问题:我不确定是否需要自定义绑定或wshttpsbinding 这是我的web.config
<bindings>
<!--<wsHttpBinding>
<binding name="EBinding">
<security mode="Transport" authenticationMode="SecureConversation" requireSecurityContextCancellation="true">
<message clientCredentialType="IssuedToken"/>
--><!--Specifies the character encoding and message versioning used for text-based XML messages.--><!--
<textMessageEncoding messageVersion="Soap11"/>
<httpTransport/>
</security>
</binding>
</wsHttpBinding>-->
<customBinding>
<binding name="MHService_MHSPort">
<!-- WsdlImporter encountered unrecognized policy assertions in ServiceDescription 'http://org/emedny/mhs/': -->
<!-- <wsdl:binding name='MHS'> -->
<!-- <dpe:summary xmlns:dpe="http://www.datapower.com/extensions">..</dpe:summary> -->
<!-- <sp:SupportingTokens xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">..</sp:SupportingTokens> -->
<security mode="Transport" authenticationMode="SecureConversation" requireSecurityContextCancellation="true">
<message clientCredentialType="IssuedToken"/>
<!--Specifies the character encoding and message versioning used for text-based XML messages.-->
<textMessageEncoding messageVersion="Soap11"/>
</security>
<!--Specifies the character encoding and message versioning used for text-based XML messages.-->
<textMessageEncoding messageVersion="Soap11"/>
<httpTransport/>
</binding>
</customBinding>
</bindings>
<client>
<endpoint address="https://12.23.28.113:9047/MHService"
binding="MHService_MHSPort" bindingConfiguration="MHService_MHSPort" contract="ProxyGeneration.MHS" name="MHSPort" />
</client>
<behaviors>
<endpointBehaviors>
<behavior name="CustomBehaviorConfiguration">
<clientCredentials>
<clientCertificate findValue="LMWARD" x509FindType="FindBySubjectName" storeLocation="CurrentUser" storeName="My"/>
<serviceCertificate>
<authentication revocationMode="NoCheck" certificateValidationMode="None"/>
</serviceCertificate>
</clientCredentials>
</behavior>
</endpointBehaviors>
</behaviors>
这是我的wsdl
<wsdl:definitions xmlns:wsp200607="http://www.w3.org/2006/07/ws-policy" xmlns:soap12="http://schemas.xmlsoap.org/wsdl/soap12/" xmlns:wsp="http://www.w3.org/ns/ws-policy" xmlns:mime="http://schemas.xmlsoap.org/wsdl/mime/" xmlns:ns0="http://org/emedny/mhs/" xmlns:wsp200409="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns:http="http://schemas.xmlsoap.org/wsdl/http/" xmlns:soap11="http://schemas.xmlsoap.org/wsdl/soap/" targetNamespace="http://org/emedny/mhs/" xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/">
<wsp:Policy wsu:Id="policy0" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsp:ExactlyOne>
<wsp:All>
<sp:AsymmetricBinding xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
<wsp:Policy>
<wsp:ExactlyOne>
<wsp:All>
<sp:InitiatorToken>
<wsp:Policy>
<wsp:ExactlyOne>
<wsp:All>
<sp:X509Token>
<wsp:Policy>
<wsp:ExactlyOne>
<wsp:All>
<sp:WssX509V3Token11 />
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
</sp:X509Token>
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
</sp:InitiatorToken>
<sp:RecipientToken>
<wsp:Policy>
<wsp:ExactlyOne>
<wsp:All>
<sp:X509Token>
<wsp:Policy>
<wsp:ExactlyOne>
<wsp:All>
<sp:WssX509V3Token11 />
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
</sp:X509Token>
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
</sp:RecipientToken>
<sp:AlgorithmSuite>
<wsp:Policy>
<wsp:ExactlyOne>
<wsp:All>
<sp:TripleDesRsa15 />
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
</sp:AlgorithmSuite>
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
</sp:AsymmetricBinding>
<sp:SignedParts xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
<sp:Body />
</sp:SignedParts>
<sp:EncryptedParts xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
<sp:Body />
</sp:EncryptedParts>
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
<wsp:Policy wsu:Id="policy1" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsp:ExactlyOne>
<wsp:All>
<dpe:summary xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:dpe="http://www.datapower.com/extensions">
<dppolicy:domain xmlns:dppolicy="http://www.datapower.com/policy">
http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702
</dppolicy:domain>
<description>
Implements WS Security Policy 1.2 - UsernameToken 1.0 support
</description>
</dpe:summary>
<sp:SupportingTokens xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
<wsp:Policy>
<wsp:ExactlyOne>
<wsp:All>
<sp:UsernameToken sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient">
<wsp:Policy>
<wsp:ExactlyOne>
<wsp:All>
<sp:WssUsernameToken10 />
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
</sp:UsernameToken>
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
</sp:SupportingTokens>
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
<wsdl:types xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<xsd:schema>
<xsd:import schemaLocation="MHService.xsd1.xsd" namespace="http://org/emedny/mhs/" />
</xsd:schema>
</wsdl:types>
<wsdl:message name="getCCDResponse">
