我有一个签署邮件正文的客户。
班级结构是:
[System.ServiceModel.MessageContractAttribute(WrapperName = "simpleEncryptInput", WrapperNamespace = "http://xxx/2013/06/schemas/simple", IsWrapped = true, ProtectionLevel = System.Net.Security.ProtectionLevel.Sign)]
public partial class SimpleEncryptOperationRequest {
[System.ServiceModel.MessageHeaderAttribute(Namespace = "http://xxx/eip/2013/07/schemas/business", ProtectionLevel = System.Net.Security.ProtectionLevel.None)]
public TestFirmando2.ServiceReference1.BusinessHeader businessHeader;
[System.ServiceModel.MessageHeaderAttribute(Namespace = "http://xxx/eip/2013/08/schemas/technical", ProtectionLevel = System.Net.Security.ProtectionLevel.None)]
public TestFirmando2.ServiceReference1.TechnicalHeader technicalHeader;
[System.ServiceModel.MessageBodyMemberAttribute(Namespace = "http://xxx/2013/06/schemas/simple", Order = 0, ProtectionLevel = System.Net.Security.ProtectionLevel.Sign)]
public string @in;
public SimpleEncryptOperationRequest() {
}
public SimpleEncryptOperationRequest(TestFirmando2.ServiceReference1.BusinessHeader businessHeader, TestFirmando2.ServiceReference1.TechnicalHeader technicalHeader, string @in) {
this.businessHeader = businessHeader;
this.technicalHeader = technicalHeader;
this.@in = @in;
}
}
在app.config文件中,我使用customBinding元素,如下所示:
<system.serviceModel>
<bindings>
<customBinding>
<binding name="customSecurity">
<textMessageEncoding messageVersion="Soap11" />
<security authenticationMode="MutualCertificate" requireDerivedKeys="false" includeTimestamp="true" keyEntropyMode="ClientEntropy" messageProtectionOrder="SignBeforeEncrypt" messageSecurityVersion="WSSecurity10WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10" requireSecurityContextCancellation="false" requireSignatureConfirmation="false">
<secureConversationBootstrap />
</security>
<httpTransport />
</binding>
</customBinding>
</bindings>
<client>
<endpoint address="http://localhost:5521/ws/SPAIF_Test1_POC_SOA_vs1" binding="customBinding" bindingConfiguration="customSecurity" contract="ServiceReference1.SimpleService" name="SPAIF_Test1_POC_SOA_vs1soaphttp" behaviorConfiguration="AxaWCFBehaviourX509">
<identity>
<dns value="partner1" />
</identity>
</endpoint>
</client>
<behaviors>
<endpointBehaviors>
<behavior name="AxaWCFBehaviourX509">
<clientCredentials>
<clientCertificate findValue="partner1" x509FindType="FindBySubjectName" storeLocation="CurrentUser" storeName="TrustedPublisher" />
<serviceCertificate>
<defaultCertificate findValue="partner1" x509FindType="FindBySubjectName" storeLocation="CurrentUser" storeName="TrustedPublisher" />
<authentication certificateValidationMode="None" revocationMode="NoCheck" trustedStoreLocation="LocalMachine" />
</serviceCertificate>
</clientCredentials>
</behavior>
</endpointBehaviors>
</behaviors>
使用此配置,正文消息已签名,服务器处理成功。当服务器响应并且WCF客户端代理处理响应异常时:
The businessHeader', 'http://xxx/eip/2013/07/schemas/business', required message part was not signed.
我看到响应消息并且正文已签名但没有标题,我没有将应用程序配置为对此标头进行签名,我无法看到需要此标头的任何位置。
为什么代理会抛出异常?为什么要说标题必须签名?
非常感谢