堆栈内存溢出
  简体   繁体   English

具有SAML的wsse安全标头

[英]wsse Security Header with SAML

 原文  2013-03-26 15:14:13       c#/ soap/ wif/ saml/ wse

问题描述

I need to consume the web service which is exposed by my service provider. 我需要使用服务提供商公开的Web服务。 I got the WSDL file from them. 我从他们那里得到了WSDL文件。 In SOAP request header I have to add the wsse:Security header with SAML assertion. 在SOAP请求标头中,我必须添加具有SAML断言的wsse:Security标头。

Please have a look at the below wsse:Security header. 请查看下面的wsse:Security标头。 I have searched a lot and tried with WSE 3.0, WIF and WCF. 我进行了很多搜索,并尝试使用WSE 3.0,WIF和WCF。 Help me to move further spent around 15 days and I'm running out of time. 帮助我在15天内继续花更多时间,而我的时间已用完。

I don't need a code. 我不需要密码。 If you give me clues it's more than enough. 如果您提供线索,那就足够了。 

 <wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
  <wsse:BinarySecurityToken EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" wsu:Id="CertId-2205212A7CE172EDAD136396070929096">MIIGOzCCBSOgAwIBAgIRAMLHEnngSJwPhUBrQD7Wau</wsse:BinarySecurityToken>
  <saml2:Assertion ID="2205212A7CE172EDAD136396070923593" IssueInstant="2013-03-22T13:58:29.235Z" Version="2.0" xsi:type="saml2:AssertionType" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
    <saml2:Issuer>Test.com</saml2:Issuer>
    <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
      <ds:SignedInfo>
        <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
        <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
        <ds:Reference URI="#2205212A7CE172EDAD136396070923593">
          <ds:Transforms>
            <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
            <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
          </ds:Transforms>
          <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
          <ds:DigestValue>NI1mY4izfZO9cTmY9RQ1wc=</ds:DigestValue>
        </ds:Reference>
      </ds:SignedInfo>
      <ds:SignatureValue>PPiZmdZRnUNl5XLT</ds:SignatureValue>
      <ds:KeyInfo>
        <ds:X509Data>
          <ds:X509Certificate>
            MIIGOzCCBSOgAwIBAgIRAMLHEnngSJwPhUBrQD7Wa
            uEwDQYJKoZIhvcNAQEFBQAwgYkxCzAJBgNV
            BAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAOBgNVBAcTB1NhbGZvcmQxGjAY            
            r7A/P/13q1BRTPvLM6CYNzb4wvAgBxiuBV97OoVSnMPxYVtW03OoOCquyXDrq8bLYuR5+l1YGahY
            D5nJfSXiCb9PCf5m+hZh6smWp1rMcafMLdr5+JbZEPPk36S1q1aokpoeEo2N0Hmg9mt2GOg6Z+Qu
            ya9s
          </ds:X509Certificate>
        </ds:X509Data>
      </ds:KeyInfo>
    </ds:Signature>
    <saml2:Subject>
      <saml2:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified" NameQualifier="Qualifier">CN=Test.com,OU=PlatinumSSL,OU=Test Company,OU=Test,O=Test</saml2:NameID>
      <saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:sender-vouches"/>
    </saml2:Subject>
    <saml2:Conditions NotBefore="2013-03-22T13:58:29.235Z" NotOnOrAfter="2013-03-22T14:03:29.235Z"/>
    <saml2:AuthnStatement>
      <saml2:AuthnContext>
        <saml2:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml2:AuthnContextClassRef>
      </saml2:AuthnContext>
    </saml2:AuthnStatement>
  </saml2:Assertion>
  <wsse:SecurityTokenReference wsse11:TokenType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0" wsu:Id="STRSAMLId-2205212A7CE172EDAD136396070929097" xmlns:wsse11="http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd">
    <wsse:KeyIdentifier ValueType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLID">2205212A7CE172EDAD136396070923593</wsse:KeyIdentifier>
  </wsse:SecurityTokenReference>
  <ds:Signature Id="SIG-19" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
    <ds:SignedInfo>
      <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
        <ec:InclusiveNamespaces PrefixList="head pros soapenv" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"/>
      </ds:CanonicalizationMethod>
      <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
      <ds:Reference URI="#id-1">
        <ds:Transforms>
          <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
            <ec:InclusiveNamespaces PrefixList="head pros" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"/>
          </ds:Transform>
        </ds:Transforms>
        <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
        <ds:DigestValue>yBGE2mVOFnzQPTA9v/7yIvq0CIk=</ds:DigestValue>
      </ds:Reference>
      <ds:Reference URI="#STRSAMLId-2205212A7CE172EDAD136396070929097">
        <ds:Transforms>
          <ds:Transform Algorithm="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#STR-Transform">
            <wsse:TransformationParameters>
              <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
            </wsse:TransformationParameters>
          </ds:Transform>
        </ds:Transforms>
        <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
        <ds:DigestValue>/2QpTYDtLM4GnZIVq5/RihtL6Ug=</ds:DigestValue>
      </ds:Reference>
    </ds:SignedInfo>
    <ds:SignatureValue>
      Yx4SB76RTGcrll18wYlwvLAWHgNeckPcO9be1opcAL99dzDe5RspWkmLjXJ0rY7wh+RPW+wzaJyI
      r0ezOByRNCFWHFNjZOdN5wj++h7pnJRFLe70WGNktREOckaQ/U/O5NLH8adkWFm+Q/wZApw2WLI6
      6uWmQ+l8rOaWPg8gsBS8sjn1S55W2MYPtnwSew==
    </ds:SignatureValue>
    <ds:KeyInfo Id="KeyId-2205212A7CE172EDAD136396070929094">
      <wsse:SecurityTokenReference wsu:Id="STRId-2205212A7CE172EDAD136396070929095">
        <wsse:Reference URI="#CertId-2205212A7CE172EDAD136396070929096" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"/>
      </wsse:SecurityTokenReference>
    </ds:KeyInfo>
  </ds:Signature>
</wsse:Security>

