1. 首頁
  2. 問答
  3. 從Kerberos身份驗證機器到NTLM服務器的驗證

從Kerberos身份驗證機器到NTLM服務器的驗證

2013-07-31 320 views
0

我困在以下情形: 我正在從具有身份驗證類型Kerberos的客戶端運行c#程序。我想使用kerberos憑據來認證到仍由NTLM進行身份驗證的SharePoint服務器web服務。我如何使用NTLM和我的客戶端Kerberos憑據登錄到webservice?從Kerberos身份驗證機器到NTLM服務器的驗證

作爲測試程序我寫了下面,我想,以調整到不使用常量名,pasword和領域,仍然程序功能正常:

using System; 
using System.Security.Principal; 
using TestSharePointServices.listService; 

namespace TestSharePointServices 
{ 

    class Program 
    { 
     static void Main(string[] args) 
     { 
      string username = "myusername"; 
      string password = "mypassword"; 
      string domain = "mydomain"; 

      ListsSoapClient client = new ListsSoapClient(); 
      if (client.ClientCredentials != null) 
      { 
       Console.WriteLine("Name: " + WindowsIdentity.GetCurrent().Name); 
       Console.WriteLine("Authenticated: " + WindowsIdentity.GetCurrent().IsAuthenticated); 
       Console.WriteLine("Authentication Type: " + WindowsIdentity.GetCurrent().AuthenticationType); 
       Console.ReadKey(); 
       client.ClientCredentials.Windows.ClientCredential = 
        new System.Net.NetworkCredential(username, password, domain); 
       client.ClientCredentials.Windows.AllowedImpersonationLevel = 
        System.Security.Principal.TokenImpersonationLevel.Impersonation; 
      } 

      string callback = client.GetList("Accounts").ToString(); 
      Console.WriteLine(callback); 
      Console.ReadKey(); 
     } 
    } 
}

用下面的應用程序。配置:

<?xml version="1.0" encoding="utf-8" ?> 
<configuration> 
    <system.serviceModel> 
     <bindings> 
      <basicHttpBinding> 
       <binding name="ListsSoap" closeTimeout="00:05:00" openTimeout="00:05:00" 
         receiveTimeout="00:30:00" sendTimeout="00:05:00" allowCookies="false" 
         bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard" 
         maxBufferPoolSize="524288" maxBufferSize="65536" maxReceivedMessageSize="65536" 
         textEncoding="utf-8" transferMode="Buffered" useDefaultWebProxy="true" 
         messageEncoding="Text"> 
       <readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384" 
           maxBytesPerRead="4096" maxNameTableCharCount="16384" /> 
       <security mode="TransportCredentialOnly"> 
        <transport clientCredentialType="Ntlm" proxyCredentialType="None" realm="" /> 
        <message clientCredentialType="UserName" algorithmSuite="Default" /> 
       </security> 
       </binding> 
      </basicHttpBinding> 
     </bindings> 
     <client> 
      <endpoint address="http://sharepointserver/crm/_vti_bin/Lists.asmx" 
       binding="basicHttpBinding" bindingConfiguration="ListsSoap" 
       contract="listService.ListsSoap" name="ListsSoap" /> 
     </client> 
    </system.serviceModel> 
</configuration>

程序輸出:

名稱:MYDOMAIN \名爲myUsername

身份驗證:真

認證類型:從SharePoint的Kerberos

XML輸出在屏幕上。

來源

2013-07-31 Martijn Burger

回答

2

你不能。 Kerberos與NTLM無關。絕對沒有。 NTLM僅適用於Windows。您只需使用Windows用戶名/密碼登錄並執行NTLM即可。儘管我強烈建議您製作SharePoint Kerberos功能,但這不到一個小時的時間。

來源

2013-08-01 08:19:03

+0

我告訴IT部門一年多前轉向Kerberos。感謝您的答覆,如預期的,我現在必須使用通用帳戶。 –

相關問題

 相關問題