我正在尝试使用WCF连接到Java Web服务。 我无法控制Web服务。 试过肥皂用户界面 这是SOAP UI上的工作传出请求
<s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope"
xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<s:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:UsernameToken u:Id="UsernameToken-5"><wsse:Username>Charlie</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">Cardon1127</wsse:Password>
<wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">2u6oHBCYoXG15hZdvwbbBQ==</wsse:Nonce>
<u:Created>2013-12-04T17:12:09.884Z</u:Created></wsse:UsernameToken></wsse:Security>
</s:Header>
<s:Body xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<COREEnvelopeRealTimeRequest xmlns="http://www.caqh.org/SOAP/WSDL/CORERule2.2.0.xsd"><PayloadType xmlns="">X12_270_Request_005010X279A1
</PayloadType><ProcessingMode xmlns="">RealTime</ProcessingMode><PayloadID xmlns="">25f6a623-e53a-4263-8310-869666576380</PayloadID>
<TimeStamp xmlns="">2013-12-04T05:00:22Z</TimeStamp><SenderID xmlns="">Charlie</SenderID><ReceiverID xmlns="">431754897</ReceiverID>
<CORERuleVersion xmlns="">2.2.0</CORERuleVersion><Payload xmlns="">My Payload</Payload></COREEnvelopeRealTimeRequest></s:Body></s:Envelope>
WCF客户端
<s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope"
xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<s:Header>
<o:Security s:mustUnderstand="1"
xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<o:UsernameToken u:Id="uuid-2d5afa3f-b6c4-44f4-bbc3-072ede1b3469-5"
xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<o:Username>Charlie</o:Username>
<o:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">Cardon1127</o:Password>
<o:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">ODwd
dPUEK5FwBLM4RCgmWY8jWmM=</o:Nonce>
<u:Created>2013-12-04T11:10:26.349Z</u:Created></o:UsernameToken>
</o:Security>
</s:Header>
<s:Body xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<COREEnvelopeRealTimeRequest xmlns="http://www.caqh.org/SOAP/WSDL/CORERule2.2.0.xsd">
<PayloadType xmlns="">X12_270_Request_005010X279A1</PayloadType><ProcessingMode xmlns="">RealTime</ProcessingMode>
<PayloadID xmlns="">8b967b05-7c1d-40e4-b066-4f58ddb27924</PayloadID><TimeStamp xmlns="">2013-12-04T05:10:22Z</TimeStamp>
<SenderID xmlns="">Charlie</SenderID><ReceiverID xmlns="">431754897</ReceiverID><CORERuleVersion xmlns="">2.2.0</CORERuleVersion>
<Payload xmlns="">My Payload</Payload></COREEnvelopeRealTimeRequest></s:Body></s:Envelope>
这就是我生成nonce的方法(WriteTokenCore) WCF: Adding Nonce to UsernameToken 使用.Net客户端的请求会出错:
security.wssecurity.WSSContextImpl.s02: com.ibm.websphere.security.WSSecurityException: Exception org.apache.axis2.AxisFault: CWWSS6521E: The Login failed because of an exception: javax.security.auth.login.LoginException: CWWSS5193E:
The nonce, which is a randomly generated value, has expired. ocurred while running action:
com.ibm.ws.wssecurity.handler.WSSecurityConsumerHandler$1@47098188
谢谢
答案 0 :(得分:1)
消息可能花费的时间太长,或者客户端和服务器之间可能存在时间同步问题。
确保客户端和服务器的日期,时间和时区同步。如果它们都是同步的,则需要确定消息为何需要很长时间才能到达
答案 1 :(得分:0)
根据oasis-200401-wss-username-token-profile v1.0(第173行,第9页)
如果您的密码类型为PasswordText ,则不应发送PasswordText(默认)
用户名,密码哈希或派生的实际密码 密码或S / KEY。在散列密码时应使用此类型 使用不依赖于随机数或创建时间的等价物,或 当使用SHA1以外的摘要算法时
Nonce和Created,否则SOAP服务器将拒绝该请求。
如果您需要发送一个nonce并创建,您将使用“nonce”和“created”上的相同值计算Password的摘要,nonce可以是任意随机文本,您可以使用Guid生成它或Random仅限未创建(第113行,第8页)
Password_Digest = Base64 ( SHA-1 ( nonce + created + password ) )
并设置密码类型“#PasswordDigest”
所有这些都取决于您的Web服务规范,如果密码需要清除,则不发送nonce并创建,如果需要消化,那么您将计算它,您将发送nonce并创建。