将wsse:security元素添加到soap标头
[英]Adding wsse:security element to soap header
问题描述
I'm currently trying to connect to the hmrc's api and have set up a service in my project and am now in the process of creating the message to send. 
我目前正在尝试连接hmrc的api,并在我的项目中设置了服务,现在正在创建要发送的消息。
I've been able to create the body section of the message fine, but am having trouble getting the header right. 我已经能够很好地创建消息的正文部分,但是在正确设置标题时遇到了麻烦。 here's an example of what the message should look like: 这是该消息的外观示例:
<soap:Envelope
xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/03/addressing"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wsswssecurity-utility-1.0.xsd"
xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
<soap:Header>
<wsa:Action>http://schemas.xmlsoap.org/ws/2004/04/security/trust/RST/Issue</wsa:Action>
<wsa:MessageID>uuid:39610e5b-162b-4491-9301-85578046a583</wsa:MessageID>
<wsa:ReplyTo>
<wsa:Address>
http://schemas.xmlsoap.org/ws/2004/03/addressing/role/anonymous
</wsa:Address>
</wsa:ReplyTo>
<wsa:To>
http://www.gateway.gov.uk/soap/2007/02/sts
</wsa:To>
<wsse:Security>
<wsu:Timestamp wsu:Id="Timestamp-201ebb7a-d2f4-44d5-85e4-b8bb4c71ed54">
<wsu:Created>2012-04-13T16:18:11Z</wsu:Created>
<wsu:Expires>2012-04-13T16:23:11Z</wsu:Expires>
</wsu:Timestamp>
</wsse:Security>
</soap:Header>
<soap:Body>
<wst:RequestSecurityToken xmlns:wst="http://schemas.xmlsoap.org/ws/2004/04/trust">
<wst:TokenType>urn:GSO-SystemServices:external:1.65:gatewaytoken#GatewayToken</wst:TokenType>
<wst:RequestType>http://schemas.xmlsoap.org/ws/2004/04/security/trust/Issue</wst:RequestType>
<wst:Base>
<wsse:UsernameToken xmlns:wsu="http://docs.oasisopen.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="SecurityToken-94d12e0f-400b-4412-bde8-e03357eb0692">
<wsse:Username>513FDQ37JILL</wsse:Username>
<wsse:Password Type="http://docs.oasisopen.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">
NXJ3ynAa8Sy136aifThXJl8vLoE=
</wsse:Password>
<wsse:Nonce>4nJy2oD6xC79zatTHvuywg==</wsse:Nonce>
<wsu:Created>2007-02-01T11:03:10Z</wsu:Created>
</wsse:UsernameToken>
</wst:Base>
<wsp:AppliesTo xmlns:wsp="http://schemas.xmlsoap.org/ws/2002/12/policy">
<wsa:EndpointReference>
<wsa:Address>urn:GSO-SystemServices:external:1.65:GatewayWebServices</wsa:Address>
</wsa:EndpointReference>
</wsp:AppliesTo> Version 1.0 32 9 June 2008
<wst:Lifetime>
<wsu:Expires>2012-04-13T20:23:11Z</wsu:Expires>
</wst:Lifetime>
</wst:RequestSecurityToken>
</soap:Body>
</soap:Envelope>
The main issue is i can't get the Security element to show. 主要问题是我无法显示Security元素。 I've currently been playing around in the app.config file trying out various types of binding, but i'm really new to using services and am getting completely stuck. 我目前一直在app.config文件中尝试各种类型的绑定,但是我对使用服务真的很陌生,并且完全陷入困境。 Here's my current app.config: 这是我当前的app.config:
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<configSections>
</configSections>
<system.serviceModel>
<bindings>
<customBinding>
<binding name="XmlTokenServiceBinding" >
<textMessageEncoding maxReadPoolSize="64" maxWritePoolSize="16"
messageVersion="Soap11WSAddressing10" writeEncoding="utf-8">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384" maxBytesPerRead="4096" maxNameTableCharCount="16384" />
</textMessageEncoding>
<security authenticationMode="SecureConversation" includeTimestamp="True" requireSecurityContextCancellation="false"
messageSecurityVersion="WSSecurity11WSTrust13WSSecureConversation13WSSecurityPolicy12BasicSecurityProfile10">
</security>
