我在项目中添加了一个Java WSDL作为Web Reference。我正在使用它来调用端点上的服务。我在ASMX文件中添加了WebMethod并在那里调用服务。要求是使用WSE Security并使用X509证书签署请求。
不幸的是,时间戳正在创建问题,我收到响应“发现处理标题时出错”。如果从中删除TimeStamp元素,则相同的请求可以从SoapUI中运行。 This is how the request look like
以下是创建安全元素的代码
//Set WSSE Security
svc.RequestSoapContext.Security.Timestamp.TtlInSeconds = 300;
svc.RequestSoapContext.Security.MustUnderstand = true;
svc.RequestSoapContext.Security.Tokens.Add(newtoken);
Microsoft.Web.Services3.Security.MessageSignature signature = new Microsoft.Web.Services3.Security.MessageSignature(newtoken);
signature.SignatureOptions = Microsoft.Web.Services3.Security.SignatureOptions.IncludeSoapBody;
svc.RequestSoapContext.Security.Elements.Add(signature);
===============
即使我使用WCF,问题仍然存在。只要我添加IncludeTimestamp = false;请求未被发送,将其设置为true可以创建请求。
这是WCF代码 -
//Create Endpoint
EndpointAddress address = new EndpointAddress((istest == true ? CHORUS_UFB_EMMA : CHORUS_UFB_PROD));
//Add Certificate to EndPoint Service
X509Certificate2 cert = new X509Certificate2(@"Certificate Path", "Password", X509KeyStorageFlags.PersistKeySet);
//Setup custom binding with HTTPS + Body Signing + Soap1.1
CustomBinding binding = new CustomBinding();
//HTTPS Transport
HttpsTransportBindingElement transport = new HttpsTransportBindingElement();
//Set Security Binding as Transport
TransportSecurityBindingElement tsec = SecurityBindingElement.CreateCertificateOverTransportBindingElement(MessageSecurityVersion.WSSecurity10WSTrust13WSSecureConversation13WSSecurityPolicy12BasicSecurityProfile10);
tsec.EnableUnsecuredResponse = true;
tsec.AllowInsecureTransport = true;
tsec.SecurityHeaderLayout = SecurityHeaderLayout.Lax;
tsec.LocalServiceSettings.DetectReplays = false;
tsec.LocalClientSettings.DetectReplays = false;
tsec.IncludeTimestamp = false;
tsec.SetKeyDerivation(false);
tsec.EndpointSupportingTokenParameters.Signed.Add(new SecureConversationSecurityTokenParameters());
//Setup for SOAP 11 and UTF8 Encoding
TextMessageEncodingBindingElement textMessageEncoding = new TextMessageEncodingBindingElement(MessageVersion.Soap11, Encoding.UTF8);
//Bind in order (Security layer, message layer, transport layer)
binding.Elements.Add(tsec);
binding.Elements.Add(textMessageEncoding);
binding.Elements.Add(transport);
Here is the generated request using above code 任何有关这方面的帮助将不胜感激。
答案 0 :(得分:0)
这可能是由客户端与托管服务的Web服务器之间的时差造成的。
仔细检查两台服务器上的时间是否匹配且同步。时间可能需要在5分钟之内。