Thanks and regards, P.Ponkarthik 感谢和问候,P.Ponkarthik

1 个解决方案

解决方案1
 0  2013-04-01 08:56:10

看看wsFederationHttpBinding,它是为您处理此安全元数据的特殊WCF绑定( http://msdn.microsoft.com/zh-cn/library/ms731374.aspx

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何添加wsse:Security标头 - How to add wsse:Security header 将wsse:security元素添加到soap标头 - Adding wsse:security element to soap header 用于添加soap标头的C#代码wsse:Security,wsse:BinarySecurityToken,ds:Signature,wsse:UsernameToken,wsu:Timestamp - C# code to add soap header wsse:Security, wsse:BinarySecurityToken,ds:Signature, wsse:UsernameToken,wsu:Timestamp 如何使用WCF在WSSE安全标头中设置密码类型“PasswordText” - How to set password type “PasswordText” in the WSSE Security Header with WCF 对如何创建 SOAP 一无所知<wsse:Security>标题 - Clueless about how to create SOAP <wsse:Security> header 从WSSE安全标题C#ASMX / WCF服务中删除时间戳记 - Remove Timestamp from WSSE Security Header C# ASMX/WCF Service Wcf 请求缺少相互证书 wsse:Security - Wcf request with mutual certificate missing wsse:Security 在SOAP请求中使用自定义字段实现WSSE安全标头时,C#运行时错误 - C# Runtime Error when implementing WSSE Security Headers with custom fields in SOAP request C# 在没有 Web 参考的情况下以编程方式将 wsse:Security 和 BinarySecurityToken 添加到 Envelope xml 文件 - C# Add wsse:Security and BinarySecurityToken to Envelope xml file programmatically without Web Reference C#使用SHA-1和Base64编码wsse安全password_digest与服务器password_digest不匹配 - C# Encoding wsse security password_digest with SHA-1 and Base64 not matching server password_digest
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM