I'm trying to do integration with a third party application via SOAP. They want all the requests to be with a header like the following:
<soapenv:Header>
<wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsse:UsernameToken wsu:Id="UsernameToken-DD4E97480F1F85448316117490736656">
<wsse:Username>E_PARTNER</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">wg0ddtB6cbJ7E0Huxzl8xwcGHGA=</wsse:Password>
<wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">VSrk7BdhGeApgR4BdtKl8Q==</wsse:Nonce>
<wsu:Created>2021-01-27T12:04:33.664Z</wsu:Created>
</wsse:UsernameToken>
</wsse:Security>
</soapenv:Header>
where Password
is the result of the formula PasswordDigest = Base64(SHA1(nonce + created + password))
.
It all works when I test through SoapUI but when I want to send it from my C# program it fails. I think the problem is with the configuration of my client. Here is my code:
// IDK what's going on in the following 3 lines
BasicHttpBinding _binding = new BasicHttpBinding(BasicHttpSecurityMode.TransportWithMessageCredential);
_binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Digest;
_binding.Security.Message.ClientCredentialType = BasicHttpMessageCredentialType.UserName;
var client = new PartnersInteraction.partnersPortTypeClient(_binding, new EndpointAddress("https://urlhere.com"));
client.Endpoint.EndpointBehaviors.Add(_soapLoggingBehavior); // logging
client.ClientCredentials.UserName.UserName = UserName; // username that they gave me
client.ClientCredentials.UserName.Password = Password; // password that they gave me
OperationContext.Current.OutgoingMessageHeaders.Add(GetHeader()); // here in GetHeader() the header adds to the message
return await client.getUPIDAsync(UserName); // the api method call
PartnersInteraction.partnersPortTypeClient
is the client that I generated from wsdl. It is a child class of System.ServiceModel.ClientBase
.
The error I receive in the response: A security error was encountered when verifying the message Caused by: An error was discovered processing the wsse:Security header .
It's the first time I work with SOAP and it seems too confusing to me, so guys help me please with that configuration. Maybe I should change something in _binding
? Or the problem can be in the PartnersInteraction.partnersPortTypeClient
?
Well after several days of searching I finally found the solution. Helped changing this:
BasicHttpBinding _binding = new BasicHttpBinding(BasicHttpSecurityMode.TransportWithMessageCredential);
_binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Digest;
_binding.Security.Message.ClientCredentialType = BasicHttpMessageCredentialType.UserName;
to this:
BasicHttpBinding _binding = new BasicHttpBinding(BasicHttpSecurityMode.Transport);
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.