WCF - 为UsernameToken设置策略

Question

我收到了一份更新的WSDL，用于我正在消费的服务，其中包含以下政策

    <wsp:Policy wssutil:Id="UsernameToken">
<ns0:SupportingTokens xmlns:ns0="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512">
 <wsp:Policy>
 <ns0:UsernameToken ns0:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512/IncludeToken/AlwaysToRecipient">
 <wsp:Policy>
  <ns0:WssUsernameToken10 /> 
  </wsp:Policy>
  </ns0:UsernameToken>
  </wsp:Policy>
  </ns0:SupportingTokens>
  </wsp:Policy>

我通过右键点击服务参考更新了我的参考 - ＆gt;在Visual Studio中配置服务选项。这生成了一个customBinding，取代了之前的basicHttpBinding

<customBinding>
            <binding name="myBindingName">
                <!--    WsdlImporter encountered unrecognized policy assertions in ServiceDescription 'http://ouaf.oracle.com/webservices/cm/CM-CustConnAcctDetailExtract':    -->
                <!--    <wsdl:binding name='CM-CustConnAcctDetailExtractSoapBinding'>    -->
                <!--        <ns0:SupportingTokens xmlns:ns0="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512">..</ns0:SupportingTokens>    -->
                <textMessageEncoding messageVersion="Soap11" />
                <httpTransport />
            </binding>
        </customBinding>

我是否只需要使用此customBinding？或者basicBinding中有任何选项可以使它工作吗？

如果我使用带有TransportWithMessageCredential的basicBinding，我会收到以下错误：

  

提供的URI无效;预计会有HTTPS

我使用SoapUI运行它。除了UserName和Passwrod之外，我还必须提供WSS-PasswordType作为PasswordText。如果不提供此参数，我会在SoapUI中收到错误

  

根据安全策略验证邮件时出错错误代码：1000

我不确定如何在basicHttpBinding中提供WSS-PasswordType。

我的basicHttpBinding如下所示

protected BasicHttpBinding GetBinding()
    {
        return new BasicHttpBinding()
                   {
                       Name = "BasicHttpBinding",
                       ReceiveTimeout = new TimeSpan(0, 0, 2, 0),
                       SendTimeout = new TimeSpan(0, 0, 2, 0),
                       Security =
                           {
                               Mode = BasicHttpSecurityMode.TransportCredentialOnly,
                               Transport =
                                   {
                                       ClientCredentialType = HttpClientCredentialType.Basic,
                                       ProxyCredentialType = HttpProxyCredentialType.None,
                                       Realm = ""
                                   },
                               Message =
                                   {
                                       ClientCredentialType = BasicHttpMessageCredentialType.UserName,
                                       AlgorithmSuite = SecurityAlgorithmSuite.Default
                                   }
                           },
                       MaxBufferSize = Int32.MaxValue,
                       MaxReceivedMessageSize = Int32.MaxValue,
                       ReaderQuotas = new XmlDictionaryReaderQuotas()
                       {
                           MaxBytesPerRead = 8192
                       }
                   };
    }

Answer 1

我可以通过将绑定更改为Custom Binding

来解决这个问题

protected CustomBinding GetCustomBinding()
    {
        var customBinding = new CustomBinding() { Name = "CustomBinding" };

        customBinding.Elements.Add(new TextMessageEncodingBindingElement() { MessageVersion = MessageVersion.Soap11 });
        var securityBindingElement = SecurityBindingElement.CreateUserNameOverTransportBindingElement();
        securityBindingElement.AllowInsecureTransport = true;
        securityBindingElement.EnableUnsecuredResponse = true;
        securityBindingElement.IncludeTimestamp = false;
        customBinding.Elements.Add(securityBindingElement);
        customBinding.Elements.Add(new HttpTransportBindingElement());

        return customBinding;
    }