我目前正在尝试连接到hmrc的api并在我的项目中设置了一个服务,现在正在创建要发送的消息。
我已经能够很好地创建邮件的正文部分,但我无法正确获取标题。这是一个消息应该是什么样子的例子:
<soap:Envelope
xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/03/addressing"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wsswssecurity-utility-1.0.xsd"
xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
<soap:Header>
<wsa:Action>http://schemas.xmlsoap.org/ws/2004/04/security/trust/RST/Issue</wsa:Action>
<wsa:MessageID>uuid:39610e5b-162b-4491-9301-85578046a583</wsa:MessageID>
<wsa:ReplyTo>
<wsa:Address>
http://schemas.xmlsoap.org/ws/2004/03/addressing/role/anonymous
</wsa:Address>
</wsa:ReplyTo>
<wsa:To>
http://www.gateway.gov.uk/soap/2007/02/sts
</wsa:To>
<wsse:Security>
<wsu:Timestamp wsu:Id="Timestamp-201ebb7a-d2f4-44d5-85e4-b8bb4c71ed54">
<wsu:Created>2012-04-13T16:18:11Z</wsu:Created>
<wsu:Expires>2012-04-13T16:23:11Z</wsu:Expires>
</wsu:Timestamp>
</wsse:Security>
</soap:Header>
<soap:Body>
<wst:RequestSecurityToken xmlns:wst="http://schemas.xmlsoap.org/ws/2004/04/trust">
<wst:TokenType>urn:GSO-SystemServices:external:1.65:gatewaytoken#GatewayToken</wst:TokenType>
<wst:RequestType>http://schemas.xmlsoap.org/ws/2004/04/security/trust/Issue</wst:RequestType>
<wst:Base>
<wsse:UsernameToken xmlns:wsu="http://docs.oasisopen.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="SecurityToken-94d12e0f-400b-4412-bde8-e03357eb0692">
<wsse:Username>513FDQ37JILL</wsse:Username>
<wsse:Password Type="http://docs.oasisopen.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">
NXJ3ynAa8Sy136aifThXJl8vLoE=
</wsse:Password>
<wsse:Nonce>4nJy2oD6xC79zatTHvuywg==</wsse:Nonce>
<wsu:Created>2007-02-01T11:03:10Z</wsu:Created>
</wsse:UsernameToken>
</wst:Base>
<wsp:AppliesTo xmlns:wsp="http://schemas.xmlsoap.org/ws/2002/12/policy">
<wsa:EndpointReference>
<wsa:Address>urn:GSO-SystemServices:external:1.65:GatewayWebServices</wsa:Address>
</wsa:EndpointReference>
</wsp:AppliesTo> Version 1.0 32 9 June 2008
<wst:Lifetime>
<wsu:Expires>2012-04-13T20:23:11Z</wsu:Expires>
</wst:Lifetime>
</wst:RequestSecurityToken>
</soap:Body>
</soap:Envelope>
主要问题是我无法显示安全元素。我目前一直在app.config文件中试玩各种类型的绑定,但我真的很擅长使用服务而且完全陷入困境。这是我当前的app.config:
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<configSections>
</configSections>
<system.serviceModel>
<bindings>
<customBinding>
<binding name="XmlTokenServiceBinding" >
<textMessageEncoding maxReadPoolSize="64" maxWritePoolSize="16"
messageVersion="Soap11WSAddressing10" writeEncoding="utf-8">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384" maxBytesPerRead="4096" maxNameTableCharCount="16384" />
</textMessageEncoding>
<security authenticationMode="SecureConversation" includeTimestamp="True" requireSecurityContextCancellation="false"
messageSecurityVersion="WSSecurity11WSTrust13WSSecureConversation13WSSecurityPolicy12BasicSecurityProfile10">
</security>
<httpsTransport manualAddressing="false" maxBufferPoolSize="524288"
maxReceivedMessageSize="65536" allowCookies="false" authenticationScheme="Anonymous"
bypassProxyOnLocal="false" decompressionEnabled="true" hostNameComparisonMode="StrongWildcard"
keepAliveEnabled="true" maxBufferSize="65536" proxyAuthenticationScheme="Anonymous"
realm="" transferMode="Buffered" unsafeConnectionNtlmAuthentication="false"
useDefaultWebProxy="true" requireClientCertificate="false" />
</binding>
</customBinding>
</bindings>
<behaviors>
<endpointBehaviors>
<behavior>
<clientVia viaUri="https://secure.gateway.gov.uk/soap/2007/02/sts/GatewayTokenService.ashx"/>
</behavior>
</endpointBehaviors>
</behaviors>
<client>
<endpoint address="https://secure.gateway.gov.uk/soap/2007/02/sts/GatewayTokenService.ashx"
binding="customBinding" bindingConfiguration="XmlTokenServiceBinding"
contract="ServiceReference1.XmlTokenServicePortType" name="XmlTokenServicePort" />
</client>
</system.serviceModel>
编辑:呼叫服务的评论中所要求的代码:
TokenService.RequestSecurityToken request = CreateTokenRequest();
TokenService.XmlTokenServicePortTypeClient client = new TokenService.XmlTokenServicePortTypeClient();
TokenService.RequestSecurityTokenResponseType response = client.RequestSecurityTokenRequest(request);
此处还有通过fiddler的请求消息:
<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" xmlns:a="http://www.w3.org/2005/08/addressing">
<s:Header>
<a:Action s:mustUnderstand="1">http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue</a:Action>
<a:MessageID>urn:uuid:0f43afa7-c22c-400b-87b2-c9b76bd0abdd</a:MessageID>
<a:ReplyTo>
<a:Address>http://www.w3.org/2005/08/addressing/anonymous</a:Address>
</a:ReplyTo>
<a:To s:mustUnderstand="1">https://secure.gateway.gov.uk/soap/2007/02/sts/GatewayTokenService.ashx</a:To>
</s:Header>
<s:Body>
<t:RequestSecurityToken Context="uuid-829d42ad-a560-44aa-9be8-95c212d82762-1" xmlns:t="http://schemas.xmlsoap.org/ws/2005/02/trust">
<t:TokenType>http://schemas.xmlsoap.org/ws/2005/02/sc/sct</t:TokenType>
<t:RequestType>http://schemas.xmlsoap.org/ws/2005/02/trust/Issue</t:RequestType>
<t:KeySize>256</t:KeySize>
<t:BinaryExchange ValueType="http://schemas.xmlsoap.org/ws/2005/02/trust/spnego" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">YIGeBgYrBgEFBQKggZMwgZCgGjAYBgorBgEEAYI3AgIeBgorBgEEAYI3AgIKonIEcE5FR09FWFRTAAAAAAAAAABgAAAAcAAAABOP7thI+QdbUguCiBDWyeqYiLGof7AdxPVl4cuUPGbTiMyHDzMox/EGGxas/mzB/AAAAAAAAAAAYAAAAAEAAAAAAAAAAAAAAEVyfDIyRYtIv9kqa6BepAo=</t:BinaryExchange>
</t:RequestSecurityToken>
</s:Body>
</s:Envelope>
答案 0 :(得分:0)
您是否有任何其他服务安全配置规范?看起来它不仅需要一条消息,还需要多条消息交换(ws-trust)。此示例消息使用ws-addressing版本2004/03,wcf不直接支持。所有这些在您的情况下可能是也可能不是问题(也许您只是直接使用STS)
要回答您的直接问题 - 您的设置应该发出一些安全标头。为什么你认为它没有? WCF日志将不显示安全性(除非配置为在传输级别进行日志记录)。使用提琴手看看电线上究竟发生了什么。