HTTP 请求未经客户端身份验证方案“匿名”授权。从服务器收到的身份验证标头是“默认”。

Question

我正在通过编写 API 自动化。 MStest 框架。我试图自动化的 wsdl 需要 Kerberos 身份验证。即使我提供了 client_Id、client_secret 和用户/通过身份验证，我仍然收到 401 未经授权的错误。由于我是新手，我可能会在这里问一些愚蠢的问题，但到目前为止我没有得到任何答案。

异常：“HTTP 请求未经授权，客户端身份验证方案为‘匿名’。从服务器接收到的身份验证标头为‘默认’。”

内部异常：“远程服务器返回错误：(401) Unauthorized.”

'''
[测试方法]

    public void GetUsers()
    {
        APIClient= new AutoStudioFW.APIService.APIServiceclient();

        System.Net.ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls | SecurityProtocolType.Tls11 | SecurityProtocolType.Tls12;

       

        System.Net.ServicePointManager.ServerCertificateValidationCallback = delegate { return true; };

        


        APIClient.ClientCredentials.UserName.UserName = "userabc";
        APIClient.ClientCredentials.UserName.Password = "passabc";

        _httpRequestProperty = new HttpRequestMessageProperty();
        _httpRequestProperty.Headers[System.Net.HttpRequestHeader.Authorization] = "Basic " + Convert.ToBase64String(Encoding.ASCII.GetBytes(APIClient.ClientCredentials.UserName.UserName + ":" + OrionAPIClient.ClientCredentials.UserName.Password));
        _httpRequestProperty.Headers.Add("client_id", "01ab34cd");
        _httpRequestProperty.Headers.Add("client_secret", "abc123secret");


        scope = new System.ServiceModel.OperationContextScope(APIClient.InnerChannel);


        System.ServiceModel.OperationContext.Current.OutgoingMessageProperties[HttpRequestMessageProperty.Name] = _httpRequestProperty;
        

        var GetUser = APIClient.getCurrentUser("555");

    }

Answer 1

您可以尝试在配置中设置安全模式：

<security mode="TransportCredentialOnly">
  <transport clientCredentialType="Windows" proxyCredentialType="None" realm="" />
  <message clientCredentialType="UserName" algorithmSuite="Default" />
</security>

WCFTestClient The HTTP request is unauthorized with client authentication scheme 'Anonymous'