C # client HttpWebRequest pe o aplicație de șine și reutilizarea unei sesiuni

Am o aplicație pentru șine 3 rulând pe ferestre și pe serverul apache. Deoarece trebuie să utilizez NTLM, folosesc modulul sspi auth de la apache. Deoarece modulul auth nu funcționează bine cu IE (fiecare cerere are ca rezultat 401 și o altă solicitare), setăm aplicația pentru șine, pe care o folosim doar pentru autentificarea pe un URL /login din apache.

Aplicația șine are un cod . Dacă nu avem o conexiune validă, redirecționăm (http 302) la controlerul de conectare, autentificăm și redirecționăm înapoi la urlul original ( request.env ['REQUEST_URI] ).

Pe o înregistrare normală a browserului funcționează perfect. Browserul web se conectează la orice adresă URL, devine redirecționat pentru autentificarea și redirecționarea înapoi la adresa URL țintă.

Acum am un plugin de client scris ca un proiect C #. Acolo trebuie să fac anumite solicitări de solicitare web pentru a prelua unele date JSON. Dacă fac o cerere GET simplu, gestionez clientul să funcționeze:

CookieContainer cookies = new CookieContainer();
HttpWebRequest request = (HttpWebRequest)WebRequest.Create(url);
request.Method = WebRequestMethods.Http.Post;
request.AllowAutoRedirect = true;
request.CookieContainer = cookies;

if (isWindowAuthentication)
  request.Credentials = CredentialCache.DefaultNetworkCredentials;

Care rezultă în apache access.log ca acesta:

192.168.14.9 - - [02/Jun/2012:11:26:15 +0200] "POST /ror/ioi/start HTTP/1.1" 302 123
192.168.14.9 - - [02/Jun/2012:11:26:16 +0200] "GET /ror/login?ror_referer=%2Fror%2Fioi%2Fstart HTTP/1.1" 401 401
192.168.14.9 - - [02/Jun/2012:11:26:16 +0200] "GET /ror/login?ror_referer=%2Fror%2Fioi%2Fstart HTTP/1.1" 401 401
192.168.14.9 - rausch [02/Jun/2012:11:26:16 +0200] "GET /ror/login?ror_referer=%2Fror%2Fioi%2Fstart HTTP/1.1" 302 94

Dar redirecționarea nu va funcționa dacă trebuie să post datele (cum ar fi încărcarea unui document pe care vreau să-l fac). Așadar, abordarea mea era de a face o cerere, de a stoca informațiile despre sesiune și de a le trimite la POST.

CookieContainer cookieContainer = new CookieContainer();
WebHeaderCollection headerCollection = new WebHeaderCollection();

if (Common.WindowAuthentication)
{
  HttpWebRequest request = (HttpWebRequest)WebRequest.Create(Common.PortalUrl + Common.IoiStart);
  request.Method = WebRequestMethods.Http.Post;
  request.AllowAutoRedirect = true;
  request.CookieContainer = cookieContainer;
  request.Credentials = CredentialCache.DefaultNetworkCredentials;
  HttpWebResponse response = (HttpWebResponse)request.GetResponse();
  for (int i = 0; i < response.Headers.Count; i++)
  {
    headerCollection.Add(response.Headers.AllKeys[i], response.Headers.Get(i));
  }
  response.Close();
}
LogWriter.LogError("second request");

string boundary = "----------------------------" +
DateTime.Now.Ticks.ToString("x");

HttpWebRequest httpWebRequest2 = (HttpWebRequest)WebRequest.Create(url);
httpWebRequest2.ContentType = "multipart/form-data; boundary=" + boundary;
httpWebRequest2.Method = "POST";
httpWebRequest2.KeepAlive = true;
httpWebRequest2.AllowAutoRedirect = false;
httpWebRequest2.CookieContainer = cookieContainer;
for (int i = 0; i < headerCollection.Count; i++)
{
  string key = headerCollection.GetKey(i);
  if (key == "Set-Cookie")
  {
    key = "Cookie";
  }
  else
  {
    continue;
  }
  string value = headerCollection.Get(i);
  httpWebRequest2.Headers.Add(key, value);
}

httpWebRequest2.ServicePoint.Expect100Continue = false;
httpWebRequest2.Accept = "*/*";

Aceasta se termină în acest (access.log):

192.168.14.9 - - [02/Jun/2012:11:51:22 +0200] "POST /ror/ioi/start HTTP/1.1" 302 123
192.168.14.9 - - [02/Jun/2012:11:51:22 +0200] "GET /ror/login?ror_referer=%2Fror%2Fioi%2Fstart HTTP/1.1" 401 401
192.168.14.9 - - [02/Jun/2012:11:51:22 +0200] "GET /ror/login?ror_referer=%2Fror%2Fioi%2Fstart HTTP/1.1" 401 401
192.168.14.9 - rausch [02/Jun/2012:11:51:22 +0200] "GET /ror/login?ror_referer=%2Fror%2Fioi%2Fstart HTTP/1.1" 302 94
192.168.14.9 - - [02/Jun/2012:11:51:22 +0200] "GET /ror/ioi/start HTTP/1.1" 200 27
192.168.14.9 - - [02/Jun/2012:11:51:22 +0200] "POST /ror/ioi/upload HTTP/1.1" 302 124

Pentru solicitarea /ioi/upload nu permiteți redirecționarea.

