使用具有标头安全性的 C# 中的非 asmx SOAP 1.1 Web 服务 [英] Consuming non-asmx SOAP 1.1 Web Service in C# with Header Security

问题描述

第一次发帖，所以如果我违反了任何发帖规则，请对我放松一点 - 我已经阅读了它们，我认为我是对的.

First time poster so please take it a bit easy on me if I break any posting rules - I have read them and I think I'm right.

我在发帖前已经搜索了一段时间，但似乎找不到关于我要做什么的指南，所以我想我会在这里发帖.

I've been searching for a while before posting and can't seem to find a guide on what I am trying to do so I thought I would post here.

我需要编写一个 C# .NET 3.5 程序来使用用 Java 开发的 Web 服务.根据我编写 Dynamics CRM 插件和软件的经验，我已经练习在 .NET 中使用 Web References 使用 ASMX Web 服务，但这让我感到困惑.

I need to write a C# .NET 3.5 program to consume a web service developed in Java. I have practice consuming ASMX web services in .NET using Web References from my experience writing Dynamics CRM plugins and software but this has me stumped.

我的第一次尝试是使用 Web 引用(是的，我知道 - 不是 WCF)，但是 Web 服务需要一个 PasswordDigest(带有 nonce 和创建的 SHA-1)、SOAP 标头中的用户名令牌和时间戳记，我找不到使用 Web 参考将这些添加到 SOAP 标头的方法.

My first attempt was to use a Web Reference (yes, I know - not WCF) however the web service requires a PasswordDigest (SHA-1 with nonce and created), a username token and timestamp token in the SOAP header and I couldn't find a way to add these to the SOAP header using the Web Reference.

我的第二次尝试是使用服务引用(我相信，但我可能错了哈哈，this 是 WCF)但是我对此和我发现的任何教程没有太多练习在线帮助不大.

My second attempt was to use a Service Reference (I believe, but I am probably wrong haha, that this is WCF) however I don't have much practice with this and any tutorials I found online were not much help.

每次我尝试使用 WS 时，都会因为无法进行身份验证而被服务器拒绝.

Each time when I try to use the WS, I get a rejection from the server for being unable to authenticate.

我的问题是如何在 C# .NET 3.5 中使用具有这些要求的 Web 服务?

My question is how do I consume a Web Service with these requirements in C# .NET 3.5?

谢谢.

推荐答案

IIRC，Microsoft WSE(2.0 或 3.0)有一个叫做 UsernameToken 的东西，你需要把它塞进传出的 SOAP 消息的某个地方你已经准备好了.当然，这个答案还有很多不足之处，所以我会向您提供几个链接，希望您能通过:

IIRC, Microsoft WSE (either 2.0 or 3.0) had something called UsernameToken, which you need to stuff somewhere in the outgoing SOAP message and you're all set. Granted, this answer leaves a lot to be desired, so I'll throw a couple links at you and hope you'll wade through:

http://www.codeproject.com/KB/webservices/WS-安全.aspx

http://www.reliablesoftware.com/articles/WSESecurity.html

http://www.devx.com/security/Article/15634

(这一切再次表明 SOAP 和 WSDL 实际上有多么有缺陷).

(And this all shows yet again how flawed SOAP and WSDL actually are).

这篇关于使用具有标头安全性的 C# 中的非 asmx SOAP 1.1 Web 服务的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！