如何在SOAP消息中使用HTTPS和客户端证书调用Weblogic WS [英] How to call a Weblogic WS with HTTPS and a client certificate in the SOAP Message

查看:80
本文介绍了如何在SOAP消息中使用HTTPS和客户端证书调用Weblogic WS的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

你好

有人有主意吗??

这是Weblogic WS的WSDL:

Here is the WSDL of a Weblogic WS :

  

<!-- Published by JAX-WS RI at http://jax-ws.dev.java.net. RI's version is Oracle JAX-WS 2.1.5. -->
<!-- Generated by JAX-WS RI at http://jax-ws.dev.java.net. RI's version is Oracle JAX-WS 2.1.5. -->
<definitions xmlns:wssutil="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" 
       xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" 
       xmlns:tns="http://webservice.com/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://schemas.xmlsoap.org/wsdl/" 
       targetNamespace="http://webservice.com/" name="X509HelloService">
 <wsp:UsingPolicy wssutil:Required="true"/>
 <wsp:Policy wssutil:Id="Wssp1.2-Wss1.1-X509-Basic256.xml">
  <ns1:AsymmetricBinding xmlns:ns1="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512">
   <wsp:Policy>
    <ns1:InitiatorToken>
     <wsp:Policy>
      <ns1:X509Token 
       ns1:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512/IncludeToken/AlwaysToRecipient">
       <wsp:Policy>
        <ns1:RequireThumbprintReference/>
        <ns1:WssX509V3Token11/>
       </wsp:Policy>
      </ns1:X509Token>
     </wsp:Policy>
    </ns1:InitiatorToken>
    <ns1:RecipientToken>
     <wsp:Policy>
      <ns1:X509Token ns1:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512/IncludeToken/Never">
       <wsp:Policy>
        <ns1:RequireThumbprintReference/>
        <ns1:WssX509V3Token11/>
       </wsp:Policy>
      </ns1:X509Token>
     </wsp:Policy>
    </ns1:RecipientToken>
    <ns1:AlgorithmSuite>
     <wsp:Policy>
      <ns1:Basic256/>
     </wsp:Policy>
    </ns1:AlgorithmSuite>
    <ns1:Layout>
     <wsp:Policy>
      <ns1:Lax/>
     </wsp:Policy>
    </ns1:Layout>
    <ns1:IncludeTimestamp/>
    <ns1:ProtectTokens/>
    <ns1:OnlySignEntireHeadersAndBody/>
   </wsp:Policy>
  </ns1:AsymmetricBinding>
  <ns2:Wss11 xmlns:ns2="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512">
   <wsp:Policy>
    <ns2:MustSupportRefKeyIdentifier/>
    <ns2:MustSupportRefIssuerSerial/>
    <ns2:MustSupportRefThumbprint/>
    <ns2:MustSupportRefEncryptedKey/>
    <ns2:RequireSignatureConfirmation/>
   </wsp:Policy>
  </ns2:Wss11>
 </wsp:Policy>
 <types>
  <xsd:schema>
   <xsd:import namespace="http://webservice.com/" 
         schemaLocation="https://myserver:7001/JAX-WS_WSSecurityAuthenticationX509Token2/X509HelloService?xsd=1"/>
  </xsd:schema>
 </types>
 <message name="securedHello">
  <part name="parameters" element="tns:securedHello"/>
 </message>
 <message name="securedHelloResponse">
  <part name="parameters" element="tns:securedHelloResponse"/>
 </message>
 <portType name="X509Hello">
  <operation name="securedHello">
   <input message="tns:securedHello"/>
   <output message="tns:securedHelloResponse"/>
  </operation>
 </portType>
 <binding name="X509HelloPortBinding" type="tns:X509Hello">
  <wsp:PolicyReference URI="#Wssp1.2-Wss1.1-X509-Basic256.xml"/>
  <soap:binding transport="http://schemas.xmlsoap.org/soap/http" style="document"/>
  <operation name="securedHello">
   <soap:operation soapAction=""/>
   <input>
    <soap:body use="literal"/>
   </input>
   <output>
    <soap:body use="literal"/>
   </output>
  </operation>
 </binding>
 <service name="X509HelloService">
  <port name="X509HelloPort" binding="tns:X509HelloPortBinding">
   <soap:address location="https://myserver:7001/JAX-WS_WSSecurityAuthenticationX509Token2/X509HelloService"/>
  </port>
 </service>
</definitions>

这是调用此服务的示例信封:

And here is a sample envelope to call this service :

  

