WebServicesClientProtocol在安全标头中将EncodingType添加到Nonce

Question

Similar question: How do I add an EncodingType attribute to the Nonce element of a UsernameToken in WSE 3.0 (.NET) 类似的问题：如何在WSE 3.0（.NET）中的UsernameToken的Nonce元素中添加EncodingType属性

I'm trying to modify header that is send by WebServicesClientProtocol to service. 我正在尝试修改由WebServicesClientProtocol发送到服务的标头。
Unfortunately Microsoft's implementation of WSSE Username and Token Security Spec 1.1 isn't compatible with standard and isn't sending EncodingType with Nonce . 遗憾的是，Microsoft的WSSE Username and Token Security Spec 1.1的实现与标准不兼容，并且没有使用Nonce发送EncodingType 。

In similar question I've linked on top solution was to disable EncodingType validation on server, but I'm not able to modify anything. 在类似的问题我已经链接在顶部解决方案是禁用服务器上的EncodingType验证，但我无法修改任何东西。

I've imported WSDL as Web Reference, I've changed base class to WebServicesClientProtocol 我已将WSDL导入为Web Reference，我已将基类更改为WebServicesClientProtocol

Then inside my code I'm doing this: 然后在我的代码里面我这样做：

var client = new QueryClient();

SoapContext requestContext = client.RequestSoapContext;
requestContext.Security.Timestamp.TtlInSeconds = 60;
var userToken = new UsernameToken(_userName, _password, PasswordOption.SendHashed);
requestContext.Security.Tokens.Add(userToken);
X509SecurityToken signatureToken = GetSecurityToken();
requestContext.Security.Tokens.Add(signatureToken);
MessageSignature sig = new MessageSignature(signatureToken);
requestContext.Security.Elements.Add(sig);
client.SetClientCredential(signatureToken);
client.SetClientCredential(new UsernameToken(_userName, _password, PasswordOption.SendHashed));

this creates request that is almost ideal, but Nonce hasn't got EncodingType : 这创建了几乎理想的请求，但Nonce没有EncodingType ：

<wsse:UsernameToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="SecurityToken-096b3d09-bc08-4d9b-a561-c5c793dd7197">
    <wsse:Username>ws_test_user</wsse:Username>
    <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">XrFybEBGGqAIp2ybV6BbAdGa01U=</wsse:Password>
    <wsse:Nonce>gXsJgA6vV/HwY4pew9pi9Q==</wsse:Nonce>
    <wsu:Created>2017-02-03T12:17:57Z</wsu:Created>
</wsse:UsernameToken>

Nonce must have this attribute: EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" Nonce必须具有以下属性： EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"

How can I add this attribute? 如何添加此属性？ I'd like to avoid manually creating request because I must specify Username, Password, BinarySecurityToken and Signature. 我想避免手动创建请求，因为我必须指定Username，Password，BinarySecurityToken和Signature。 Microsoft.Web.Services3 is creating all necessary elements for me, one thing missing is that attribute. Microsoft.Web.Services3正在为我创建所有必需的元素，缺少的一件事就是属性。

EDIT: 编辑：

This is request I'm trying to create: 这是我正在尝试创建的请求：

<soap:Envelope xmlns:dz="http://dom.query.api.com" xmlns:soap="http://www.w3.org/2003/05/soap-envelope" xmlns:xsd="http://dz.api.swd.zbp.pl/xsd">
    <soap:Header>
        <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
            <wsse:UsernameToken wsu:Id="UsernameToken-E94CEB6F4708FB7C23148611494797612">
                <wsse:Username>my_login</wsse:Username>
                <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">XqEwZ/CxaBfFvh487TjvN8qD63c=</wsse:Password>
                <wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">JzURe0CxvzRjmEcH/ndldw==</wsse:Nonce>
                <wsu:Created>2017-02-09T09:42:27.976Z</wsu:Created>
            </wsse:UsernameToken>
            <wsse:BinarySecurityToken EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509PKIPathv1" wsu:Id="X509-E94CEB6F4708FB7C2314861149479517">MIIKnDCCB.........nmIngeg6d6TNI=</wsse:BinarySecurityToken>
            <ds:Signature Id="SIG-E94CEB6F4708FB7C23148611494795311" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <ds:SignedInfo>
                    <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
                        <ec:InclusiveNamespaces PrefixList="dz soap xsd" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                    </ds:CanonicalizationMethod>
                    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
                    <ds:Reference URI="#id-E94CEB6F4708FB7C23148611494795310">
                        <ds:Transforms>
                            <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
                                <ec:InclusiveNamespaces PrefixList="dz xsd" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                            </ds:Transform>
                        </ds:Transforms>
                        <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
                        <ds:DigestValue>mlABQuNUFOmLqsDswxXxQ6XnjpQ=</ds:DigestValue>
                    </ds:Reference>
                </ds:SignedInfo>
                <ds:SignatureValue>lYhBHSQ/L...XL1HEbMQjJ/Q2Rvg==</ds:SignatureValue>
                <ds:KeyInfo Id="KI-E94CEB6F4708FB7C2314861149479518">
                    <wsse:SecurityTokenReference wsse11:TokenType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509PKIPathv1" wsu:Id="STR-E94CEB6F4708FB7C2314861149479519" xmlns:wsse11="http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd">
                        <wsse:Reference URI="#X509-E94CEB6F4708FB7C2314861149479517" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509PKIPathv1"/>
                    </wsse:SecurityTokenReference>
                </ds:KeyInfo>
            </ds:Signature>
        </wsse:Security>
    </soap:Header>
    <soap:Body wsu:Id="id-E94CEB6F4708FB7C23148611494795310" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
        <dz:query>
            <dz:param>
                <xsd:userQueryId>27467</xsd:userQueryId>
            </dz:param>
        </dz:query>
    </soap:Body>
</soap:Envelope>

I've send my request to service creator and he confirm that all I need is that EncodingType attribute in Nonce 我已将我的请求发送给服务创建者，他确认我需要的是Nonce中的EncodingType属性

Answer 1

The EncodingType flag is according to the WSSE Username and Token Security Spec 1.1, which is the spec required by the version of the Apache CXF framework that this Java Web Service is using. EncodingType标志符合WSSE用户名和令牌安全规范1.1，这是此Java Web服务正在使用的Apache CXF框架版本所需的规范。 .NET does not meet that spec. .NET不符合该规范。 Luckily there was a flag in CXF to turn off the requirement. 幸运的是，CXF中有一面旗帜可以关闭这个要求。 We did that and are now able to communicate. 我们做到了，现在能够沟通。

WebServicesClientProtocol在安全标头中将EncodingType添加到Nonce

问题描述

1 个解决方案

解决方案1
0 2017-02-13 14:39:21

WebServicesClientProtocol在安全标头中将EncodingType添加到Nonce

问题描述

1 个解决方案

解决方案1 0 2017-02-13 14:39:21

解决方案1
0 2017-02-13 14:39:21