使用WCF更改规范化算法 [英] Change canonicalization algorithm with WCF
问题描述
我试图使用带有证书的WCF调用Web服务来对消息签名。
I am trying to call a webservice using WCF with a certificate to sign the message.
服务器仅支持以下规范化算法:' http://www.w3.org/TR/2001/REC-xml-c14n- 20010315#WithComments '
The server only supports the following canonicalization algorithm : 'http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments'
默认情况下,WCF使用' http://www.w3.org/2001/10/xml-exc-c14n# '
By default, WCF uses 'http://www.w3.org/2001/10/xml-exc-c14n#'
由于无法使用配置文件进行配置,因此创建了一个自定义绑定,在其中设置了一个自定义SecurityAlgorithmSuite,以强制WCF使用该服务期望的规范化算法。
这是我的自定义绑定:
Since I couldn't configure it with the config file, I created a custom binding in which I set a custom SecurityAlgorithmSuite to force WCF to use the canonicalization algorithm expected by the service. Here is my custom binding :
public class TestBinding : Binding
{
public override BindingElementCollection CreateBindingElements()
{
var sec = TransportSecurityBindingElement.CreateCertificateOverTransportBindingElement();
sec.MessageSecurityVersion = MessageSecurityVersion
.WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10;
sec.EnableUnsecuredResponse = true;
sec.DefaultAlgorithmSuite = new TestSecurityAlgorithmSuite();
return new BindingElementCollection(new BindingElement[] {
new TextMessageEncodingBindingElement() { MessageVersion = MessageVersion.Soap11WSAddressing10 },
sec,
new HttpsTransportBindingElement() { RequireClientCertificate = true }
});
}
public override string Scheme
{
get { return new HttpsTransportBindingElement().Scheme; }
}
}
还有算法套件:
public class TestSecurityAlgorithmSuite : Basic256SecurityAlgorithmSuite
{
public override string DefaultCanonicalizationAlgorithm
{
get { return "http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"; }
}
public override string ToString()
{
return "TestSecurityAlgorithmSuite";
}
}
不幸的是,我得到了错误:
Unfortunately, I get the error :
Canonicalization algorithm 'http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments' is not supported.
Server stack trace:
à System.ServiceModel.Security.WSSecurityOneDotZeroSendSecurityHeader.StartPrimarySignatureCore(SecurityToken token, SecurityKeyIdentifier keyIdentifier, MessagePartSpecification signatureParts, Boolean generateTargettableSignature)
à System.ServiceModel.Security.WSSecurityOneDotZeroSendSecurityHeader.CreateSupportingSignature(SecurityToken token, SecurityKeyIdentifier identifier)
à System.ServiceModel.Security.SendSecurityHeader.SignWithSupportingToken(SecurityToken token, SecurityKeyIdentifierClause identifierClause)
à System.ServiceModel.Security.SendSecurityHeader.SignWithSupportingTokens()
à System.ServiceModel.Security.SendSecurityHeader.CompleteSecurityApplication()
à System.ServiceModel.Security.SecurityAppliedMessage.OnWriteMessage(XmlDictionaryWriter writer)
à System.ServiceModel.Channels.Message.WriteMessage(XmlDictionaryWriter writer)
à System.ServiceModel.Channels.BufferedMessageWriter.WriteMessage(Message message, BufferManager bufferManager, Int32 initialOffset, Int32 maxSizeQuota)
à System.ServiceModel.Channels.TextMessageEncoderFactory.TextMessageEncoder.WriteMessage(Message message, Int32 maxMessageSize, BufferManager bufferManager, Int32 messageOffset)
à System.ServiceModel.Channels.MessageEncoder.WriteMessage(Message message, Int32 maxMessageSize, BufferManager bufferManager)
à System.ServiceModel.Channels.HttpOutput.SerializeBufferedMessage(Message message, Boolean shouldRecycleBuffer)
à System.ServiceModel.Channels.HttpOutput.SerializeBufferedMessage(Message message)
à System.ServiceModel.Channels.HttpOutput.Send(TimeSpan timeout)
à System.ServiceModel.Channels.HttpChannelFactory`1.HttpRequestChannel.HttpChannelRequest.SendRequest(Message message, TimeSpan timeout)
à System.ServiceModel.Channels.RequestChannel.Request(Message message, TimeSpan timeout)
à System.ServiceModel.Channels.SecurityChannelFactory`1.SecurityRequestChannel.Request(Message message, TimeSpan timeout)
à System.ServiceModel.Dispatcher.RequestChannelBinder.Request(Message message, TimeSpan timeout)
à System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)
à System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)
à System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)'
我开始认为所有希望都消失了。有什么方法可以使WCF与所需的算法配合使用?
I am starting to think all hope is lost. Is there any way to make WCF work with the desired algorithm?
推荐答案
不幸的是,该异常是自描述的:WCF的当前版本可以不支持 http://www.w3.org/TR/ 2001 / REC-xml-c14n-20010315#WithComments 规范化算法。
Unfortuantelly the exception is self descriptive: current version of WCF does not support "http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments" canonicalization algorithm.
这篇关于使用WCF更改规范化算法的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!