为我提供了访问SOAP 1.1 Web服务的WSDL。 WSDL一次仅引用二进制安全性令牌。他们期望的请求在签名标签之前但在加密密钥标签之后需要第二个二进制安全令牌。我需要以某种方式告诉WCF添加WSDL模式中不存在的这个附加安全令牌标记。我注意到与解决该问题有关的奇怪事情是,即使WSDL模式中不存在SOAPUI,SOAPUI仍在添加该令牌。以下信息与理解问题有关:
这是配置文件:
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<system.serviceModel>
<bindings>
<customBinding>
<binding name="customWebRealmBinding">
<security messageProtectionOrder="SignBeforeEncrypt" defaultAlgorithmSuite="TripleDesRsa15"
authenticationMode="MutualCertificateDuplex" securityHeaderLayout="LaxTimestampLast"
includeTimestamp="true"
allowSerializedSigningTokenOnReply="true" requireDerivedKeys="false" />
<textMessageEncoding messageVersion="Soap11WSAddressingAugust2004"></textMessageEncoding>
<httpsTransport authenticationScheme="Basic" realm="weblogic" maxReceivedMessageSize="2147483647"
requireClientCertificate="true" />
</binding>
</customBinding>
</bindings>
<client>
<endpoint address="https://XXX/XXX/XXX/XXXService?WSDL"
binding="customBinding" bindingConfiguration="customWebRealmBinding"
contract="XXXService.XXXServiceType" name="XXXerviceTypeSoapPort" behaviorConfiguration="XXXBehavior">
<identity>
<dns value="XXXXXXX"/>
<certificateReference findValue="XXXXX, XXXXXX, XXX, XXX XXX. XXXX, XXXX"
storeLocation="LocalMachine" storeName="My" x509FindType="FindBySubjectDistinguishedName"/>
</identity>
</endpoint>
</client>
<behaviors>
<endpointBehaviors>
<behavior name="XXXBehavior">
<callbackDebug includeExceptionDetailInFaults="true" />
<clientCredentials>
<clientCertificate storeLocation="LocalMachine" storeName="My"
x509FindType="FindBySubjectDistinguishedName"
findValue="XXXXXXXXXX, XXXXXXXX, XXXXXXX, XXXXXXX, XXXXXXX, XXXXXXX" />
<serviceCertificate>
<defaultCertificate storeLocation="LocalMachine" storeName="My"
x509FindType="FindBySubjectDistinguishedName"
findValue="XXXX, XXXXX, XXXX, XXXX, XXXX. XXXXX, XXXXX" />
</serviceCertificate>
</clientCredentials>
</behavior>
</endpointBehaviors>
</behaviors>
<services>
<service name="NLog.LogReceiverService.LogReceiverOneWayForwardingService">
<endpoint address="https://XXXXService?WSDL"
name="XXXServiceEndpoint" binding="customBinding" contract="XXXService.XXXServiceType"/>
<host>
<baseAddresses>
<add baseAddress="https://XXX/XXX/XXXService?WSDL"/>
</baseAddresses>
</host>
</service>
</services>
</system.serviceModel>
<system.diagnostics>
<trace autoflush="true" />
<sources>
<source name="System.Net" maxdatasize="1048576" tracemode="protocolonly">
<listeners>
<add name="MyTraceFile"/>
<add name="MyConsole"/>
</listeners>
</source>
</sources>
<sharedListeners>
<add
name="MyTraceFile"
type="System.Diagnostics.TextWriterTraceListener"
initializeData="System.Net.trace.log" />
<add name="MyConsole" type="System.Diagnostics.ConsoleTraceListener" />
</sharedListeners>
<switches>
<add name="System.Net" value="Verbose" />
</switches>
</system.diagnostics>
</configuration>
这是我执行操作时创建的WCF消息:
<?xml version="1.0"?>
<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" xmlns:a="http://schemas.xmlsoap.org/ws/2004/08/addressing" xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<s:Header>
<a:Action s:mustUnderstand="1" u:Id="_3"/>
<a:MessageID u:Id="_4">urn:uuid:</a:MessageID>
<a:ReplyTo u:Id="_5">
<a:Address>http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous</a:Address>
</a:ReplyTo>
<a:To s:mustUnderstand="1" u:Id="_6">https:XXXXXXXXX?WSDL</a:To>
<o:Security xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" s:mustUnderstand="1">
<u:Timestamp u:Id="uuid-XXXX">
<u:Created>2018-08-28T13:32:45.912Z</u:Created>
<u:Expires>2018-08-28T13:37:45.912Z</u:Expires>
</u:Timestamp>
<o:BinarySecurityToken u:Id="uuid-4fcc794b-4898-4bd2-b842-1bb0b98b800d-3" ValueType="http://docs.oasis-
open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3">TOKEN NUMBERS=</o:BinarySecurityToken>
<e:EncryptedKey xmlns:e="http://www.w3.org/2001/04/xmlenc#" Id="_0">
<e:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/>
<KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
<o:SecurityTokenReference>
<o:KeyIdentifier ValueType="http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-
1.1#ThumbprintSHA1">agOMixYQcvcrttth/vzpcgfGaRg=</o:KeyIdentifier>
</o:SecurityTokenReference>
</KeyInfo>
<e:CipherData>
<e:CipherValue>CYPHER NUMBERS AND LETTERS</e:CipherValue>
</e:CipherData>
<e:ReferenceList>
<e:DataReference URI="#_2"/>
</e:ReferenceList>
</e:EncryptedKey>
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
<SignedInfo>
<CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<Reference URI="#_1">
<Transforms>
<Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<DigestValue>VALUES</DigestValue>
</Reference>
<Reference URI="#_3">
<Transforms>
<Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<DigestValue>VALUES</DigestValue>
</Reference>
<Reference URI="#_4">
<Transforms>
<Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<DigestValue>VALUES</DigestValue>
</Reference>
<Reference URI="#_5">
<Transforms>
<Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<DigestValue>VALUES</DigestValue>
</Reference>
<Reference URI="#_6">
<Transforms>
<Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<DigestValue>A/VzEXRgimkP4p4nf6geYy68axI=</DigestValue>
</Reference>
<Reference URI="#uuid-XXXXXXX">
<Transforms>
<Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<DigestValue>XXXXXXXXXXXXX</DigestValue>
</Reference>
</SignedInfo>
<SignatureValue>XXXXXXXXXXXXXXXXXX</SignatureValue>
<KeyInfo>
<o:SecurityTokenReference>
<o:Reference URI="#uuid-XXXXXXXXXXX"/>
</o:SecurityTokenReference>
</KeyInfo>
</Signature>
</o:Security>
</s:Header>
<s:Body u:Id="_1">
<e:EncryptedData xmlns:e="http://www.w3.org/2001/04/xmlenc#" Id="_2"
Type="http://www.w3.org/2001/04/xmlenc#Content">
<e:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
<e:CipherData>
<e:CipherValue>XXXXXXXXXXX</e:CipherValue>
</e:CipherData>
</e:EncryptedData>
</s:Body>
</s:Envelope>
我希望它看起来像上面的那个,但是我想要在末尾EncryptedKey标记和签名标记的开始之间的另一个二进制安全令牌。以编程方式,我实际上只是在设置用户名,密码和证书值并调用服务。
任何帮助都会很棒!谢谢!