我正在创建一个客户,该客户正在使用客户提供给我的Web服务。现在,我知道这个请求是正确的,因为Fiddler向我展示了预期的响应。但是,当此响应到达Visual Studio时,无法解析它。我收到以下错误。
Cannot find a token authenticator for the 'System.IdentityModel.Tokens.X509SecurityToken' token type. Tokens of that type cannot be accepted according to current security settings.
这些是详细信息:
var service = new ThatService.Config1Client();
service.ClientCredentials.UserName.UserName = SSO_USERNAME;
service.ClientCredentials.UserName.Password = SSO_PASSWORD; <basicHttpBinding>
<binding name="Config1Binding" maxReceivedMessageSize="20000000" maxBufferSize="20000000" maxBufferPoolSize="20000000">
<security mode="TransportWithMessageCredential">
<transport clientCredentialType="None" proxyCredentialType="None" realm=""/>
<message clientCredentialType="UserName"/>
</security>
</binding>
</basicHttpBinding> <SOAP-ENV:Envelope xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<SOAP-ENV:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:BinarySecurityToken wsu:Id="bst9162663ec77b11e68fe1000002849f3e" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">MIIBwzCCASygAwIBAgIBADANBgkqhkiG9w0BAQUFADAOMQwwCgYDVQQDEwNRQ1AwHhcNMTQwNDAyMTYwMDU4WhcNMTkwNDAyMTYwMDU4WjAOMQwwCgYDVQQDEwNRQ1AwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANnDHqYQu8l14RTghFgGtSoVQIdeN8gKp4PtJwzO2cuck4fpRXa/7u9O7zRgAq5tvJIv4icKc/nux07F1pKRv76BDdbkTU8Ee979wBGUp3E2MMUiGd85GY/2YXnB4EhcypLR5eXSUD21ETeUGnNowL60uU7x/oTSUhrONaryIUk9AgMBAAGjMTAvMA4GA1UdDwEB/wQEAwIEsDAdBgNVHQ4EFgQUND5e3R+3YvyRyFO7lkHCxVnuS9EwDQYJKoZIhvcNAQEFBQADgYEAezmjggQmSnyHBEjfBCnY+g7i52hyowVm3zqQCtxPsUpoh94/uG+p2IjnKOsv2W4iFpvLLvx7Ibxeo73Xl8izZtV56WbgYuOQtBSA0fByhth21twkTo4BsxOBx3MY54t4XNW3krDHQWH9AeOVm5BDjm/DSczsiZSMayjcIaWSZrg=</wsse:BinarySecurityToken>
<wsu:Timestamp wsu:Id="ts91626640c77b11e6aaf4000002849f3e" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsu:Created>2016-12-21T12:47:01Z</wsu:Created>
<wsu:Expires>2016-12-21T12:47:31Z</wsu:Expires>
</wsu:Timestamp>
<dsig:Signature xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
<dsig:SignedInfo>
<dsig:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<dsig:Reference URI="#ts91626640c77b11e6aaf4000002849f3e">
<dsig:Transforms>
<dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</dsig:Transforms>
<dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<dsig:DigestValue>8Nzthh4Iq5CQ84Vkqf3m8JUW6dY=</dsig:DigestValue>
</dsig:Reference>
<dsig:Reference URI="#DSIG-9162663fc77b11e69538000002849f3e">
<dsig:Transforms>
<dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</dsig:Transforms>
<dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<dsig:DigestValue>schVLt5XWejFzwLVExDAS09WiVE=</dsig:DigestValue>
</dsig:Reference>
</dsig:SignedInfo>
<dsig:SignatureValue>tM0rKAA7c72BDMjt9H/4qLS4pqnFnQeyBzUYK0SPOAkMKumFTHSszPlRDkPOAh7sTMyzPgBWVxrKJd6IVbSNDpHAD9OZ/v5ZbqCG/xJLWQdUtgH9TqJ1EKCjBAOFsicnXylHxyGZqzpR506lmbTu0k8CL7e+DAv7cHXgRyGIMPo=</dsig:SignatureValue>
<dsig:KeyInfo>
<wsse:SecurityTokenReference>
<wsse:Reference URI="#bst9162663ec77b11e68fe1000002849f3e" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"/>
</wsse:SecurityTokenReference>
</dsig:KeyInfo>
</dsig:Signature>
</wsse:Security>
</SOAP-ENV:Header>
<SOAP-ENV:Body wsu:Id="DSIG-9162663fc77b11e69538000002849f3e" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:wst-05-02="http://schemas.xmlsoap.org/ws/2005/02/trust" xmlns:wsc="http://docs.oasis-open.org/ws-sx/ws-secureconversation/200512" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:sapsp="http://www.sap.com/NW05/soap/features/security/SecurityPolicy" xmlns:wssp="http://schemas.xmlsoap.org/ws/2002/12/secext" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsse11="http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" xmlns:wssc="http://schemas.xmlsoap.org/ws/2005/02/sc">
<ns2:GetLoginSessionCustomerResponse xmlns:ns2="http://confidential.url/example">
<return>CUSTOMERSPECIFICDETAILS</return>
</ns2:GetLoginSessionCustomerResponse>
</SOAP-ENV:Body>
</SOAP-ENV:Envelope> 答案 0 :(得分:0)
我猜问题就在这里
<transport clientCredentialType="None" proxyCredentialType="None" realm=""/>
您将ClientCredentialType指定为None,指定客户端不需要提供任何凭据。这转化为匿名客户端。
我想如果你浏览msdn上发布的这个article会很棒。 如果你看一下selecting a credential type
,也会很棒