通过WCF客户端联系基于Java ws-security的Web服务

时间:2012-12-13 10:43:44

标签: wcf interop ws-security

首先,我不得不说我是一个关于网络服务的菜鸟,这就是我寻求帮助的原因。 我需要使用WS-Security联系合作伙伴Web服务(使用Java编码)。他们给了我一个来自SoapUI的SOAP工作请求(见下文)。他们告诉我生成一个证书,用“发行人名称”和“序列号”签署每个请求。

<soapenv:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
    <ds:Signature Id="Signature-272" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
        <ds:SignedInfo>
            <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
            <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
            <ds:Reference URI="#id-257">
                <ds:Transforms>
                    <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                </ds:Transforms>
                <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
                <ds:DigestValue>36iYibFfBPkl3txny4y0c+ekpII=</ds:DigestValue>
            </ds:Reference>
        </ds:SignedInfo>
        <ds:SignatureValue>
        [SIGNATURE_HERE]
        </ds:SignatureValue>
        <ds:KeyInfo Id="KeyId-47898F24E5D247647A1354811737556419">
            <wsse:SecurityTokenReference wsu:Id="STRId-47898F24E5D247647A1354811737556420" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"><ds:X509Data>
                <ds:X509IssuerSerial>
                    <ds:X509IssuerName>[ISSUER_NAME_HERE]</ds:X509IssuerName>
                    <ds:X509SerialNumber>[SERIAL_NUMBER_HERE]</ds:X509SerialNumber>
                </ds:X509IssuerSerial>
                </ds:X509Data>
            </wsse:SecurityTokenReference>
        </ds:KeyInfo>
    </ds:Signature>
</wsse:Security>

我已经制作了证书和客户端WCF来使用这个Java服务。我知道WCF使用WS-Security和正确的绑定,事情是我完全不知道如何设置我的自定义绑定来发送类似的SOAP请求。

有人可以帮我吗?

我设法像这样签署了一个SOAP请求:

<s:Header>
        <VsDebuggerCausalityData xmlns="http://schemas.microsoft.com/vstudio/diagnostics/servicemodelsink">uIDPo8UTBBd8ndRApttX6H4RJEMBAAAAvgx/52oS4EulUaoW1htOkwnWJIGb+3hDh/wIKsKPzp8ACQAA</VsDebuggerCausalityData>
        <o:Security s:mustUnderstand="1" xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
            <o:BinarySecurityToken u:Id="uuid-02a3636d-6fcd-446c-9ded-5a9a8373e12c-2" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">
                [TOKEN_HERE]
            </o:BinarySecurityToken>
            <Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
                <SignedInfo>
                    <CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                    <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
                    <Reference URI="#_1">
                        <Transforms>
                            <Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                        </Transforms>
                        <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
                            <DigestValue>G6+dynIq7UBMD0R2ft0CcKfW0vA=</DigestValue>
                    </Reference>
                </SignedInfo>
                <SignatureValue>
                    [SIGNATURE_HERE]
                </SignatureValue>
                <KeyInfo>
                    <o:SecurityTokenReference>
                        <o:Reference ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" URI="#uuid-02a3636d-6fcd-446c-9ded-5a9a8373e12c-2"/>
                    </o:SecurityTokenReference>
                </KeyInfo>
            </Signature>
        </o:Security>
    </s:Header>

但是SecurityTokenReference标记不匹配。 你知道我如何将IssuerName和SerialNumber参数添加到请求中吗?

0 个答案:

没有答案