堆栈内存溢出
  繁体   English   中英

BizTalk SendPort WCF使用WS-Security调用.asmx Web服务

[英]BizTalk SendPort WCF Calling .asmx web service using WS-Security

 原文  2009-11-03 17:35:51       wcf/ biztalk

问题描述

到目前为止,我发现的所有内容都表明我应该能够使用WCF调用使用WS-Security的.asmx Web服务。 问题是如何配置WCF端口。 我正在使用WCF-BasicHttp。 首先,可以吗? 其次,如何正确输入用户/密码。 在安全选项卡上,我应该选择哪个“安全模式”?

似乎让我输入凭据的唯一一个是TransportWithMessageCredential,然后可以按用户名凭据单击“编辑”按钮,然后输入用户/密码。

但是当我这样做的时候,我得到了: 

<soap:Fault xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
   <faultcode xmlns:q0="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">q0:Security</faultcode>
   <faultstring>Microsoft.Web.Services3.Security.SecurityFault: Security requirements are not satisfied because the security header is not present in the incoming message.
   at Microsoft.Web.Services3.Design.UsernameOverTransportAssertion.ServiceInputFilter.ValidateMessageSecurity(SoapEnvelope envelope, Security security)
   at MSB.RCTExpress.Presentation.Web.UsernameOverTransportAssertion.ServiceInputFilter.ValidateMessageSecurity(SoapEnvelope envelope, Security security)
     in C:\projects\la1safe1\RCT Express\MSB.RCTExpress\3.10\Presentation.Web\UsernameOverTransportNoSendNone.cs:line 27
   at Microsoft.Web.Services3.Security.ReceiveSecurityFilter.ProcessMessage(SoapEnvelope envelope)
   at Microsoft.Web.Services3.Pipeline.ProcessInputMessage(SoapEnvelope envelope)
   at Microsoft.Web.Services3.WseProtocol.FilterRequest(SoapEnvelope requestEnvelope)
   at Microsoft.Web.Services3.WseProtocol.RouteRequest(SoapServerMessage message)
   at System.Web.Services.Protocols.SoapServerProtocol.Initialize()
   at System.Web.Services.Protocols.ServerProtocol.SetContext(Type type, HttpContext context, HttpRequest request, HttpResponse response)
   at System.Web.Services.Protocols.ServerProtocolFactory.Create(Type type, HttpContext context, HttpRequest request, HttpResponse response, Boolean&amp; abortProcessing)</faultstring>
   <faultactor>http://rct3.msbexpress.net/demo/ExpressLync/ValuationService.asmx</faultactor>
</soap:Fault>

有任何想法吗?

谢谢,

尼尔·沃尔特斯

TomasR的帖子的后续文章-使用WS-HTTP绑定:

1)BizTalk“使用WCF向导”构建了一个自定义绑定文件和一个WS-BasicHTTP绑定文件,因此我更改了SendPort,并手动复制了所有配置。

设置如下:
安全模式:消息
邮件客户端凭据类型:UseName
算法套件:Basic256 [我不知道该放在哪里]
我还选中了另外两个框:
a)协商服务凭证[如果我不检查此凭证,则需要“缩略图”]
b)建立安全上下文[也尝试不检查这一部分]

2)然而出现此错误:

描述:
适配器无法发送消息,该消息将发送带有URL“ http://rct3.msbexpress.net/demo/ExpressLync/ValuationService.asmx ”的端口“ WcfSendPort_ValuationServicePort_ValuationServicePortSoap”。 在为此发送端口指定的重试间隔后,它将重新发送。
详细信息:“ System.NullReferenceException:对象引用未设置为对象的实例。

服务器堆栈跟踪: 

at System.ServiceModel.Security.IssuanceTokenProviderBase`1.DoNegotiation(TimeSpan timeout)  
at System.ServiceModel.Security.SspiNegotiationTokenProvider.OnOpen(TimeSpan timeout)  
at System.ServiceModel.Security.TlsnegoTokenProvider.OnOpen(TimeSpan timeout)  
at System.ServiceModel.Security.WrapperSecurityCommunicationObject.OnOpen(TimeSpan timeout)  
at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)  
at System.ServiceModel.Security.CommunicationObjectSecurityTokenProvider.Open(TimeSpan timeout)  
at System.ServiceModel.Security.SecurityUtils.OpenTokenProviderIfRequired(SecurityTokenProvider tokenProvider, TimeSpan timeout)  
at System.ServiceModel.Security.SymmetricSecurityProtocol.OnOpen(TimeSpan timeout)  
at System.ServiceModel.Security.WrapperSecurityCommunicationObject.OnOpen(TimeSpan timeout)  
at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)  
at System.ServiceModel.Channels.SecurityChannelFactory`1.ClientSecurityChannel`1.OnOpen(TimeSpan timeout)  
at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)  
at System.ServiceModel.Security.SecuritySessionSecurityTokenProvider.DoOperation(SecuritySessionOperation operation,   
  EndpointAddress target, Uri via, SecurityToken currentToken, TimeSpan timeout)  
at System.ServiceModel.Security.SecuritySessionSecurityTokenProvider.GetTokenCore(TimeSpan timeout)  
at System.IdentityModel.Selectors.SecurityTokenProvider.GetToken(TimeSpan timeout)  
at System.ServiceModel.Security.SecuritySessionClientSettings`1.ClientSecuritySessionChannel.OnOpen(TimeSpan timeout)  
at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)  
at System.ServiceModel.Channels.ServiceChannel.OnOpen(TimeSpan timeout)  
at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)  
at System.ServiceModel.Channels.CommunicationObject.Open()

