使用C#,WCF SOAP使用者使用WSSE純文本身份驗證?
[英]With C#, WCF SOAP consumer that uses WSSE plain text authentication?
問題描述
我有一個WCF SOAP使用者,它由Visual Studio 2012從WSDL實現。 WSDL由PeopleTools生成。 基礎對象的類型為System.ServiceModel.ClientBase 。
我需要SOAP請求類似於:
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:sch="http://xmlns.oracle.com/Enterprise/Tools/schemas">
<soapenv:Header>
<wsse:Security soap:mustUnderstand="1" xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:UsernameToken>
<wsse:Username>[plain text username goes here]</wsse:Username>
<wsse:Password>[plain text password goes here]</wsse:Password>
</wsse:UsernameToken>
</wsse:Security>
</soapenv:Header>
<soapenv:Body>
<sch:InputParameters>
<Last_Name>Aren</Last_Name>
<First_Name>Cambre</First_Name>
</sch:InputParameters>
</soapenv:Body>
</soapenv:Envelope>
這是我們最接近的地方:
<s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:a="http://www.w3.org/2005/08/addressing">
<s:Header>
<a:Action s:mustUnderstand="1">http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue</a:Action>
<a:MessageID>urn:uuid:3cc3f2ca-c647-466c-b38b-f2423462c837</a:MessageID>
<a:ReplyTo>
<a:Address>http://www.w3.org/2005/08/addressing/anonymous</a:Address>
</a:ReplyTo>
<a:To s:mustUnderstand="1">http://[internal URL to soap listener]</a:To>
</s:Header>
<s:Body>
<t:RequestSecurityToken Context="uuid-7db82975-2b22-4236-94a1-b3344a0bf04d-1" xmlns:t="http://schemas.xmlsoap.org/ws/2005/02/trust">
<t:TokenType>http://schemas.xmlsoap.org/ws/2005/02/sc/sct</t:TokenType>
<t:RequestType>http://schemas.xmlsoap.org/ws/2005/02/trust/Issue</t:RequestType>
<t:KeySize>256</t:KeySize>
<t:BinaryExchange ValueType=" http://schemas.xmlsoap.org/ws/2005/02/trust/tlsnego" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">FgMBAFoBAABWAwFQ9IhUFGUO6tCH+0baQ0n/3us//MMXzQA78Udm4xFj5gAAGAAvADUABQAKwBPAFMAJwAoAMgA4ABMABAEAABX/AQABAAAKAAYABAAXABgACwACAQA=</t:BinaryExchange>
</t:RequestSecurityToken>
</s:Body>
</s:Envelope>
你會發現兩個問題:
- 沒有純文本WSSE憑據。 傳遞服務不使用的二進制形式的憑據。
- 身份驗證在
Body,而不是Header。 - 請求省略了
InputParameters。
這是必不可少的C#代碼:
var service = new ServiceWithBizarreNameFromPeoplesoft();
if (service.ClientCredentials == null)
throw new NullReferenceException();
service.ClientCredentials.UserName.UserName = "test";
service.ClientCredentials.UserName.Password = "password";
var binding = new WSHttpBinding(SecurityMode.TransportWithMessageCredential) {Security = new WSHttpSecurity()};
service.Endpoint.Binding = binding;
binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.None;
binding.Security.Message.ClientCredentialType = MessageCredentialType.UserName;
binding.Security.Mode = SecurityMode.Message;
var input = new InputParameters { Last_Name = "Cambre", First_Name = "Aren" };
var returnData = service.BizarrePeopleSoftNameForMethod(input);
沒有HTTP層安全性,傳輸是SSL加密的。 身份驗證僅基於SOAP消息。
2 個解決方案
解決方案1
10 已采納 2013-01-15 09:37:56
這是對WS-SecureConversation令牌的請求。 默認情況下, WSHttpSecurity使用它,除非您將EstablishSecurityContext屬性更改為false 。 請改用此綁定:
var binding = new BasicHttpBinding(BasicHttpSecurityMode.TransportWithMessageCredential);
binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.None;
binding.Security.Message.ClientCredentialType = BasicHttpMessageCredentialType.UserName;
它將使用帶有UserName令牌的SOAP 1.1,它將需要HTTPS傳輸。
編輯:
對於沒有HTTPS的測試,請嘗試使用此自定義綁定:
var securityElement = SecurityBindingElement.CreateUserNameOverTransportBindingElement();
securityElement.AllowInsecureTransport = true;
var encodingElement = new TextMessageEncodingBindingElement(MessageVersion.Soap11, Encoding.UTF8);
var transportElement = new HttpTransportBindingElement();
var binding = new CustomBinding(securityElement, encodingElement, transportElement);
解決方案2
-1 2013-01-15 04:02:59
這看起來像wsHttpBindings與傳輸安全使用基本用戶名密碼身份驗證。
這些行看起來不對我:
binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.None;
binding.Security.Message.ClientCredentialType = MessageCredentialType.UserName;
binding.Security.Mode = SecurityMode.Message;
以下是我希望在您的應用或web.config中看到此配置的方式
<bindings>
<wsHttpBinding>
<binding name="ws" >
<security mode="Transport">
<transport clientCredentialType="Basic" proxyCredentialType="Basic" />
</security>
</binding>
</wsHttpBinding>
</bindings>
<client>
<endpoint address="http://www.bla.com/webservice" binding="basicHttpBinding" contract="bla.IService" name="ws" />
</client>
然后代碼看起來像這樣:
var service = new GeneratedProxyClient("basic");
service.ClientCredentials.UserName.UserName = "test";
service.ClientCredentials.UserName.Password = "password";
var input = new InputParameters { Last_Name = "Cambre", First_Name = "Aren" };
var returnData = service.BizarrePeopleSoftNameForMethod(input);
可能會在這里更好地解釋 - > http://msdn.microsoft.com/en-us/library/ms733775.aspx
用於添加soap標頭的C#代碼wsse:Security,wsse:BinarySecurityToken,ds:Signature,wsse:UsernameToken,wsu:Timestamp
[英]C# code to add soap header wsse:Security, wsse:BinarySecurityToken,ds:Signature, wsse:UsernameToken,wsu:Timestamp
在 C# 中以編程方式創建 WCF 客戶端的標頭 (wsse) 部分
[英]Creating Headers (wsse) Section of WCF Client Programmatically in C#
在SOAP請求中使用自定義字段實現WSSE安全標頭時,C#運行時錯誤
[英]C# Runtime Error when implementing WSSE Security Headers with custom fields in SOAP request
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.
相關問題
如何在C#中使用Wsse Soap Service?
用於添加soap標頭的C#代碼wsse:Security,wsse:BinarySecurityToken,ds:Signature,wsse:UsernameToken,wsu:Timestamp
在 C# 中以編程方式創建 WCF 客戶端的標頭 (wsse) 部分
在SOAP請求中使用自定義字段實現WSSE安全標頭時,C#運行時錯誤
從WSSE安全標題C#ASMX / WCF服務中刪除時間戳記
在C#中格式化純文本
沒有WCF的C#SOAP服務
WCF C#中的驗證肥皂消息
WCF C#肥皂服務無法正確呈現
在C#控制台中使用Soap服務進行身份驗證
相關標簽