个客户端调用该服务(例如,如果您提供了错误的密码,也证明它失败),然后在发送端口中使用相同的用户名/密码组合。

by the way - it will also be useful to check the proxy settings; things can get quite confusing if it is the proxy that is rejecting the request and not the service as it happened to me on a few occasions.

顺便说一下 - 检查代理设置也很有用;如果它是拒绝请求的代理而不是在某些情况下发生在我身上的服务,那么事情会变得非常混乱。

in all cases HttpAnalyzer of Fiddler can be very useful in understanding what is happening following the traffic on the wire

在所有情况下,Fiddler的HttpAnalyzer对于了解线路上的流量后发生的事情非常有用