试图让 WCF 客户端使用 wss 1.0 用户名令牌安全性 [英] Trying to get WCF client to work with wss 1.0 username token security

问题描述

我正在尝试使用 WCF 客户端来调用第三方 Web 服务.Web Service 使用用户名令牌认证 WSS-Security 1.0 Soap Message Security

I am trying to use a WCF client to call a third party web service. The web Service usses username token authentication WSS-Security 1.0 Soap Message Security

这是 Web 服务所期望的示例 soap 身份验证标头

Here is a sample soap authentication header for what the web service expects

<soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
<soap:Header>
<wsse:Security soap:mustUnderstand="1">
<wsse:UsernameToken namespaces>
<wsse:Username>username</wsse:Username>
<wsse:Password Type="type info">password</wsse:Password>
<wsse:Nonce>nonce</wsse:Nonce>
<wsu:Created>date created</wsu:Created>
</wsse:UsernameToken>
<wsse:Security>
</soap:Header>
<soap:Body>
<WebServiceMethodName xmlns="Web Service Namespace" />

我将客户端配置为以下方式

I configured the client to the following way

<basicHttpBinding>
<binding name="Binding1">
<security mode="TransportWithMessageCredential">
<transport clientCredentialType="Basic"/>
</security>
</basicHttpBinding>

但收到一个错误，指出标头中缺少 nonce 和 datecreated 属性.有谁知道如何配置 WCF 客户端来使用

but recieved an error that stating that the nonce and datecreated attributes were missing in the header. Does anyone know how to configure a WCF client to work with

WSS-Security 1.0 Soap Message Security 用户名令牌认证?

WSS-Security 1.0 Soap Message Security username token authentication?

推荐答案

我遇到了同样的问题.我没有使用自定义令牌序列化程序，而是使用 MessageInspector 在 BeforeSendRequest 方法中添加正确的 UsernameToken.然后我使用自定义行为来应用修复.

I had the same problem. Instead of the custom token serlializer I used a MessageInspector to add the correct UsernameToken in the BeforeSendRequest method. I then used a custom behavior to apply the fix.

在我的博客文章中记录了整个过程(带有演示项目)支持 WS-I Basic Profile Password Digest inWCF 客户端代理.或者，您也可以阅读 PDF.

The entire process is documented (with a demo project) in my blog post Supporting the WS-I Basic Profile Password Digest in a WCF client proxy. Alternatively, you can just read the PDF.

如果您想了解我的解决方案进度，您可以在 StackOverflow 上找到它，标题为WCF 客户端使用 WS-Security UsernameToken PasswordDigest 身份验证方案消费 Axis 2 Web 服务时出错":

If you want to follow my progress through to the solution, you'll find it on StackOverflow titled, "Error in WCF client consuming Axis 2 web service with WS-Security UsernameToken PasswordDigest authentication scheme":

这篇关于试图让 WCF 客户端使用 wss 1.0 用户名令牌安全性的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！