Unable to send soap request with digest authentication in the header

Question

I'm trying to do integration with a third party application via SOAP. They want all the requests to be with a header like the following:

<soapenv:Header>
    <wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
        <wsse:UsernameToken wsu:Id="UsernameToken-DD4E97480F1F85448316117490736656">
            <wsse:Username>E_PARTNER</wsse:Username>
            <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">wg0ddtB6cbJ7E0Huxzl8xwcGHGA=</wsse:Password>
            <wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">VSrk7BdhGeApgR4BdtKl8Q==</wsse:Nonce>
            <wsu:Created>2021-01-27T12:04:33.664Z</wsu:Created>
        </wsse:UsernameToken>
    </wsse:Security>
</soapenv:Header>

where Password is the result of the formula PasswordDigest = Base64(SHA1(nonce + created + password)) .

It all works when I test through SoapUI but when I want to send it from my C# program it fails. I think the problem is with the configuration of my client. Here is my code:

// IDK what's going on in the following 3 lines
BasicHttpBinding _binding = new BasicHttpBinding(BasicHttpSecurityMode.TransportWithMessageCredential);
_binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Digest;
_binding.Security.Message.ClientCredentialType = BasicHttpMessageCredentialType.UserName;

var client = new PartnersInteraction.partnersPortTypeClient(_binding, new EndpointAddress("https://urlhere.com"));
client.Endpoint.EndpointBehaviors.Add(_soapLoggingBehavior); // logging
client.ClientCredentials.UserName.UserName = UserName; // username that they gave me 
client.ClientCredentials.UserName.Password = Password; // password that they gave me
OperationContext.Current.OutgoingMessageHeaders.Add(GetHeader()); // here in GetHeader() the header adds to the message

return await client.getUPIDAsync(UserName); // the api method call

PartnersInteraction.partnersPortTypeClient is the client that I generated from wsdl. It is a child class of System.ServiceModel.ClientBase .

The error I receive in the response: A security error was encountered when verifying the message Caused by: An error was discovered processing the wsse:Security header .

It's the first time I work with SOAP and it seems too confusing to me, so guys help me please with that configuration. Maybe I should change something in _binding ? Or the problem can be in the PartnersInteraction.partnersPortTypeClient ?

Answer 1

Well after several days of searching I finally found the solution. Helped changing this:

BasicHttpBinding _binding = new BasicHttpBinding(BasicHttpSecurityMode.TransportWithMessageCredential);
_binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Digest;
_binding.Security.Message.ClientCredentialType = BasicHttpMessageCredentialType.UserName;

to this:

BasicHttpBinding _binding = new BasicHttpBinding(BasicHttpSecurityMode.Transport);