I would like to add a security header to my WCF SOAP message that looks like the following:
<s:Header>
<Action s:mustUnderstand="1" xmlns="http://schemas.microsoft.com/ws/2005/05/addressing/none">URLWithAction</Action>
<Security xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:UsernameToken xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:Username>Username</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">Password</wsse:Password>
</wsse:UsernameToken>
</Security>
</s:Header>
Yet, I am unable to figure out if this can be done with basicHttpBinding or another standard one, or if I have to make a custom one and how I can make a custom one... Is anyone able to help?
It turned out that I had to play a bit more with the attributes for the security element in my custom binding. I added the tag includeTimestamp="false" and then the security header worked, even though the action element was not added to the header.
Final result of the custombinding was:
<customBinding>
<binding name="BasicHttpBinding_WebService">
<textMessageEncoding messageVersion="Soap11" writeEncoding="utf-8" />
<security authenticationMode="UserNameOverTransport"
includeTimestamp="false"/>
<httpsTransport />
</binding>
<binding name="BasicHttpBinding_WebService1"/>
</customBinding>
如果要在服务器或客户端上添加消息,请查看此答案。 如何为每个WCF调用添加自定义HTTP标头?
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.