Inspectarea setărilor șinelor (unele coduri în controlerul de aplicații) obțin următoarele:

request: /ror/ioi/start
#"thin 1.2.11 codename Bat-Shit Crazy", "SERVER_NAME"=>"thorx64", "rack.input"=>#, "rack.version"=>[1, 0], "rack.errors"=>#>, "rack.multithread"=>false, "rack.multiprocess"=>false, "rack.run_once"=>false, "REQUEST_METHOD"=>"POST", "REQUEST_PATH"=>"/ror/ioi/start", "PATH_INFO"=>"/ioi/start", "REQUEST_URI"=>"/ror/ioi/start", "HTTP_VERSION"=>"HTTP/1.1", "HTTP_HOST"=>"thorx64", "HTTP_MAX_FORWARDS"=>"10", "HTTP_X_FORWARDED_FOR"=>"192.168.14.9", "HTTP_X_FORWARDED_HOST"=>"thorx64", "HTTP_X_FORWARDED_SERVER"=>"thorx64", "HTTP_CONNECTION"=>"Keep-Alive", "GATEWAY_INTERFACE"=>"CGI/1.2", "SERVER_PORT"=>"80", "QUERY_STRING"=>"", "SERVER_PROTOCOL"=>"HTTP/1.1", "rack.url_scheme"=>"http", "SCRIPT_NAME"=>"/ror", "REMOTE_ADDR"=>"127.0.0.1", "async.callback"=>#, "async.close"=>#, "action_dispatch.parameter_filter"=>[:password], "action_dispatch.secret_token"=>"a1ef5e037607d12742a40a0793de973a5e68605ccf087ad1baedaee6d811687b82a0671b94da2c4a9af2b481a5346585649e83d2f56f2838a4aca8eedbfc93b7", "action_dispatch.show_exceptions"=>true, "action_dispatch.remote_ip"=>127.0.0.1, "rack.session"=>{}, "rack.session.options"=>{:path=>"/", :domain=>nil, :expire_after=>nil, :secure=>false, :httponly=>true, :id=>nil}, "rack.request.form_input"=>#, "rack.request.form_hash"=>{}, "rack.request.form_vars"=>"", "action_dispatch.request.path_parameters"=>{:controller=>"ioi", :action=>"start"}, "action_controller.instance"=>#"text/html"}, @_status=200, @_response=#, @block=nil, @length=0, @header={}, @status=200, @body=[], @cookie=[], @sending_file=false, @blank=false, @cache_control={}, @etag=nil, @request=#>, @_request=#, @_env={...}, @lookup_context=#[:erb, :rjs, :builder, :rhtml, :rxml], :formats=>[:html, :text, :js, :css, :ics, :csv, :xml, :rss, :atom, :yaml, :multipart_form, :url_encoded_form, :json, :flv, :file, :image, :auto, :sourcefile, :sourceimage, :sourceauto, :legacy, :edit], :locale=>[:de, :de]}, @skip_default_locale=false, @frozen_formats=false, @view_paths=[d:/Informer/company/latest/ror/app/views, d:/Informer/company/latest/ror/vendor/plugins/will_paginate/app/views, d:/Informer/company/latest/ror/vendor/plugins/usesguid/app/views, d:/Informer/company/latest/ror/vendor/plugins/acts_as_tree/app/views, d:/Informer/company/latest/ror/vendor/plugins/acts_as_solr/app/views]>, @_action_name="start", @_response_body=nil, @_config={}, @_params={"controller"=>"ioi", "action"=>"start"}>, "action_dispatch.request.request_parameters"=>{}, "rack.request.query_string"=>"", "rack.request.query_hash"=>{}, "action_dispatch.request.query_parameters"=>{}, "action_dispatch.request.parameters"=>{"controller"=>"ioi", "action"=>"start"}, "action_dispatch.request.formats"=>[text/html], "rack.session.record"=>#, "action_dispatch.request.flash_hash"=>nil}, @request_method="POST", @filtered_parameters={"controller"=>"ioi", "action"=>"start"}, @method="POST", @fullpath="/ror/ioi/start">
HTTP_VERSION => HTTP/1.1
HTTP_HOST => thorx64
HTTP_MAX_FORWARDS => 10
HTTP_X_FORWARDED_FOR => 192.168.14.9
HTTP_X_FORWARDED_HOST => thorx64
HTTP_X_FORWARDED_SERVER => thorx64
HTTP_CONNECTION => Keep-Alive
i am a user?: false
session: 

request: /ror/login?ror_referer=%2Fror%2Fioi%2Fstart
request: /ror/ioi/start
#"thin 1.2.11 codename Bat-Shit Crazy", "SERVER_NAME"=>"thorx64", "rack.input"=>#, "rack.version"=>[1, 0], "rack.errors"=>#>, "rack.multithread"=>false, "rack.multiprocess"=>false, "rack.run_once"=>false, "REQUEST_METHOD"=>"GET", "REQUEST_PATH"=>"/ror/ioi/start", "PATH_INFO"=>"/ioi/start", "REQUEST_URI"=>"/ror/ioi/start", "HTTP_VERSION"=>"HTTP/1.1", "HTTP_HOST"=>"thorx64", "HTTP_COOKIE"=>"_ror_session=bfd6cdcd0650812edeb58c9a915e3948; user=rausch", "HTTP_MAX_FORWARDS"=>"10", "HTTP_X_FORWARDED_FOR"=>"192.168.14.9", "HTTP_X_FORWARDED_HOST"=>"thorx64", "HTTP_X_FORWARDED_SERVER"=>"thorx64", "HTTP_CONNECTION"=>"Keep-Alive", "GATEWAY_INTERFACE"=>"CGI/1.2", "SERVER_PORT"=>"80", "QUERY_STRING"=>"", "SERVER_PROTOCOL"=>"HTTP/1.1", "rack.url_scheme"=>"http", "SCRIPT_NAME"=>"/ror", "REMOTE_ADDR"=>"127.0.0.1", "async.callback"=>#, "async.close"=>#, "action_dispatch.parameter_filter"=>[:password], "action_dispatch.secret_token"=>"a1ef5e037607d12742a40a0793de973a5e68605ccf087ad1baedaee6d811687b82a0671b94da2c4a9af2b481a5346585649e83d2f56f2838a4aca8eedbfc93b7", "action_dispatch.show_exceptions"=>true, "action_dispatch.remote_ip"=>127.0.0.1, "rack.session"=>{"current_user_id"=>49}, "rack.session.options"=>{:path=>"/", :domain=>nil, :expire_after=>nil, :secure=>false, :httponly=>true, :id=>"bfd6cdcd0650812edeb58c9a915e3948"}, "rack.request.cookie_string"=>"_ror_session=bfd6cdcd0650812edeb58c9a915e3948; user=rausch", "rack.request.cookie_hash"=>{"_ror_session"=>"bfd6cdcd0650812edeb58c9a915e3948", "user"=>"rausch"}, "rack.session.record"=>#, "action_dispatch.request.path_parameters"=>{:controller=>"ioi", :action=>"start"}, "action_controller.instance"=>#"text/html"}, @_status=200, @_response=#, @block=nil, @length=0, @header={}, @status=200, @body=[], @cookie=[], @sending_file=false, @blank=false, @cache_control={}, @etag=nil, @request=#>, @_request=#, @_env={...}, @lookup_context=#[:erb, :rjs, :builder, :rhtml, :rxml], :formats=>[:html, :text, :js, :css, :ics, :csv, :xml, :rss, :atom, :yaml, :multipart_form, :url_encoded_form, :json, :flv, :file, :image, :auto, :sourcefile, :sourceimage, :sourceauto, :legacy, :edit], :locale=>[:de, :de]}, @skip_default_locale=false, @frozen_formats=false, @view_paths=[d:/Informer/company/latest/ror/app/views, d:/Informer/company/latest/ror/vendor/plugins/will_paginate/app/views, d:/Informer/company/latest/ror/vendor/plugins/usesguid/app/views, d:/Informer/company/latest/ror/vendor/plugins/acts_as_tree/app/views, d:/Informer/company/latest/ror/vendor/plugins/acts_as_solr/app/views]>, @_action_name="start", @_response_body=nil, @
0

1 răspunsuri

Am înţeles! A fost o problemă în șine.

Acest mic lucru a provocat problema :)

application_controller.rb

Line 2:  protect_from_forgery

Aceasta este pentru a proteja aplicația. Creează un jeton de securitate pentru a fi utilizat în fiecare solicitare ajax.

<meta name="csrf-param" content="authenticity_token"/>
<meta name="csrf-token" content="sGeq9l+HfYotFbfuZFHqtmrMGBygMGZc2SjnmEwp9eo="/>

Deci, soluția în acest caz, deoarece nu am acest lucru în clientul c:

  1. Create a handshake to get the security token and post this as well (to much work for me :))
  2. What I did: Add a skip filter in the target controller: skip_before_filter :verify_authenticity_token

Concluzie: Funcționează să stocheze cookie-uri și anteturi ca și mine și să le trimit cu următoarele solicitări pentru a "simula" sesiunea.

0
adăugat