<S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/">
 <S:Header>
  <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
  S:mustUnderstand="1">
   <wsse:BinarySecurityToken xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
   xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
   EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"
   ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"
   wsu:Id="bst_5etWsVPvJXZ3ohQk">
    MIICnTCCAgagAwIBAgIETPOjNDANBgkqhkiG9w0BAQUFADCBkjEsMCoGCSqGSIb3DQEJARYdYWxhaW4ubW9ybGV0QGV4dC5lYy5ldXJvcGEuZXUxCzAJB
    gNVBAYTAkxVMRMwEQYDVQQIDApMdXhlbWJvdXJnMRMwEQYDVQQHDApMdXhlbWJvdXJnMQswCQYDVQQKDAJFQzEOMAwGA1UECwwFRElHSVQxDjAMBgNVBA
    MMBWFsYWluMB4XDTEwMTEyOTEyNTcyNFoXDTExMDIyNzEyNTcyNFowgZIxLDAqBgkqhkiG9w0BCQEWHWFsYWluLm1vcmxldEBleHQuZWMuZXVyb3BhLmV
    1MQswCQYDVQQGEwJMVTETMBEGA1UECAwKTHV4ZW1ib3VyZzETMBEGA1UEBwwKTHV4ZW1ib3VyZzELMAkGA1UECgwCRUMxDjAMBgNVBAsMBURJR0lUMQ4w
    DAYDVQQDDAVhbGFpbjCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAm/Ik3E24i9TVN7YX8StxXevMqj7pCRAAseafgorQdHzND/fTAbsjf1FOXUaq9
    C04W8arKvVCFqwMoWO2bmnOKSKdsnF5oYB4qlH/DNLvu4IEDptEMPwUa/6dBmDxTDa441D7gZxuKtBMdKTx16u1YF0ablX4Sp8ohurBNqNEzt8CAwEAAT
    ANBgkqhkiG9w0BAQUFAAOBgQBksqQLaP4ag/gPk1J/kJJTGkQQtSqnnBCtNclLMFlqmKxtAANrMCTJO17+wFlRclIDwMX9IGg0ezoIt7gVBqpQ4hZCDAD
    cIzZTUeu4/ZL0WNNjL5xi1bkNhGKzYHbNOaAMhXCQcfrm4vGLzlwTn4SE+KnbSePJu5VXsL2R/icpXw==
   </wsse:BinarySecurityToken>
   <dsig:Signature xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
    <dsig:SignedInfo>
     <dsig:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
     <dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
     <dsig:Reference URI="#Timestamp_u0OTmPV0IXxnCLmp">
      <dsig:Transforms>
       <dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
      </dsig:Transforms>
      <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
      <dsig:DigestValue>
       8RJ6jEFOr+KxDtC51ERKmjCEGxk=
      </dsig:DigestValue>
     </dsig:Reference>
     <dsig:Reference URI="#Body_BZZaZYOZqW1xpUoN">
      <dsig:Transforms>
       <dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
      </dsig:Transforms>
      <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
      <dsig:DigestValue>
       hCdGazoU9NcHsohX7UFzO+Ews5E=
      </dsig:DigestValue>
     </dsig:Reference>
     <dsig:Reference URI="#bst_5etWsVPvJXZ3ohQk">
      <dsig:Transforms>
       <dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
      </dsig:Transforms>
      <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
      <dsig:DigestValue>
       RzE1WVSGMUfBG1FtrfpczED7Mng=
      </dsig:DigestValue>
     </dsig:Reference>
    </dsig:SignedInfo>
    <dsig:SignatureValue>
     LuwFrsYk9nWBHTrwM2mLr8g0+CulaVWRcy+17xxlfZed8iFbbb7QbzjKHA/JHER86EuuL30hf88iD4RN2UCJGtNT8GS2iVxLOn7jALZL548UPYhb
     zpmqPu46Mvch1TZ9GkHJhyrpDUCxwCtRi2lX6vTwxGiiCklUsRZ7Zl8tHww=
    </dsig:SignatureValue>
    <dsig:KeyInfo>
     <wsse:SecurityTokenReference 
      xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
     xmlns:wsse11="http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd"
     xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
     wsse11:TokenType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"
     wsu:Id="str_BOy9v2N6gyKcEEGa">
      <wsse:KeyIdentifier 
       EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"
       ValueType="http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#ThumbprintSHA1">
       hgIC6AwmDMwYNZEGhdnd481VxL0=
      </wsse:KeyIdentifier>
     </wsse:SecurityTokenReference>
    </dsig:KeyInfo>
   </dsig:Signature>
   <wsu:Timestamp xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
   wsu:Id="Timestamp_u0OTmPV0IXxnCLmp">
    <wsu:Created>2011-01-12T16:21:08Z</wsu:Created>
    <wsu:Expires>2011-01-12T16:22:08Z</wsu:Expires>
   </wsu:Timestamp>
  </wsse:Security>
 </S:Header>
 <S:Body xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
 wsu:Id="Body_BZZaZYOZqW1xpUoN">
  <ns2:securedHello xmlns:ns2="http://webservice.com/" />
 </S:Body>
</S:Envelope>

我找不到使用WCF调用此服务的任何内容.

I don't find anything to call this service with WCF.

该服务由HTTPS保护,并且客户端使用消息中的证书进行身份验证.

The service is secured by HTTPS and the client authenticates with a certificate in the message.

您的帮助将不胜感激...

Your help'd be very appreciate...

谢谢!

 

推荐答案

请修复消息的格式(尤其是肥皂信封的格式),我们将为您提供帮助.
please fix the formatting of your message (especially of the soap envelope) and we will help.


这篇关于如何在SOAP消息中使用HTTPS和客户端证书调用Weblogic WS的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
相关文章
其他开发语言最新文章
热门教程
热门工具
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