Wcf 服务服务器 - 使用 usernametoken 进行身份验证
[英]Wcf service server - authentication with usernametoken
问题描述
we are trying to create server from given demo wsdl.
我们正在尝试从给定的演示 wsdl 创建服务器。 Wsdl does not contains security but we need implement usernametoken where request header looks like this: Wsdl 不包含安全性,但我们需要实现 usernametoken 请求 header 看起来像这样:
<soap:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:env="http://www.w3.org/2003/05/soap-envelope" env:mustUnderstand="true">
<wsse:UsernameToken wsu:Id="UsernameToken-7dd435a5-b8bb-4388-bba3-f77512a14351">
<wsse:Username>CES</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">e8I23Z92JGgSREAb=</wsse:Password>
<wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">v21JzUcrKZiZ7MC==</wsse:Nonce>
<wsu:Created>2017-10-13T13:00:02.221Z</wsu:Created>
</wsse:UsernameToken>
<wsse:SecurityTokenReference>
<wsse:Embedded wsse:ValueType="http://www.asktirweb.org/security/authentication/username" wsu:Id="alex"/>
</wsse:SecurityTokenReference>
</wsse:Security>
<Action xmlns="http://www.w3.org/2005/08/addressing">http://www.asktirweb.org/services/TIRAccountingService-1/sendInvoice</Action>
<MessageID xmlns="http://www.w3.org/2005/08/addressing">urn:uuid:321a0dff-61a8-4eae-8934-7f06e8d87648</MessageID>
<To xmlns="http://www.w3.org/2005/08/addressing">http://wiesbaden:8040/askdemo/hs/AskTirWebDemo/WsSecurityRequests</To>
<ReplyTo xmlns="http://www.w3.org/2005/08/addressing">
<Address>http://www.w3.org/2005/08/addressing/anonymous</Address>
</ReplyTo>
</soap:Header>
Any suggestions?有什么建议么?
1 个解决方案
解决方案1
0 已采纳 2019-11-21 11:08:43
Please try the below custom binding, it might be useful to you.请尝试以下自定义绑定,它可能对您有用。
<customBinding>
<binding name="mybinding">
<textMessageEncoding messageVersion="Soap12WSAddressing10">
</textMessageEncoding>
<security authenticationMode="UserNameOverTransport" includeTimestamp="false" >
</security>
<httpsTransport></httpsTransport>
</binding>
</customBinding>
And the request body captured by Fiddle.以及 Fiddle 捕获的请求正文。
Besides, can we use the WSDL file to generate the client configuration, which has contained the essential binding type and security authentication mode?另外,我们可以使用WSDL文件生成客户端配置,其中包含必要的绑定类型和安全认证模式吗? Like the below Tools.像下面的工具。
https://docs.microsoft.com/en-us/dotnet/framework/wcf/servicemodel-metadata-utility-tool-svcutil-exe https://docs.microsoft.com/en-us/dotnet/framework/wcf/servicemodel-metadata-utility-tool-svcutil-exe
By default, it is a built-in tool in VS Developer Command Prompts.默认情况下,它是 VS Developer 命令提示符中的内置工具。
svcutil https://vabqia969vm:21011
It will generate the output.config in the current directory, it contains the binding configuration to be used in WCF.它将在当前目录中生成 output.config,它包含要在 WCF 中使用的绑定配置。
Feel free to let me know if there is anything I can help with.如果有什么我可以帮忙的,请随时告诉我。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.