<httpsTransport manualAddressing="false" maxBufferPoolSize="524288"
maxReceivedMessageSize="65536" allowCookies="false" authenticationScheme="Anonymous"
bypassProxyOnLocal="false" decompressionEnabled="true" hostNameComparisonMode="StrongWildcard"
keepAliveEnabled="true" maxBufferSize="65536" proxyAuthenticationScheme="Anonymous"
realm="" transferMode="Buffered" unsafeConnectionNtlmAuthentication="false"
useDefaultWebProxy="true" requireClientCertificate="false" />
</binding>
</customBinding>
</bindings>
<behaviors>
<endpointBehaviors>
<behavior>
<clientVia viaUri="https://secure.gateway.gov.uk/soap/2007/02/sts/GatewayTokenService.ashx"/>
</behavior>
</endpointBehaviors>
</behaviors>
<client>
<endpoint address="https://secure.gateway.gov.uk/soap/2007/02/sts/GatewayTokenService.ashx"
binding="customBinding" bindingConfiguration="XmlTokenServiceBinding"
contract="ServiceReference1.XmlTokenServicePortType" name="XmlTokenServicePort" />
</client>
</system.serviceModel>
edit: Code as requested in comments for calling service: 编辑:呼叫服务注释中要求的代码:
TokenService.RequestSecurityToken request = CreateTokenRequest();
TokenService.XmlTokenServicePortTypeClient client = new TokenService.XmlTokenServicePortTypeClient();
TokenService.RequestSecurityTokenResponseType response = client.RequestSecurityTokenRequest(request);
Also here is the request message through fiddler: 这也是通过提琴手发出的请求消息:
<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" xmlns:a="http://www.w3.org/2005/08/addressing">
<s:Header>
<a:Action s:mustUnderstand="1">http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue</a:Action>
<a:MessageID>urn:uuid:0f43afa7-c22c-400b-87b2-c9b76bd0abdd</a:MessageID>
<a:ReplyTo>
<a:Address>http://www.w3.org/2005/08/addressing/anonymous</a:Address>
</a:ReplyTo>
<a:To s:mustUnderstand="1">https://secure.gateway.gov.uk/soap/2007/02/sts/GatewayTokenService.ashx</a:To>
</s:Header>
<s:Body>
<t:RequestSecurityToken Context="uuid-829d42ad-a560-44aa-9be8-95c212d82762-1" xmlns:t="http://schemas.xmlsoap.org/ws/2005/02/trust">
<t:TokenType>http://schemas.xmlsoap.org/ws/2005/02/sc/sct</t:TokenType>
<t:RequestType>http://schemas.xmlsoap.org/ws/2005/02/trust/Issue</t:RequestType>
<t:KeySize>256</t:KeySize>
<t:BinaryExchange ValueType="http://schemas.xmlsoap.org/ws/2005/02/trust/spnego" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">YIGeBgYrBgEFBQKggZMwgZCgGjAYBgorBgEEAYI3AgIeBgorBgEEAYI3AgIKonIEcE5FR09FWFRTAAAAAAAAAABgAAAAcAAAABOP7thI+QdbUguCiBDWyeqYiLGof7AdxPVl4cuUPGbTiMyHDzMox/EGGxas/mzB/AAAAAAAAAAAYAAAAAEAAAAAAAAAAAAAAEVyfDIyRYtIv9kqa6BepAo=</t:BinaryExchange>
</t:RequestSecurityToken>
</s:Body>
</s:Envelope>
1 个解决方案
解决方案1
0 2012-04-13 15:58:41
do you have any additional specification of the service security configuration? 您是否对服务安全性配置有其他规定? seems like it will require not just one message but multiple message exchange (ws-trust). 似乎它不仅需要一条消息,还需要多条消息交换(ws-trust)。 Also the sample message uses ws-addressing version 2004/03 which is not directly supported by wcf. 此外,样本消息还使用ws寻址版本2004/03,而wcf不直接支持该版本。 All this may or may not be an issue in your case (maybe you just work directly with the STS) 在您的情况下,所有这一切可能会或可能不会成为问题(也许您只是直接与STS合作)
To answer your immediate question - your setting should emit some kine of security header. 为了回答您的紧迫问题-您的设置应发出一些安全标头。 Why do you think it does not? 您为什么不这样认为? The WCF logs will nto show the security (unless configured to log at transport level). WCF日志将显示安全性(除非配置为在传输级别进行日志记录)。 Use fiddler to see what actually goes on the wire. 使用提琴手查看实际情况。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.