我正在尝试将安全标头的默认到期时间修改为5分钟至1分钟。 服务器的安全策略之一是时间戳(请求的日期),生存时间为一分钟。
有什么主意吗?
我尝试过创建自定义绑定,但没有成功。
<s:Envelope xmlns:u=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd\" xmlns:s=\"http://schemas.xmlsoap.org/soap/envelope/\">
<s:Header>
<o:Security s:mustUnderstand=\"1\" xmlns:o=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd\">
<u:Timestamp u:Id=\"uuid-6f772493-4b86-4695-b415-316a916119ec-2\">
<u:Created>2019-05-23T12:14:26.920Z</u:Created>
**<u:Expires>2019-05-23T12:19:26.920Z</u:Expires>**
</u:Timestamp>
这就是我们需要的:
<s:Envelope xmlns:u=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd\" xmlns:s=\"http://schemas.xmlsoap.org/soap/envelope/\">
<s:Header>
<o:Security s:mustUnderstand=\"1\" xmlns:o=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd\">
<u:Timestamp u:Id=\"uuid-6f772493-4b86-4695-b415-316a916119ec-2\">
<u:Created>2019-05-23T12:14:26.920Z</u:Created>
**<u:Expires>2019-05-23T12:15:26.920Z</u:Expires>**
</u:Timestamp>
答案 0 :(得分:0)
解决方案是创建自定义绑定:
protected override SecurityBindingElement CreateMessageSecurity()
{
SecurityBindingElement security;
security.EnableUnsecuredResponse = true;
security.IncludeTimestamp = true;
security.LocalClientSettings.TimestampValidityDuration = TimeSpan.FromMinutes(1);
security.SecurityHeaderLayout = SecurityHeaderLayout.Lax;
security.DefaultAlgorithmSuite = SecurityAlgorithmSuite.Basic256;
return security;
}