c#使用509证书签署SOAP信封webrequest

时间:2018-01-24 21:44:04

标签: c# soap x509certificate signature

我正在与第三方合作,拒绝修改已发布的WSDL的方案。问题是SOAP服务期望的名称空间不同于WSDL提供的名称空间。所以在我的C#应用​​程序中,我在使用.Net的代理时遇到了很多麻烦。为了解决这个问题,我想发送一个网络请求并打包我的数据

我无法弄清楚如何将我的签名添加到我的请求标题中。

 Microsoft.Web.Services3.SoapEnvelope soapEnvelopeXml = new Microsoft.Web.Services3.SoapEnvelope();

            HttpWebRequest request = (HttpWebRequest)WebRequest.Create(@"https://Illinois-stage.tylerhost.net/efm/FilingReviewMDEPort.svc");
            request.Headers.Add("SOAPAction:\"urn:oasis:names:tc:legalxml-courtfiling:wsdl:WebServicesProfile-Definitions-4.0/FilingReviewMDEPort/ReviewFilingRequest\"");
            request.Headers.Add("Accept-Encoding: gzip, deflate");
            request.KeepAlive = true;
            request.Headers.Add("MIME-Version: 1.0");
            request.ContentType = "multipart/related; type=\"application/xop+xml\";start=\"<http://tempuri.org/0>\";boundary=\"uuid:936f2c7e-590a-4f19-b154-ce8285adf18a+id=2\";start-info=\"text/xml\"";
            request.Method = "POST";

            soapEnvelopeXml.Load(@"c:\temp\ReviewFilingRequest.xml");

            System.IdentityModel.Tokens.X509SecurityToken securityToken = new System.IdentityModel.Tokens.X509SecurityToken(X509);
            Microsoft.Web.Services3.Security.Tokens.X509SecurityToken signatureToken   = new Microsoft.Web.Services3.Security.Tokens.X509SecurityToken(X509);

            MessageSignature sig = new MessageSignature(signatureToken);

            ////////// XmlDocumentFragment xfrag = soapEnvelopeXml.CreateDocumentFragment();
            //////////xfrag.InnerXml = messageHeader;
            //////////soapEnvelopeXml.DocumentElement.FirstChild.AppendChild(xfrag);

            XmlDocument xmlDoc = new XmlDocument();
            MemoryStream xmlStream = new MemoryStream();
            xmlDoc.Save(xmlStream);

            using (var writer = XmlDictionaryWriter.CreateMtomWriter(xmlStream, Encoding.UTF8, int.MaxValue, "text/xml", "uuid:936f2c7e-590a-4f19-b154-ce8285adf18a+id=2", "http://tempuri.org/0",false,false))
            {
                soapEnvelopeXml.WriteTo(writer);
                using (Stream stream = request.GetRequestStream())
                {
                    stream.Write(xmlStream.ToArray(),0, xmlStream.ToArray().Length );
                }
            }

            using (WebResponse response = request.GetResponse())
            {
                using (StreamReader rd = new StreamReader(response.GetResponseStream()))
                {
                      string soapResult = rd.ReadToEnd();
                      Console.WriteLine(soapResult);
                }
            }

2 个答案:

答案 0 :(得分:0)

可能有所帮助的一些事情。

  1. 您收到了什么错误消息?访问被拒绝(或沿着这些方向的东西)?

  2. 您是否尝试过查看丢失的标题?最好的方法是下载WireShark或Telerik的Fiddler,它允许HTTPS解密。使用其中一个,您可以在互联网浏览器中访问该网站,并查看通过普通浏览器发送的标题。

答案 1 :(得分:0)

我最终在Node.js中签名。切换到节点让我对该消息有了更多的控制权。作为额外的奖励,我没有必须支付微软税。

https://www.npmjs.com/search?q=soap&page=1&ranking=optimal