C# consuming Java SOAP service WSSecurity

Question

I'm trying to consume a Java-based webservice and everytime I try to connect i get an errror just like that:

org.apache.ws.security.WSSecurityException: The security token could not be authenticated or authorized;

The service administrator said I should sent the password encrypted with an AES key wich he sent me.

Thats what i have on my web.config so far

<client>
      <endpoint address="http://webservicer2:8088/billing/"
        binding="basicHttpBinding" bindingConfiguration="ServiceBill3"
        contract="ServiceBilling.ServiceBillingContract" name="ServiceBill3">
        <headers>
          <wsse:Security soapenv:actor="http://schemas.xmlsoap.org/soap/actor/next"
            soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
            xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
            <wsse:UsernameToken wsu:Id="UsernameToken-1" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
              <wsse:Username>ohmygod</wsse:Username>
              <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">bbqsauce</wsse:Password>
            </wsse:UsernameToken>
          </wsse:Security>
        </headers>
      </endpoint>
    </client>

The error happens when i try to execute any method on that service. What should I modify to add my key? Anyone?

Answer 1

Don't use BasicHTTPBinding with hard-coded headers. Use the built-in WS-Security support in WCF instead. See http://msdn.microsoft.com/en-us/library/vstudio/ms731058(v=vs.90).aspx . Also, take a look at the config that gets generated when you consume the service WSDL.

Answer 2

尝试此操作以输入wsse：Password中的密码

http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest