我想从WebClient向WCF服务发送SOAP请求。设置安全模式=“无”,它可以正常工作。 但如果我使用Message安全模式,它失败了,我试图在WebClient中添加用户名和密码,但它没有用。当WCF使用消息安全性时,我可以将web从webclient发送到wcf服务吗? 这是web.config
<wsHttpBinding>
<binding name="wsConfigSection">
<security mode="None"></security>
</binding>
这是webclient。
WebClient myWebClient = new WebClient();
myWebClient.Headers.Add("Content-Type", "application/soap+xml; charset=utf-8");
//myWebClient.UseDefaultCredentials = true;
myWebClient.Credentials = new NetworkCredential(@"domain\username","password");
myWebClient.Headers.Add("SOAPAction", "\"http://tempuri.org/ICalculator/Add\"");
var response = myWebClient.UploadString(endpoint, payload);
Console.WriteLine(response);
最诚挚的问候,
爱德华
答案 0 :(得分:0)
安全信息通常包含在请求正文的标题中。标头不是HTTP HEADER,它是SOAP请求标头,它是HTTP BODY的一部分。
根据您使用的实际安全绑定,您应该使用正确的值设置安全标头,并在HTTP BODY中将SOAP HEADER与SOAP BODY一起发送。
这是一个示例soap请求(无效,仅作为示例):
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
<soap:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" soap:mustUnderstand="1">
<wsse:BinarySecurityToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" wsu:Id="CertId-11465961">xxx</wsse:BinarySecurityToken>
<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ds:CanonicalizationMethod>
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"></ds:SignatureMethod>
<ds:Reference URI="#id-533766178">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></ds:DigestMethod>
<ds:DigestValue>xxx</ds:DigestValue>
</ds:Reference>
<ds:Reference >
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></ds:DigestMethod>
<ds:DigestValue>xxx</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#id-944359288">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></ds:DigestMethod>
<ds:DigestValue>xxx</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>xxx
</ds:SignatureValue>
<ds:KeyInfo Id="KeyId-1977405101">
<wsse:SecurityTokenReference>
<wsse:Reference></wsse:Reference>
</wsse:SecurityTokenReference>
</ds:KeyInfo>
</ds:Signature>
</wsse:Security>
</soap:Header>
<soap:Body>
</soap:Body>
</soap:Envelope>
你可以看到肥皂:标题,这应该是你放东西的地方。并在HTTP正文中发送。