前端之家

  1. 首页
  2. 问答

将Kerberos身份验证添加到asp.net C#中的现有WebService

问答

现有一个连接到代理服务器的Web服务,我需要在其中添加Kerberos身份验证策略。

我知道关于Kerberos身份验证的现有主题,但是任何人都可以共享一些有关如何在WebService上添加Kerberos身份验证的代码段吗?

几乎所有Kerberos主题都仅讨论Kerberos身份验证的工作方式。预先感谢。

shengme009 回答:将Kerberos身份验证添加到asp.net C#中的现有WebService

首先启用WSE 3,并启用该策略。在web.config文件

中执行此操作 
<configSections>
  <section name="microsoft.web.services3" 

    type="Microsoft.Web.Services3.Configuration.WebServicesConfiguration,Microsoft.Web.Services3,Version=3.0.0.0,Culture=neutral,PublicKeyToken=31bf3856ad364e35" />
</configSections>

<system.web>

  <compilation debug="true">
    <assemblies>
      <add assembly="Microsoft.Web.Services3,PublicKeyToken=31BF3856AD364E35" />
    </assemblies>
  </compilation>

  <webServices>
    <soapExtensionImporterTypes>
      <add type="Microsoft.Web.Services3.Description.WseExtensionImporter,PublicKeyToken=31bf3856ad364e35" />
    </soapExtensionImporterTypes>
    <soapServerProtocolFactory 

      type="Microsoft.Web.Services3.WseProtocolFactory,PublicKeyToken=31bf3856ad364e35" />
  </webServices>
</system.web>

<microsoft.web.services3>
  <policy fileName="wse3policyCache.config" />
  <tokenIssuer>
    <statefulSecurityContextToken enabled="false" />
  </tokenIssuer>
</microsoft.web.services3>

添加策略文件并配置策略:将配置文件添加到项目“ FileName.config”,然后在其中添加以下标记:

<policies xmlns="http://schemas.microsoft.com/wse/2005/06/policy">
  <policy name="KerberosService">
    <authorization>
      <allow user="Mawhiba\Akram" />
      <deny role="*" />
    </authorization>
    <kerberosSecurity establishSecurityContext="true"

    renewExpiredSecurityContext="true" requireSignatureConfirmation="false"

    messageProtectionOrder="SignBeforeEncryptAndEncryptSignature"

    requireDerivedKeys="true" ttlInSeconds="300">
      <protection>
        <request 

           signatureOptions="IncludeAddressing,IncludeTimestamp,IncludeSoapBody" 

           encryptBody="true" />
        <response signatureOptions="IncludeAddressing,IncludeSoapBody" 

                  encryptBody="true" />
        <fault signatureOptions="IncludeAddressing,IncludeSoapBody" 

               encryptBody="false" />
      </protection>
    </kerberosSecurity>
    <requireActionHeader />
  </policy>
</policies>

  1. 将策略应用于Web服务:通过在服务类之前添加以下代码:

    [Policy(“ KerberosService”)]

此功劳归Akrumooz。

https://www.codeproject.com/Articles/27554/Authentication-in-web-services-using-C-and-Kerbero

查看链接以获取更多信息。

asp.netc#kerberos
本文链接:https://www.f2er.com/3146026.html

大家都在问