调用需要凭据的Web服务：错误：需要安全令牌

Question

当我尝试从.NET调用[Java] Web服务时，我得到的似乎是安全凭证问题。

CWWSS5509E: A security token whose type is [http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#UsernameToken] is required.

它是否甚至拿起了我想要传递的凭据？此时，我只想与Web服务联系并获取访问权限。在我的示例中，ServiceReference1是生成的Web代理类。

Private Sub Button2_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button2.Click

    Dim myLocateProfileBySourceSystemId As New ServiceReference1.locateProfileBySourceSystemId

    Dim myLocateProfileBySourceSystemIdRequestType As New ServiceReference1.LocateProfileBySourceSystemIdRequestType

    myLocateProfileBySourceSystemIdRequestType.includeEmailAddress = True

    myLocateProfileBySourceSystemId.locateProfileBySourceSystemId1 = myLocateProfileBySourceSystemIdRequestType

    System.Net.ServicePointManager.ServerCertificateValidationCallback = New System.Net.Security.RemoteCertificateValidationCallback(AddressOf ValidateRemoteCertificate)

    Dim myNetworkCredential As New System.Net.NetworkCredential
    myNetworkCredential.UserName = "MyUsernameGoesHere"
    myNetworkCredential.Password = "MyPasswordGoesHere"

    Dim myWebProxy As New WebProxy()
    myWebProxy.Credentials = myNetworkCredential
    WebRequest.DefaultWebProxy.Credentials = myNetworkCredential

    Dim myIndividualProfileSoapClient As New ServiceReference1.IndividualProfileSoapClient
    Dim myLocateProfileBySourceSystemIdResponse As ServiceReference1.locateProfileBySourceSystemIdResponse = myIndividualProfileSoapClient.locateProfileBySourceSystemId(myLocateProfileBySourceSystemId)

End Sub

Private Shared Function ValidateRemoteCertificate(ByVal sender As Object,
                                              ByVal certificate As X509Certificate,
                                              ByVal chain As X509Chain,
                                              ByVal policyErrors As SslPolicyErrors) As Boolean    
     ' allow any old dodgy certificate...
     Return True

End Function

我的App.Config设置应该是什么？

            <security mode="Transport">
                <transport clientCredentialType="None" proxyCredentialType="None"
                    realm="" />
                <message clientCredentialType="UserName" algorithmSuite="Default" />
            </security>

Answer 1

看看这个。

http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0.pdf

和这个

Trying to get WCF client to work with wss 1.0 username token security

和此。

Correct way communicate WSSE Usernametoken for SOAP webservice

ClientCredentials.UserName.UserName = ""
CleintCredentials.UserName.Password = ""