首先,我不得不说我是一个关于网络服务的菜鸟,这就是我寻求帮助的原因。 我需要使用WS-Security联系合作伙伴Web服务(使用Java编码)。他们给了我一个来自SoapUI的SOAP工作请求(见下文)。他们告诉我生成一个证书,用“发行人名称”和“序列号”签署每个请求。
<soapenv:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<ds:Signature Id="Signature-272" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<ds:Reference URI="#id-257">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<ds:DigestValue>36iYibFfBPkl3txny4y0c+ekpII=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>
[SIGNATURE_HERE]
</ds:SignatureValue>
<ds:KeyInfo Id="KeyId-47898F24E5D247647A1354811737556419">
<wsse:SecurityTokenReference wsu:Id="STRId-47898F24E5D247647A1354811737556420" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"><ds:X509Data>
<ds:X509IssuerSerial>
<ds:X509IssuerName>[ISSUER_NAME_HERE]</ds:X509IssuerName>
<ds:X509SerialNumber>[SERIAL_NUMBER_HERE]</ds:X509SerialNumber>
</ds:X509IssuerSerial>
</ds:X509Data>
</wsse:SecurityTokenReference>
</ds:KeyInfo>
</ds:Signature>
</wsse:Security>
我已经制作了证书和客户端WCF来使用这个Java服务。我知道WCF使用WS-Security和正确的绑定,事情是我完全不知道如何设置我的自定义绑定来发送类似的SOAP请求。
有人可以帮我吗?
我设法像这样签署了一个SOAP请求:
<s:Header>
<VsDebuggerCausalityData xmlns="http://schemas.microsoft.com/vstudio/diagnostics/servicemodelsink">uIDPo8UTBBd8ndRApttX6H4RJEMBAAAAvgx/52oS4EulUaoW1htOkwnWJIGb+3hDh/wIKsKPzp8ACQAA</VsDebuggerCausalityData>
<o:Security s:mustUnderstand="1" xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<o:BinarySecurityToken u:Id="uuid-02a3636d-6fcd-446c-9ded-5a9a8373e12c-2" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">
[TOKEN_HERE]
</o:BinarySecurityToken>
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
<SignedInfo>
<CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<Reference URI="#_1">
<Transforms>
<Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<DigestValue>G6+dynIq7UBMD0R2ft0CcKfW0vA=</DigestValue>
</Reference>
</SignedInfo>
<SignatureValue>
[SIGNATURE_HERE]
</SignatureValue>
<KeyInfo>
<o:SecurityTokenReference>
<o:Reference ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" URI="#uuid-02a3636d-6fcd-446c-9ded-5a9a8373e12c-2"/>
</o:SecurityTokenReference>
</KeyInfo>
</Signature>
</o:Security>
</s:Header>
但是SecurityTokenReference标记不匹配。 你知道我如何将IssuerName和SerialNumber参数添加到请求中吗?