在问之前我已经尝试了一切。我有一个非常简单的服务,网址为https://something。我可以使用https://something?wsdl获取WSDL。现在我添加了Service Reference和Web Reference的引用。但是当我调用它时,没有发送SOAP头(用Fiddler检查)。我可以用SOAP UI调用它而没有错误。 (BTW服务器正在使用WS-Security)。以下是SOAP UI请求的一瞥,
<soapenv:Envelope xmlns:ns=""http://www.customs.pcfc.com/Schema/Declaration/TraderInboundServiceParameters/1.0"" xmlns:ns1=""http://www.customs.pcfc.com/Schema/Common/2.0"" xmlns:sad=""http://www.customs.pcfc.com/Schema/Declaration/SAD"" xmlns:soapenv=""http://schemas.xmlsoap.org/soap/envelope/"">
<soapenv:Header>
<wsse:Security soapenv:mustUnderstand=""1"" xmlns:wsse=""http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd""><wsse:BinarySecurityToken EncodingType=""http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"" ValueType=""http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"" wsu:Id=""CertId-1270251257"" xmlns:wsu=""http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"">xxx</wsse:BinarySecurityToken><ds:Signature Id=""Signature-847101547"" xmlns:ds=""http://www.w3.org/2000/09/xmldsig#"">
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm=""http://www.w3.org/2001/10/xml-exc-c14n#""/>
<ds:SignatureMethod Algorithm=""http://www.w3.org/2000/09/xmldsig#rsa-sha1""/>
<ds:Reference URI=""#id-2038872614"">
<ds:Transforms>
<ds:Transform Algorithm=""http://www.w3.org/2001/10/xml-exc-c14n#""/>
</ds:Transforms>
<ds:DigestMethod Algorithm=""http://www.w3.org/2000/09/xmldsig#sha1""/>
<ds:DigestValue>xx</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>
xxx
</ds:SignatureValue>
<ds:KeyInfo Id=""KeyId-1608734597"">
<wsse:SecurityTokenReference wsu:Id=""STRId-161586721"" xmlns:wsu=""http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd""><wsse:Reference URI=""#CertId-1270251257"" ValueType=""http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3""/></wsse:SecurityTokenReference>
</ds:KeyInfo>
</ds:Signature></wsse:Security></soapenv:Header>
<soapenv:Body wsu:Id=""id-2038872614"" xmlns:wsu=""http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"">
Body
</soapenv:Body>
</soapenv:Envelope>
Body也是XML。现在我试过这个,
var client = new WebServiceClient();
var reader = new XmlSerializer(typeof(Request));
var file = new StreamReader("a.xml");
var fileData = (DeclarationRequest)reader.Deserialize(file);
var cert = new X509Certificate2("Mycert.cer", "Pass");
client.ClientCertificates.Add(cert);
fileData.UNB.DateTime = DateTime.UtcNow;
var b = client.process(fileData);
我收到Invalid Certificate
。
然后我尝试了服务参考,
var client = new MyClient();
client.ClientCredentials.ClientCertificate.SetCertificate(StoreLocation.CurrentUser, StoreName.TrustedPublisher, X509FindType.FindByIssuerName, "Iss Name");
var reader = new XmlSerializer(typeof(Request));
var file = new StreamReader("a.xml");
var fileData = (Request)reader.Deserialize(file);
var request = fileData;
request.UNB.DateTime = DateTime.UtcNow;
((BasicHttpBinding)client.Endpoint.Binding).Security.Mode = BasicHttpSecurityMode.Transport;
((BasicHttpBinding)client.Endpoint.Binding).Security.Transport.ClientCredentialType = HttpClientCredentialType.Certificate;
var response = client.process(request);
我在这里(再次使用无效证书),
内容类型application / soap + xml; charset = UTF-8;响应消息的action =“process”与绑定的内容类型不匹配(text / xml; charset = utf-8)。如果使用自定义编码器,请确保正确实现IsContentTypeSupported方法。响应的前695个字节是:
'<env:Envelope xmlns:env="http://www.w3.org/2003/05/soap-envelope">
<env:Header>
</env:Header>
<env:Body>
<env:Fault><env:Code>
<env:Value>env:Receiver
</env:Value>
<env:Subcode>
<env:Value xmlns:fault="http://tempuri.org/soapfaults">fault:MessageBlocked
</env:Value>
</env:Subcode>
</env:Code><env:Reason>
<env:Text xml:lang="en">Invalid Certificate
</env:Text>
</env:Reason><env:Detail xmlns:fault="http://tempuri.org/soapfaults" fault:type="faultDetails">
</env:Detail>
</env:Fault>
</env:Body>
</env:Envelope>'.
答案 0 :(得分:0)
我按照http://webservices20.blogspot.ae/2012/06/12-common-wcf-interop-confusions.html
修复了此问题简而言之,我有,
[ServiceContractAttribute(ConfigurationName="ServiceSoap",ProtectionLevel=ProtectionLevel.Sign)]
<bindings>
<customBinding>
<binding name="BPELProcess1Binding">
<security authenticationMode="MutualCertificate" enableUnsecuredResponse="true"
messageSecurityVersion="WSSecurity10WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10" />
<textMessageEncoding messageVersion="Soap11" />
<httpsTransport />
</binding>
</customBinding>
</bindings>
<behaviors>
<endpointBehaviors>
<behavior name="secureBehaviour">
<clientCredentials>
<serviceCertificate>
<defaultCertificate findValue="My CA" storeLocation="CurrentUser" storeName="TrustedPublisher" x509FindType="FindByIssuerName" />
</serviceCertificate>
</clientCredentials>
</behavior>
</endpointBehaviors>
<client>
<endpoint address="MyUrl" binding="customBinding" bindingConfiguration="BPELProcess1Binding" contract="MyContract" name="DeclarationB2BProcessing" behaviorConfiguration="secureBehaviour">
<identity>
<dns value="MyCertProp" />
</identity>
</endpoint>
</client>