stackoom
  简体   繁体   中英

wsse Security Header with SAML

 原文  2013-03-26 15:14:13       c#/ soap/ wif/ saml/ wse

Question

I need to consume the web service which is exposed by my service provider. I got the WSDL file from them. In SOAP request header I have to add the wsse:Security header with SAML assertion.

Please have a look at the below wsse:Security header. I have searched a lot and tried with WSE 3.0, WIF and WCF. Help me to move further spent around 15 days and I'm running out of time.

I don't need a code. If you give me clues it's more than enough. 

 <wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
  <wsse:BinarySecurityToken EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" wsu:Id="CertId-2205212A7CE172EDAD136396070929096">MIIGOzCCBSOgAwIBAgIRAMLHEnngSJwPhUBrQD7Wau</wsse:BinarySecurityToken>
  <saml2:Assertion ID="2205212A7CE172EDAD136396070923593" IssueInstant="2013-03-22T13:58:29.235Z" Version="2.0" xsi:type="saml2:AssertionType" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
    <saml2:Issuer>Test.com</saml2:Issuer>
    <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
      <ds:SignedInfo>
        <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
        <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
        <ds:Reference URI="#2205212A7CE172EDAD136396070923593">
          <ds:Transforms>
            <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
            <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
          </ds:Transforms>
          <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
          <ds:DigestValue>NI1mY4izfZO9cTmY9RQ1wc=</ds:DigestValue>
        </ds:Reference>
      </ds:SignedInfo>
      <ds:SignatureValue>PPiZmdZRnUNl5XLT</ds:SignatureValue>
      <ds:KeyInfo>
        <ds:X509Data>
          <ds:X509Certificate>
            MIIGOzCCBSOgAwIBAgIRAMLHEnngSJwPhUBrQD7Wa
            uEwDQYJKoZIhvcNAQEFBQAwgYkxCzAJBgNV
            BAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAOBgNVBAcTB1NhbGZvcmQxGjAY            
            r7A/P/13q1BRTPvLM6CYNzb4wvAgBxiuBV97OoVSnMPxYVtW03OoOCquyXDrq8bLYuR5+l1YGahY
            D5nJfSXiCb9PCf5m+hZh6smWp1rMcafMLdr5+JbZEPPk36S1q1aokpoeEo2N0Hmg9mt2GOg6Z+Qu
            ya9s
          </ds:X509Certificate>
        </ds:X509Data>
      </ds:KeyInfo>
    </ds:Signature>
    <saml2:Subject>
      <saml2:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified" NameQualifier="Qualifier">CN=Test.com,OU=PlatinumSSL,OU=Test Company,OU=Test,O=Test</saml2:NameID>
      <saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:sender-vouches"/>
    </saml2:Subject>
    <saml2:Conditions NotBefore="2013-03-22T13:58:29.235Z" NotOnOrAfter="2013-03-22T14:03:29.235Z"/>
    <saml2:AuthnStatement>
      <saml2:AuthnContext>
        <saml2:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml2:AuthnContextClassRef>
      </saml2:AuthnContext>
    </saml2:AuthnStatement>
  </saml2:Assertion>
  <wsse:SecurityTokenReference wsse11:TokenType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0" wsu:Id="STRSAMLId-2205212A7CE172EDAD136396070929097" xmlns:wsse11="http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd">
    <wsse:KeyIdentifier ValueType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLID">2205212A7CE172EDAD136396070923593</wsse:KeyIdentifier>
  </wsse:SecurityTokenReference>
  <ds:Signature Id="SIG-19" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
    <ds:SignedInfo>
      <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
        <ec:InclusiveNamespaces PrefixList="head pros soapenv" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"/>
      </ds:CanonicalizationMethod>
      <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
      <ds:Reference URI="#id-1">
        <ds:Transforms>
          <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
            <ec:InclusiveNamespaces PrefixList="head pros" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"/>
          </ds:Transform>
        </ds:Transforms>
        <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
        <ds:DigestValue>yBGE2mVOFnzQPTA9v/7yIvq0CIk=</ds:DigestValue>
      </ds:Reference>
      <ds:Reference URI="#STRSAMLId-2205212A7CE172EDAD136396070929097">
        <ds:Transforms>
          <ds:Transform Algorithm="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#STR-Transform">
            <wsse:TransformationParameters>
              <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
            </wsse:TransformationParameters>
          </ds:Transform>
        </ds:Transforms>
        <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
        <ds:DigestValue>/2QpTYDtLM4GnZIVq5/RihtL6Ug=</ds:DigestValue>
      </ds:Reference>
    </ds:SignedInfo>
    <ds:SignatureValue>
      Yx4SB76RTGcrll18wYlwvLAWHgNeckPcO9be1opcAL99dzDe5RspWkmLjXJ0rY7wh+RPW+wzaJyI
      r0ezOByRNCFWHFNjZOdN5wj++h7pnJRFLe70WGNktREOckaQ/U/O5NLH8adkWFm+Q/wZApw2WLI6
      6uWmQ+l8rOaWPg8gsBS8sjn1S55W2MYPtnwSew==
    </ds:SignatureValue>
    <ds:KeyInfo Id="KeyId-2205212A7CE172EDAD136396070929094">
      <wsse:SecurityTokenReference wsu:Id="STRId-2205212A7CE172EDAD136396070929095">
        <wsse:Reference URI="#CertId-2205212A7CE172EDAD136396070929096" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"/>
      </wsse:SecurityTokenReference>
    </ds:KeyInfo>
  </ds:Signature>
</wsse:Security>

Thanks and regards, P.Ponkarthik

1 answers

solution1
 0  2013-04-01 08:56:10

看看wsFederationHttpBinding,它是为您处理此安全元数据的特殊WCF绑定( http://msdn.microsoft.com/zh-cn/library/ms731374.aspx

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How to add wsse:Security header Adding wsse:security element to soap header C# code to add soap header wsse:Security, wsse:BinarySecurityToken,ds:Signature, wsse:UsernameToken,wsu:Timestamp How to set password type “PasswordText” in the WSSE Security Header with WCF Clueless about how to create SOAP <wsse:Security> header Remove Timestamp from WSSE Security Header C# ASMX/WCF Service Wcf request with mutual certificate missing wsse:Security C# Runtime Error when implementing WSSE Security Headers with custom fields in SOAP request C# Add wsse:Security and BinarySecurityToken to Envelope xml file programmatically without Web Reference C# Encoding wsse security password_digest with SHA-1 and Base64 not matching server password_digest
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM