使用客户端证书错误调用SOAP Web服务 - 从服务器收到的身份验证头是''

时间:2022-11-18 09:52:08

I am attempting to call a SOAP web service using a client certificate and I am getting the below error message.

我试图使用客户端证书调用SOAP Web服务,我收到以下错误消息。

The HTTP request is unauthorized with client authentication scheme 'Anonymous'. The authentication header received from the server was ''.

HTTP请求未经授权,客户端身份验证方案为“匿名”。从服务器收到的身份验证标头是''。

Prior to the requirement of securing the web service, I was able to retrieve data with the below code minus the cert code. I have verified that the cert code correctly retrieves the client cert information from my cert store. Below the code I have added my app config information as well

在确保Web服务安全的要求之前,我能够使用以下代码减去证书代码来检索数据。我已经验证证书代码正确地从我的证书商店检索客户端证书信息。在代码下方我也添加了我的应用配置信息

Could anyone provide any insight on why I am getting the above error message? Thanks in advance to anyone that can provide any insight.

任何人都可以提供有关我收到上述错误消息的原因的任何见解?提前感谢能够提供任何见解的任何人。

    Friend Function GetWorkByBAWTS(ByVal sBAWTSLookupName As String, ByVal sUnit As String, ByVal sWorkType As String, ByVal sStatus As String) As ArrayList
    System.Net.ServicePointManager.Expect100Continue = False
    ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls Or SecurityProtocolType.Ssl3 Or SecurityProtocolType.Tls11 Or SecurityProtocolType.Tls12

    Dim sSearchType As X509FindType = DirectCast([Enum].Parse(GetType(X509FindType), ConfigurationManager.AppSettings("searchtype")), X509FindType)
    Dim sSubjectValue As String = ConfigurationManager.AppSettings("searchvalue")
    Dim sDelimiter As String = ConfigurationManager.AppSettings("delimiter")
    Dim sStoreName As StoreName = DirectCast([Enum].Parse(GetType(StoreName), ConfigurationManager.AppSettings("storename")), StoreName)
    Dim sStoreLocation As StoreLocation = DirectCast([Enum].Parse(GetType(StoreLocation), ConfigurationManager.AppSettings("storelocation")), StoreLocation)

    Dim cert As X509Certificate2 = Nothing
    Dim store As X509Store = New X509Store(StoreName.My, StoreLocation.CurrentUser)

    store.Open(OpenFlags.ReadOnly Or OpenFlags.OpenExistingOnly)


    Dim certcollection As X509Certificate2Collection = store.Certificates.Find(sSearchType, sSubjectValue, False)
    Dim activecollection As X509Certificate2Collection = certcollection.Find(X509FindType.FindByTimeValid, DateTime.Now, False)

    cert = certcollection(0)
    store.Close()


    Dim iRetry As Integer = 0
    Dim alWorkItems As New ArrayList
    Dim oResponse As lookupObjectsResponse = Nothing
    Dim oClient As ProcessingServiceClient = New ProcessingServiceClient("ProcessingServicePort")

    oClient.ClientCredentials.ClientCertificate.Certificate = cert
    oClient.Endpoint.Address = New ServiceModel.EndpointAddress("https://mywebservice:8443/prodapp/ProcessingService?wsdl")

    Dim oRequest As lookupObjects = New lookupObjects()
    oRequest.lookupObjectsRequest = New lookupObjectsRequest()
    oRequest.lookupObjectsRequest.lookupName = "LKWTSTAT"
    oRequest.lookupObjectsRequest.lookupParameters = New lookupObjectsRequestLookupParameters()


    m_oAuthInfo = New authorizationInfo()
    m_oAuthInfo.userId = "user1"

    oClient.ClientCredentials.UserName.UserName = "user1"
    oClient.ClientCredentials.UserName.Password = "password"


    Dim oItems As lookupParameter()
    ReDim oItems(2)
    oRequest.lookupObjectsRequest.lookupParameters.Items = oItems
    oRequest.lookupObjectsRequest.lookupParameters.Items(0) = New lookupParameter()
    oRequest.lookupObjectsRequest.lookupParameters.Items(0).name = "businessArea"
    oRequest.lookupObjectsRequest.lookupParameters.Items(0).Value = sUnit
    oRequest.lookupObjectsRequest.lookupParameters.Items(1) = New lookupParameter()
    oRequest.lookupObjectsRequest.lookupParameters.Items(1).name = "type"
    oRequest.lookupObjectsRequest.lookupParameters.Items(1).Value = sWorkType
    oRequest.lookupObjectsRequest.lookupParameters.Items(2) = New lookupParameter()
    oRequest.lookupObjectsRequest.lookupParameters.Items(2).name = "status"
    oRequest.lookupObjectsRequest.lookupParameters.Items(2).Value = sStatus


    oResponse = oClient.lookupObjects(m_oAuthInfo, oRequest)


    If Not oResponse.lookupObjectsResponse1.Items Is Nothing Then
        For Each oWorkItem As workInstance In oResponse.lookupObjectsResponse1.Items
            alWorkItems.Add(oWorkItem)
        Next
    End If
    Return alWorkItems
End Function

app.config

的app.config

<configuration>
<configSections>
</configSections>
<startup>
    <supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.6.1" />
</startup>
<system.serviceModel>
    <bindings>
        <basicHttpBinding>
          <binding name="AWDProcessingServiceBinding" closeTimeout="00:01:00"
              openTimeout="00:10:00" receiveTimeout="00:10:00" sendTimeout="00:01:00"
              allowCookies="false" bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard"
              maxBufferSize="655360" maxBufferPoolSize="524288" maxReceivedMessageSize="655360"
              messageEncoding="Mtom" textEncoding="utf-8" transferMode="Buffered"
              useDefaultWebProxy="true">
            <readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
                maxBytesPerRead="4096" maxNameTableCharCount="16384" />
            <!-- <security mode="Transport">
              <transport clientCredentialType="Certificate" proxyCredentialType="Basic" realm="" />
              <message clientCredentialType="UserName" algorithmSuite="Default" />
            </security> -->
            <security mode="Transport">
              <transport clientCredentialType="Certificate" />
            </security> 
          </binding>
        </basicHttpBinding>
    </bindings>
    <client>
        <endpoint address="https://mywebservice:8443/betaapp/ProcessingService?wsdl"
            binding="basicHttpBinding" bindingConfiguration="ProcessingServiceBinding"
            contract="PS.ProcessingService" name="AWDProcessingServicePort" />
    </client>
</system.serviceModel>
<appSettings>
    *** removed cert info ***
</appSettings> 

1 个解决方案

#1


0  

UPDATE: The issue ended up being that the user Id being passed in was disabled. The id was re-enabled and this corrected my issue.

更新:问题最终是传入的用户ID被禁用。该ID已重新启用,这更正了我的问题。

#1


0  

UPDATE: The issue ended up being that the user Id being passed in was disabled. The id was re-enabled and this corrected my issue.

更新:问题最终是传入的用户ID被禁用。该ID已重新启用,这更正了我的问题。