我尝试使用安全标头创建一个Soap请求,如下所示:
<soapenv:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:UsernameToken>
<wsse:Username>SomeUserName</wsse:Username>
<wsse:Password>SomePassword</wsse:Password>
</wsse:UsernameToken>
<wsse:BinarySecurityToken EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3">MII...SomeTokenString...
</wsse:BinarySecurityToken>
</wsse:Security>
</soapenv:Header>
这是我尝试过的,但这会导致UsernameToken和BinarySecurityToken为空。
App.config中:
<bindings>
<basicHttpBinding>
<binding name="myBasicHttpBinding">
<security mode="Transport">
<transport clientCredentialType ="Certificate" proxyCredentialType="None" realm="" />
<message clientCredentialType="UserName" algorithmSuite="Default" />
</security>
</binding>
</basicHttpBinding>
</bindings>
<behaviors>
<endpointBehaviors>
<behavior name="myBehavior">
<clientCredentials>
<clientCertificate findValue="67...thumbprint...4b" x509FindType ="FindByThumbprint" storeLocation="LocalMachine" storeName="TrustedPeople"/>
</clientCredentials>
</behavior>
</endpointBehaviors>
</behaviors>
<client>
<endpoint address="https://name.myserver.com/myservice/v1" binding="basicHttpBinding" bindingConfiguration="myBasicHttpBinding" behaviorConfiguration="myBehavior"
contract="ServiceReferenceMyService.MyService" name="MyServiceEP">
<identity>
<dns value ="CertName" />
</identity>
</endpoint>
</client>
C#代码:
UsernameToken usernameToken = new UsernameToken("SomeUserName", "SomePassword", PasswordOption.SendPlainText);
var cert = new X509Certificate2("D:\\CertName.pfx", "SomePassword");
var export = cert.Export(X509ContentType.Cert, "SomePassword");
var base64 = Convert.ToBase64String(export);
X509SecurityToken securityToken = new X509SecurityToken(cert);
SecurityHeaderType securityHeaderType = new SecurityHeaderType();
securityHeaderType.Any = new System.Xml.XmlElement[2];
securityHeaderType.Any[0] = usernameToken.GetXml(new System.Xml.XmlDocument());
securityHeaderType.Any[1] = securityToken.GetXml(new System.Xml.XmlDocument());
ChannelFactory<MyService> channelFactory = new ChannelFactory<MyService>("MyServiceEP");
MyService client = channelFactory.CreateChannel();
GetProductDataRequestResponse responseData = client.GetProductData(new GetProductDataRequestRequest(securityHeaderType, serviceContext, requestData));
((IChannel)client).Close();
channelFactory.Close();
请忽略两个对象serviceContext和requestData -
serviceContext是一个自定义类,用于传递服务所需的数据
requestData是发送到预期结果的服务的请求数据(过滤条件)。
上面的代码会导致soap请求标头看起来像这样但空标记显示已删除是一个问题。我想要显示实际值。我也不需要wsse:Nonce和wsu:创建元素。
<s:Header>
<h:Security xmlns:h="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<wsse:UsernameToken wsu:Id="SecurityToken-01f8a086-92b5-4aa2-8154-244061bdae5e" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsse:Username>
<!-- Removed-->
</wsse:Username>
<wsse:Password>
<!-- Removed-->
</wsse:Password>
<wsse:Nonce>
<!-- Removed-->
</wsse:Nonce>
<wsu:Created>2016-02-25T00:20:25Z</wsu:Created>
</wsse:UsernameToken>
<wsse:BinarySecurityToken xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<!-- Removed-->
</wsse:BinarySecurityToken>
</h:Security>
</s:Header>
有人可以指出我错过了什么吗?非常感谢任何帮助。
谢谢!