C# WCF客户端缓存windows身份验证
我正在调用一个由Navision公开的Web服务,它是由windows身份验证保护的。我可以成功地调用它,但在那之后,它似乎正在以某种方式缓存凭据,这正是我担心的 该服务托管在远程服务器上,并且位于与我的开发计算机不同的域中。我正在运行Visual Studio中的代码 我已经创建了该服务的服务引用,并且我的app.config中没有配置,因此所有设置都是使用代码创建的 第一次运行(未指定客户端凭据): 这给了我一个安全例外。正如所料 第二次运行(具有凭据): 此调用成功。同样,正如所料 第三次运行与第一次运行相同。也就是说,没有指定凭据。这个电话成功了。现在我很困惑。凭据必须以某种方式缓存?我重启了我的机器,同样的结果。仍然成功 然后,我尝试指定伪造的凭据:C# WCF客户端缓存windows身份验证,c#,visual-studio-2010,wcf,wcf-security,C#,Visual Studio 2010,Wcf,Wcf Security,我正在调用一个由Navision公开的Web服务,它是由windows身份验证保护的。我可以成功地调用它,但在那之后,它似乎正在以某种方式缓存凭据,这正是我担心的 该服务托管在远程服务器上,并且位于与我的开发计算机不同的域中。我正在运行Visual Studio中的代码 我已经创建了该服务的服务引用,并且我的app.config中没有配置,因此所有设置都是使用代码创建的 第一次运行(未指定客户端凭据): 这给了我一个安全例外。正如所料 第二次运行(具有凭据): 此调用成功。同样,正如所料 第三次
var binding = new BasicHttpBinding();
binding.Security.Mode = BasicHttpSecurityMode.TransportCredentialOnly;
binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Windows;
var address = new EndpointAddress("http://externalserver.com/DynamicsNAV/WS/Customer/Page/MyPage");
var client = new MyPage_PortClient(binding, address);
client.ClientCredentials.Windows.ClientCredential.Domain = "MYDOM";
client.ClientCredentials.Windows.ClientCredential.UserName = "NavWebService";
client.ClientCredentials.Windows.ClientCredential.Password = "foo";
client.ClientCredentials.Windows.AllowNtlm = true;
client.ClientCredentials.Windows.AllowedImpersonationLevel = TokenImpersonationLevel.Impersonation;
var reqObj = new MyPage() { TypeID = "Test", Company_Name = "Test:" + DateTime.Now.ToShortTimeString() };
client.Create(ref reqObj);
client.Close();
Console.WriteLine(reqObj.Company_Name);
Console.ReadLine();
var binding = new BasicHttpBinding();
binding.Security.Mode = BasicHttpSecurityMode.TransportCredentialOnly;
binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Windows;
var address = new EndpointAddress("http://externalserver.com/DynamicsNAV/WS/Customer/Page/MyPage");
var client = new MyPage_PortClient(binding, address);
client.ClientCredentials.Windows.ClientCredential.Domain = "fakeMYDOM";
client.ClientCredentials.Windows.ClientCredential.UserName = "fakeNavWebService";
client.ClientCredentials.Windows.ClientCredential.Password = "badPwd";
client.ClientCredentials.Windows.AllowNtlm = true;
client.ClientCredentials.Windows.AllowedImpersonationLevel = TokenImpersonationLevel.Impersonation;
var reqObj = new MyPage() { TypeID = "Test", Company_Name = "Test:" + DateTime.Now.ToShortTimeString() };
client.Create(ref reqObj);
client.Close();
Console.WriteLine(reqObj.Company_Name);
Console.ReadLine();
有人能告诉我这里发生了什么事吗?是不是关于windows身份验证我不了解?Visual Studio/WCF中是否存在某种凭据缓存?没错,正在缓存Windows令牌。下面是一篇关于的MSDN文章,其中介绍了缓存令牌模拟
var binding = new BasicHttpBinding();
binding.Security.Mode = BasicHttpSecurityMode.TransportCredentialOnly;
binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Windows;
var address = new EndpointAddress("http://externalserver.com/DynamicsNAV/WS/Customer/Page/MyPage");
var client = new MyPage_PortClient(binding, address);
client.ClientCredentials.Windows.ClientCredential.Domain = "fakeMYDOM";
client.ClientCredentials.Windows.ClientCredential.UserName = "fakeNavWebService";
client.ClientCredentials.Windows.ClientCredential.Password = "badPwd";
client.ClientCredentials.Windows.AllowNtlm = true;
client.ClientCredentials.Windows.AllowedImpersonationLevel = TokenImpersonationLevel.Impersonation;
var reqObj = new MyPage() { TypeID = "Test", Company_Name = "Test:" + DateTime.Now.ToShortTimeString() };
client.Create(ref reqObj);
client.Close();
Console.WriteLine(reqObj.Company_Name);
Console.ReadLine();