<wsdl:part xmlns:xsns="http://org/emedny/mhs/" name="parameters" element="xsns:getCCDResponse" />
</wsdl:message>
<wsdl:message name="getEligibilityRequest">
<wsdl:part xmlns:xsns="http://org/emedny/mhs/" name="parameters" element="xsns:getEligibility" />
</wsdl:message>
<wsdl:message name="getEligibilityResponse">
<wsdl:part xmlns:xsns="http://org/emedny/mhs/" name="parameters" element="xsns:getEligibilityResponse" />
</wsdl:message>
<wsdl:message name="getNCPDPHistoryRequest">
<wsdl:part xmlns:xsns="http://org/emedny/mhs/" name="parameters" element="xsns:getNCPDPHistory" />
</wsdl:message>
<wsdl:message name="getNCPDPHistoryResponse">
<wsdl:part xmlns:xsns="http://org/emedny/mhs/" name="parameters" element="xsns:getNCPDPHistoryResponse" />
</wsdl:message>
<wsdl:message name="getPDQRequest">
<wsdl:part xmlns:xsns="http://org/emedny/mhs/" name="parameters" element="xsns:getPDQRequest" />
</wsdl:message>
<wsdl:message name="MHSFault">
<wsdl:part xmlns:xsns="http://org/emedny/mhs/" name="parameters" element="xsns:Fault" />
</wsdl:message>
<wsdl:portType name="MHS">
<wsdl:operation name="getCCD">
<wsdl:input name="getPDQRequest" message="ns0:getPDQRequest" />
<wsdl:output name="getCCDResponse" message="ns0:getCCDResponse" />
<wsdl:fault name="MHSFault" message="ns0:MHSFault" />
</wsdl:operation>
<wsdl:operation name="getEligibility">
<wsdl:input name="getEligibilityRequest" message="ns0:getEligibilityRequest" />
<wsdl:output name="getEligibilityResponse" message="ns0:getEligibilityResponse" />
<wsdl:fault name="MHSFault" message="ns0:MHSFault" />
</wsdl:operation>
<wsdl:operation name="getNCPDPHistory">
<wsdl:input name="getNCPDPHistoryRequest" message="ns0:getNCPDPHistoryRequest" />
<wsdl:output name="getNCPDPHistoryResponse" message="ns0:getNCPDPHistoryResponse" />
<wsdl:fault name="MHSFault" message="ns0:MHSFault" />
</wsdl:operation>
</wsdl:portType>
<wsdl:binding name="MHS" type="ns0:MHS">
<soap11:binding transport="http://schemas.xmlsoap.org/soap/http" />
<wsdl:operation name="getCCD">
<soap11:operation soapAction="" style="document" />
<wsdl:input name="getPDQRequest">
<soap11:body use="literal" />
</wsdl:input>
<wsdl:output name="getCCDResponse">
<soap11:body use="literal" />
</wsdl:output>
<wsdl:fault name="MHSFault">
<soap11:fault use="literal" name="MHSFault" namespace="" />
</wsdl:fault>
</wsdl:operation>
<wsdl:operation name="getEligibility">
<soap11:operation soapAction="" style="document" />
我没有任何类型的SOAp标头可以在我的代理类中使用。我缺少web.config的ws-security的安全头。 这就是示例soap请求标头的样子
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:mhs="http://org/emedny/mhs/" xmlns:urn="urn:hl7-org:v3">
<soapenv:Header>
<wsse:Security soap:mustUnderstand="1" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:BinarySecurityToken ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="SecurityToken-e00c8062-83d2-4f04-88fc-996218e7bb3d">MIICeDCC....(eMedNY signed user MLS cert).......</wsse:BinarySecurityToken>
<wsse:BinarySecurityToken ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="SecurityToken-c0cc2cd4-cb77-4fa5-abfa-bd485afd1685">MIIDFj.....( eMedNY MLS web-service end-point public cert)........</wsse:BinarySecurityToken>
<wsse:UsernameToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="SecurityToken-970e9a80-00cc-4c86-8ec4-3ba16e029a5b">
<wsse:Username>....your_username.....</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">.....your_plaintext_password....</wsse:Password>
<wsse:Nonce>KNyu6MsXCkTg4DDyvwvEiw==</wsse:Nonce>
<wsu:Created>2010-09-15T18:00:30Z</wsu:Created>
</wsse:UsernameToken>
<xenc:EncryptedKey xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
<xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/>
<KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
<wsse:SecurityTokenReference>
<wsse:Reference URI="#SecurityToken-c0cc2cd4-cb77-4fa5-abfa-bd485afd1685" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"/>
</wsse:SecurityTokenReference>
</KeyInfo>
<xenc:CipherData>
<xenc:CipherValue>gpBAWt91pdwhKva............</xenc:CipherValue>
</xenc:CipherData>
<xenc:ReferenceList>
<xenc:DataReference URI="#Enc-0641b860-b16d-4941-91c0-d60bece67794"/>
</xenc:ReferenceList>
</xenc:EncryptedKey>
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
<SignedInfo>
我正在使用wcf来执行此操作。我如何实际生成soap xml。我不想硬编码所有这些..虽然我开始这样做。 `soapXML =“http://schemas.xmlsoap.org/soap/envelope/ \”xmlns:mhs = \“http:// org / emedny / mhs / \”xmlns:urn = \“urn:hl7-org: v3 \“&gt;”; soapXML + =“\ n”;
// Add security block for X.509 certificate
soapXML = "<wsse:Security soap:mustUnderstand=\"1\" xmlns:soap=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:wsse=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd\">";
soapXML += "<wsse:BinarySecurityToken ValueType=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3";
soapXML += "EncodingType=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary\" xmlns:wsu=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
`
即使我这样做,我将如何生成这些安全性和二进制令牌。这个请求使用了ws-security ..我正在研究和阅读它,据我所知。
谢谢 用户