我正在尝试使用WCF / C#客户端使用soap webservice。
服务器的wsdl在其wsdl文件中定义了它的安全策略,如下所示:
<wsp:Policy wsu:Id="BindingSecPolicy">
<wsp:ExactlyOne>
<wsp:All>
<sp:AsymmetricBinding>
...
此策略在绑定定义中引用。
现在我正在尝试在WCF中设置可以与此服务通信的客户端。我创建了一个新的.NET 4.5控制台应用程序,添加了一个服务引用,让visual studio自动生成我的服务类。
这就是我试图调用我的服务的方式。
WSDualHttpBinding binding = new WSDualHttpBinding();
binding.Security.Mode = WSDualHttpSecurityMode.None;
binding.Security.Message.ClientCredentialType = MessageCredentialType.None;
binding.Security.Message.NegotiateServiceCredential = false;
binding.ClientBaseAddress = new Uri("http://localhost:5555");
EndpointAddress address = new EndpointAddress("http://localhost:9080/CustomerServicePort");
CustomerServiceClient client = new CustomerServiceClient(binding, address);
foreach (customer c in client.getCustomersByName("foo")) {
Console.WriteLine(c);
}
client.Close();
Console.ReadKey();
我使用双重绑定的原因是wsdl还将WS-RM定义为要求。我知道我目前没有指定任何证书,所以这个设置不能真正起作用。 当我运行此代码时,我得到一个例外,说明该策略不受支持:
Warning 1 Custom tool warning: Cannot import wsdl:binding
Detail: An exception was thrown in a call to a policy import extension.
Extension: System.ServiceModel.Channels.SecurityBindingElementImporter
Error: An unsupported security policy assertion was detected during the security policy import: <sp:AsymmetricBinding xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
<wsp:Policy xmlns:wsp="http://www.w3.org/ns/ws-policy">
<sp:InitiatorToken>
<wsp:Policy>
<sp:X509Token sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient">
<wsp:Policy>
<sp:RequireThumbprintReference />
<sp:WssX509V3Token10 />
</wsp:Policy>
</sp:X509Token>
</wsp:Policy>
</sp:InitiatorToken>
<sp:RecipientToken>
<wsp:Policy>
<sp:X509Token sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/I...
XPath to Error Source: //wsdl:definitions[@targetNamespace='http://customerservice.example.com']/wsdl:binding[@name='CustomerServiceServiceSoapBinding'] C:\projects\cxf-samples\wsrm-client-csharp\ConsoleApplication1\ConsoleApplication1\Service References\CustomerService\Reference.svcmap 1 1 b2bclientcsharp
在实际检查我是否提供证书以及所有这些之前,这种情况正在发生,所以我还没有打扰它。根据Microsofts文档,支持WS-SecurityPolicy 1.2,它们甚至提供了一个示例策略,该策略与服务定义的策略非常相似。
请参阅http://msdn.microsoft.com/en-us/library/aa738565.aspx并搜索“使用X.509证书进行服务身份验证”。
我在这里做错了什么一般的想法?
干杯, 安迪