异常重新抛出为[0]: 

at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)  
at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)  
at System.ServiceModel.ICommunicationObject.Open()  
at Microsoft.BizTalk.Adapter.Wcf.Runtime.WcfClient`2.GetChannel[TChannel](IBaseMessage bizTalkMessage,   
  ChannelFactory`1& cachedFactory)  
at Microsoft.BizTalk.Adapter.Wcf.Runtime.WcfClient`2.SendMessage(IBaseMessage bizTalkMessage)".

现在尝试自定义绑定,添加用户/密码并得到以下错误: 

<soap:Fault xmlns:soap="http://www.w3.org/2003/05/soap-envelope">
<soap:Code>
    <soap:Value xmlns:q0="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">q0:Security</soap:Value>
</soap:Code>
<soap:Reason>
<soap:Text xml:lang="en">Microsoft.Web.Services3.Security.SecurityFault: 
  Security requirements are not satisfied because the security header is not present in the incoming message.
  at Microsoft.Web.Services3.Design.UsernameOverTransportAssertion.ServiceInputFilter.ValidateMessageSecurity(SoapEnvelope envelope, 
    Security security)
  at MSB.RCTExpress.Presentation.Web.UsernameOverTransportAssertion.ServiceInputFilter.ValidateMessageSecurity
    (SoapEnvelope envelope, Security security) in 
    C:\projects\la1safe1\RCT Express\MSB.RCTExpress\3.10\Presentation.Web\UsernameOverTransportNoSendNone.cs:line 27
  at Microsoft.Web.Services3.Security.ReceiveSecurityFilter.ProcessMessage(SoapEnvelope envelope)
  at Microsoft.Web.Services3.Pipeline.ProcessInputMessage(SoapEnvelope envelope)
  at Microsoft.Web.Services3.WseProtocol.FilterRequest(SoapEnvelope requestEnvelope)
  at Microsoft.Web.Services3.WseProtocol.RouteRequest(SoapServerMessage message)
  at System.Web.Services.Protocols.SoapServerProtocol.Initialize()
  at System.Web.Services.Protocols.ServerProtocol.SetContext(Type type, HttpContext context, HttpRequest request, HttpResponse response)
  at System.Web.Services.Protocols.ServerProtocolFactory.Create(Type type, HttpContext context, HttpRequest request, HttpResponse response, Boolean&amp; abortProcessing)</soap:Text>
</soap:Reason>
<soap:Node>http://rct3.msbexpress.net/demo/ExpressLync/ValuationService.asmx</soap:Node>
</soap:Fault>

我的下一个尝试回到WS-HTTP,但是尝试将User / Pass放入消息分配中,而不是在SendPort中: 

msgRCTGetRequest(SOAP.Username) = "myuser"; 
msgRCTGetRequest(SOAP.Password) = "mypass"; 
//msgRCTGetRequest(SOAP.UseSoap12) = true;

导致此错误: 

<soap:Fault xmlns:soap="http://www.w3.org/2003/05/soap-envelope">
<soap:Code>
<soap:Value>soap:Sender</soap:Value>
</soap:Code><soap:Reason>
<soap:Text xml:lang="en">System.Web.Services.Protocols.SoapHeaderException: WSE012: The input was not a valid SOAP message because the following information is missing: action.
   at Microsoft.Web.Services3.Utilities.AspNetHelper.SetDefaultAddressingProperties(SoapContext context, HttpContext httpContext)
   at Microsoft.Web.Services3.WseProtocol.CreateRequestSoapContext(SoapEnvelope requestEnvelope)
   at Microsoft.Web.Services3.WseProtocol.FilterRequest(SoapEnvelope requestEnvelope)
   at Microsoft.Web.Services3.WseProtocol.RouteRequest(SoapServerMessage message)
   at System.Web.Services.Protocols.SoapServerProtocol.Initialize()
   at System.Web.Services.Protocols.ServerProtocol.SetContext(Type type, HttpContext context, HttpRequest request, HttpResponse response)
   at System.Web.Services.Protocols.ServerProtocolFactory.Create(Type type, HttpContext context, HttpRequest request, HttpResponse response, Boolean&amp; abortProcessing)</soap:Text>
</soap:Reason>
</soap:Fault>

