使用WCF使用SOAP服务 - 需要加密标头

时间:2014-08-08 20:12:48

标签: java c# web-services wcf soap

我正在编写.NET 4.5 MVC应用程序并添加了服务参考。我正在尝试使用Java Web服务,其中请求需要如下:

<soap:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
     <xenc:EncryptedKey Id="EK-DC1CFFE24489AA1D8D1384341997399115" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
        <xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/>
        <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
           <wsse:SecurityTokenReference>
              <ds:X509Data>
                 <ds:X509IssuerSerial>
                    <ds:X509IssuerName />
                    <ds:X509SerialNumber />
                 </ds:X509IssuerSerial>
              </ds:X509Data>
           </wsse:SecurityTokenReference>
        </ds:KeyInfo>
        <xenc:CipherData>
           <xenc:CipherValue />
        </xenc:CipherData>
        <xenc:ReferenceList>
           <xenc:DataReference URI="#ED-345"/>
        </xenc:ReferenceList>
     </xenc:EncryptedKey>
     <wsu:Timestamp wsu:Id="TS-344">
        <wsu:Created>2013-11-13T11:26:37.398Z</wsu:Created>
        <wsu:Expires>2014-11-13T11:31:37.398Z</wsu:Expires>
     </wsu:Timestamp>
     <wsse:UsernameToken wsu:Id="UsernameToken-343">
        <wsse:Username />
        <xenc:EncryptedData Id="ED-345" Type="http://www.w3.org/2001/04/xmlenc#Element" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
           <xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
           <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
              <wsse:SecurityTokenReference wsse11:TokenType="http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKey" xmlns:wsse11="http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd">
                 <wsse:Reference URI="#EK-DC1CFFE24489AA1D8D1384341997399115"/>
              </wsse:SecurityTokenReference>
           </ds:KeyInfo>
           <xenc:CipherData>
              <xenc:CipherValue />
           </xenc:CipherData>
        </xenc:EncryptedData>
     </wsse:UsernameToken>
  </wsse:Security>

此服务还使用X.509证书通过HTTPS传输安全性。我能够连接到服务并以纯文本(在usernametoken元素中)发送用户名和密码。是否有办法调整端点配置以加密请求中的密码?

我目前的配置:

<system.serviceModel>
<behaviors>
      <endpointBehaviors>
        <behavior name="endpointCredentialBehavior">
          <clientCredentials>
            <clientCertificate findValue="XXX.COM"
                               storeLocation="LocalMachine"
                               storeName="Root"
                               x509FindType="FindBySubjectName" />
          </clientCredentials>
        </behavior>
      </endpointBehaviors>
    </behaviors>
    <bindings>
      <wsHttpBinding>
        <binding name="Binding1">
          <security mode="TransportWithMessageCredential">
            <transport clientCredentialType="Certificate"/>
            <message clientCredentialType="UserName" negotiateServiceCredential="true"
                  establishSecurityContext="true"
                  algorithmSuite="Basic128Rsa15" />
          </security>
        </binding>
      </wsHttpBinding>
    </bindings>
    <client>
      <endpoint address="https://secure.com/java/service"
        binding="wsHttpBinding" bindingConfiguration="Binding1" behaviorConfiguration="endpointCredentialBehavior"
        contract="NS.WCF.PPPortType" name="PPPort" />
    </client>
  </system.serviceModel>

0 个答案:

没有答案
相关问题
最新问题