WCF:CustomBinding会混淆端点

时间:2010-07-16 10:31:07

标签: c# wcf security endpoint

我正在使用CustomBinding来启用Soap 1.1(端点不支持1.2)+ Addressing 1.0。端点仅可通过SSL使用,并可在某种Java / Weblogic平台上运行。

这是我的配置:

<customBinding>
    <binding name="Soap11Addr10">
        <textMessageEncoding messageVersion="Soap11WSAddressing10" />
        <httpsTransport/>
    </binding>
</customBinding>

[...] 

<endpoint address="https://sekrit:444/more-sekrits/even-more"
    binding="customBinding" bindingConfiguration="Soap11Addr10"
    contract="SomePort" name="SomePortService" />

此配置似乎会混淆端点。当我对SomePort执行请求时,WCF首先发送RequestSecurityTokenResponse消息,我认为这可能是不幸的。以下是RSTR包络的痕迹:

<s:Envelope xmlns:a="http://www.w3.org/2005/08/addressing" xmlns:s="http://www.w3.org/2003/05/soap-envelope">
  <s:Header>
    <a:Action s:mustUnderstand="1">http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/Issue</a:Action>
    <a:RelatesTo>urn:uuid:7348d908-b767-43e8-9770-09a38461ee87</a:RelatesTo>
  </s:Header>
  <s:Body>
    <t:RequestSecurityTokenResponse Context="uuid-7a3c9fde-053d-46e7-aa08-f5725b082691-287" xmlns:t="http://schemas.xmlsoap.org/ws/2005/02/trust" xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
      <t:BinaryExchange ValueType="http://schemas.xmlsoap.org/ws/2005/02/trust/spnego" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">TlRMTVNTUAACAAAAEAAQADgAAAA1wpriPjzjL4iwIJhAmcsBAAAAAGAAYABIAAAABgByFwAAAA9TAEsATwBHAEsAQQBUAFQAAgAQAFMASwBPAEcASwBBAFQAVAABABAAUwBLAE8ARwBLAEEAVABUAAQAEABTAGsAbwBnAGsAYQB0AHQAAwAQAFMAawBvAGcAawBhAHQAdAAHAAgAj73D884kywEAAAAA</t:BinaryExchange>
    </t:RequestSecurityTokenResponse>
  </s:Body>
</s:Envelope>

端点barfs:

<env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/">
  <env:Header></env:Header>
  <env:Body>
    <env:Fault xmlns:ns0="http://schemas.xmlsoap.org/soap/envelope/">
      <faultcode xmlns="">ns0:MustUnderstand</faultcode>
      <faultstring xml:lang="en" xmlns="">One or more mandatory SOAP header blocks not understood</faultstring>
    </env:Fault>
  </env:Body>
</env:Envelope>

是否可以停止发送初始RSTR?

我可以根据要求提供更多的跟踪和日志数据。

1 个答案:

答案 0 :(得分:0)

在不了解目标服务的情况下,很难说它的期望是什么,但我猜想WCF正在使用消息安全性,这意味着每条消息都是单独加密的。您可能只想要传输级安全性(即https)。

您可以尝试在绑定配置中设置<security mode="Transport" />

相关问题
最新问题