iis HTTP请求未使用客户端身份验证方案“基本”进行授权,从服务器接收到的身份验证标头为“协商,NTLM”

wfypjpf4  于 2022-11-12  发布在  其他
关注(0)|答案(2)|浏览(206)

我正在尝试使用以下设置连接到服务。

<bindings>
  <basicHttpBinding>
    <binding name="EngineSoap" closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00" allowCookies="false" bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard" maxBufferSize="2147483647" maxBufferPoolSize="524288" maxReceivedMessageSize="2147483647" messageEncoding="Text" textEncoding="utf-8" transferMode="Buffered" useDefaultWebProxy="true">
      <readerQuotas maxDepth="32" maxStringContentLength="2147483647" maxArrayLength="16384" maxBytesPerRead="4096" maxNameTableCharCount="16384"/>
      <security mode="TransportCredentialOnly">
        <transport clientCredentialType="Basic" proxyCredentialType="None" realm=""/>
        <message clientCredentialType="UserName" algorithmSuite="Default"/>
      </security>
    </binding>
  </basicHttpBinding>
</bindings>
<client>
  <endpoint address="http://addressToService" binding="basicHttpBinding" bindingConfiguration="EngineSoap" contract="TRIMAPI.EngineSoap" name="EngineSoap" />
</client>

我得到的错误如下:

The HTTP request is unauthorized with client authentication scheme 'Basic'. The authentication header received from the server was 'Negotiate,NTLM'. ---> System.Net.WebException: The remote server returned an error: (401) Unauthorized.
   at System.Net.HttpWebRequest.GetResponse()
   at System.ServiceModel.Channels.HttpChannelFactory.HttpRequestChannel.HttpChannelRequest.WaitForReply(TimeSpan timeout)
   --- End of inner exception stack trace ---

Server stack trace: 
   at System.ServiceModel.Channels.HttpChannelUtilities.ValidateAuthentication(HttpWebRequest request, HttpWebResponse response, WebException responseException, HttpChannelFactory factory)
   at System.ServiceModel.Channels.HttpChannelUtilities.ValidateRequestReplyResponse(HttpWebRequest request, HttpWebResponse response, HttpChannelFactory factory, WebException responseException, ChannelBinding channelBinding)
   at System.ServiceModel.Channels.HttpChannelFactory.HttpRequestChannel.HttpChannelRequest.WaitForReply(TimeSpan timeout)
   at System.ServiceModel.Channels.RequestChannel.Request(Message message, TimeSpan timeout)
   at System.ServiceModel.Dispatcher.RequestChannelBinder.Request(Message message, TimeSpan timeout)
   at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)
   at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs)
   at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)
   at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)

我尝试将clientCredentialType=“Basic”更改为“Windows”和“Ntlm”,但没有成功。我无法将安全模式设置为“TransportCredentialOnly”以外的任何模式,因为服务不使用SSL。
此外,用户名类似于“域\用户名”。
我错过了什么?

nbewdwxp

nbewdwxp1#

clientCredentialType必须是Ntlm,而不是基本

<bindings>
  <basicHttpBinding>
    <binding name="EngineSoap">
      <security mode="TransportCredentialOnly">
        <transport clientCredentialType="Ntlm" proxyCredentialType="None" realm=""/>
      </security>
    </binding>
  </basicHttpBinding>
</bindings>

如果是HTTPS/SSL联机,请将TransportCredentialOnly变更为Transport。如需详细信息,请参阅<transport> of <basicHttpBinding>

af7jpaap

af7jpaap2#

未启用承载该服务的服务器(IIS)上的基本身份验证。启用它可为我修复此问题。

相关问题