第五次尝试,即将放弃并打开Microsoft票证: 

msgRCTGetRequest(WCF.UserName) = "myuser";
msgRCTGetRequest(WCF.Password) = "mypass";
msgRCTGetRequest(WCF.Action)      = "GetPropertyInfoSourceRecordPolicyNum"; 
msgRCTGetRequest(SOAP.MethodName) = "GetPropertyInfoSourceRecordPolicyNum"; 
msgRCTGetRequest(SOAP.Username) = "myuser"; 
msgRCTGetRequest(SOAP.Password) = "mypass";

与第四次尝试相同的错误。

根据提供Web服务的供应商的文档,我应该将用户放在W-Security UsernameToken元素中,将密码放在WS-Security密码中,并将该元素的属性设置为“ PasswordDigest”。 它还说:“该令牌应添加到Web方法的SOAP请求中。” 我不确定这是如何从旧的WSE3天转换为新的WCF天。

3 个解决方案

解决方案1
 2  2009-11-03 17:51:45

Neal,对于WS-Security,您需要使用WCF-WsHttp绑定/适配器。 WCF-BasicHttp仅用于不需要WS- *协议的较简单方案。

解决方案2
 1  2010-07-08 17:09:50

带有修补程序971831的.NET 4.0和.NET 3.5 SP1允许通过HTTP传输进行WS-Security。 尝试使用以下示例绑定: 

       <customBinding>
        <binding name="httpAndWSSecurity">
          <security authenticationMode="UserNameOverTransport" 
                    allowInsecureTransport="true"/> 
          <textMessageEncoding messageVersion="Soap11WSAddressingAugust2004"  />
          <httpTransport/>
        </binding>

另请参阅有关SecurityBindingElement.AllowInsecureTransport的MSDN文章。

解决方案3
 0 已采纳  2009-11-04 21:43:05

使用自定义绑定,然后从BizTalk发送端口中单击“配置”,然后转到最右边的选项卡,其中显示“导入/导出”。 将以下XML粘贴到文件(sample.config)中,然后将其导入配置端口。 这基本上节省了在绑定选项卡上手动键入很多内容的时间。 

<configuration>
  <system.serviceModel>
    <client>
      <endpoint
       address="http://rct3.msbexpress.net/demo/ExpressLync/ValuationService.asmx"
       binding="customBinding"
       bindingConfiguration="ValuationServicePortSoap12"
       contract="BizTalk"
       name="WcfSendPort_ValuationServicePort_ValuationServicePortSoap12"/>
    </client>
    <bindings>
     <customBinding>
      <binding name="ValuationServicePortSoap12">
       <security authenticationMode="UserNameOverTransport"
        messageProtectionOrder="SignBeforeEncrypt"
        includeTimestamp="true"
        messageSecurityVersion="WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10"
        requireDerivedKeys="false"
        requireSignatureConfirmation="false"/>
       <textMessageEncoding messageVersion="Soap11WSAddressingAugust2004"/>
       <httpsTransport />
      </binding>
     </customBinding>
    </bindings>
   </system.serviceModel>
</configuration>

上面的内容不是很直观(我仍在等待Microsoft的链接,该链接描述了更多详细信息)。

然后,您仍然在凭据选项卡上指定用户/密码。

但是,这给我们造成了一个问题,因为我们所调用的供应商的.asmx Web服务没有将IIS设置为“需要SSL”。 显然,这是与WCF一起使用的要求。 换句话说,它与WSE3将.NET调用到.NET一起正常工作,但是当尝试将WCF调用到.asmx时,WCF的要求稍微严格一些。

尼尔·沃尔特斯

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 .NET WCF使用WS-Security调用.asmx 使用WS-Security的WCF客户端调用Java Web服务 WCF客户端,用于通过WS-Security使用ASMX服务 调用WS-Security Web服务的WCF错误:找不到X509SecurityToken的令牌认证器 WCF客户端使用WS-Security连接到Java SOAP Web服务 从Apache CXF访问WCF Web服务(MTOM + WS-Security) 用于Web服务的WCF客户端,具有WS-Security,签名的标头,身份验证令牌和主体加密 使用 WS-Security UsernameToken PasswordDigest 身份验证方案使用 Axis 2 Web 服务的 WCF 客户端出错 具有WS-Security的WCF客户端 Wcf WS-Security服务器
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM