从.net 4 WCF使用ws-security java服务

时间:2023-02-06 20:31:43

I am trying to consume a JAX-WS web service with basic username/password token in the Soap header. I've tested that JAX-WS service is working with SoapUI. Now I've moved onto the .net client. The .net client will be a windows forms application. I've added the service reference and set the username and password values. When I execute the web method, there is no security header in the soap xml. From what I gather in my research I need to set the service client to use message level security. This is where I'm stuck and can't figure out.

我试图在Soap头中使用基本用户名/密码令牌的JAX-WS Web服务。我已经测试过JAX-WS服务正在使用SoapUI。现在我已经转移到.net客户端了。 .net客户端将是一个Windows窗体应用程序。我添加了服务引用并设置了用户名和密码值。当我执行web方法时,soap xml中没有安全头。根据我在研究中收集的内容,我需要将服务客户端设置为使用消息级安全性。这就是我陷入困境,无法弄清楚的地方。

Here is my code

这是我的代码

MyServiceProxy serverService = new MyServiceProxy.MyServiceProxyClient();
MyServiceProxy inputVO = new MyServiceProxy.getAddressFormatInput();
MyServiceProxy outputVO = new MyServiceProxy.getAddressFormatOutput();
//set username and passwrd
serverService.ClientCredentials.UserName.UserName = "username";
serverService.ClientCredentials.UserName.Password = "PASSWORD";
inputVO.addressNumber = 13602;
inputVO.addressNumberSpecified = true;
outputVO = serverService.GetAddressFormat(inputVO);            

It's posting this

它发布了这个

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"     xmlns:orac="http://oracle.e1.bssv.JP550010/">   
<soapenv:Body>
    <orac:GetAddressFormat>         
         <addressNumber>13602</addressNumber>
   </orac:GetAddressFormat>
</soapenv:Body>

When I need it to post this (notice the security header)

当我需要它发布时(注意安全标题)

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:orac="http://oracle.e1.bssv.JP550010/">
<soapenv:Header>
    <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:env="http://schemas.xmlsoap.org/soap/envelope/" soapenv:mustUnderstand=">
    <wsse:UsernameToken>
        <wsse:Username>username</wsse:Username>   
        <wsse:Password>password</wsse:Password>  
    </wsse:UsernameToken>
    </wsse:Security>
</soapenv:Header>
<soapenv:Body>
    <orac:GetAddressFormat>
        <addressNumber>13602</addressNumber>
    </orac:GetAddressFormat>
</soapenv:Body>
</soapenv:Envelope>

How do I get .net to put the security info into the soap header?

如何让.net将安全信息放入soap标头?

Here is the closest I can find to a solution, but I can't find a way to set the security mode.

这是我能找到最接近解决方案的地方,但我找不到设置安全模式的方法。

http://weblog.west-wind.com/posts/2012/Nov/24/WCF-WSSecurity-and-WSE-Nonce-Authentication

Please help. I appreciate any help in advance.

请帮忙。我提前感谢任何帮助。

As requested here is the binding section of my app.conf there is no service section

这里要求的是我的app.conf的绑定部分没有服务部分

<system.serviceModel>
    <bindings>
        <basicHttpBinding>
            <binding name="MyWebServiceProxyPortBinding" />
        </basicHttpBinding>
    </bindings>
    <client>
        <endpoint address="http://MyWebServiceProxy"
            binding="basicHttpBinding" bindingConfiguration="MyWebServiceProxyPortBinding"
            contract="MyWebServiceProxyService.MyWebServiceProxy"
            name="MyWebServiceProxyPort" />
    </client>
</system.serviceModel>

SOLVED USING THIS LINK

使用此链接解决了问题

With C#, WCF SOAP consumer that uses WSSE plain text authentication?

使用C#,WCF SOAP使用者使用WSSE纯文本身份验证?

in code I did the following

在代码中我做了以下

var securityElement = SecurityBindingElement.CreateUserNameOverTransportBindingElement();
securityElement.AllowInsecureTransport = true;
securityElement.EnableUnsecuredResponse = true;
var encodingElement = new TextMessageEncodingBindingElement(MessageVersion.Soap11,   Encoding.UTF8);
var transportElement = new HttpTransportBindingElement();            
var binding = new CustomBinding(securityElement, encodingElement, transportElement);

ServiceReference1.MyWebServiceProxyClient client = new     ServiceReference1.MyWebServiceProxyClient();
ServiceReference1.getAddressFormatInput inputVO = new ServiceReference1.getAddressFormatInput();
ServiceReference1.getAddressFormatOutput outputVO = new     ServiceReference1.getAddressFormatOutput();

client.Endpoint.Binding = binding;
client.ClientCredentials.UserName.UserName = "username";
client.ClientCredentials.UserName.Password = "password";            
inputVO.addressNumber = 13602;
inputVO.addressNumberSpecified = true;
outputVO = client.GetAddressFormat(inputVO);

3 个解决方案

#1


0  

The Security settings are on the binding, which is typically set up in the XML Config file. See MSDN.

安全设置位于绑定上,通常在XML Config文件中设置。请参阅MSDN。

To set from code, use the MyServiceProxyClient(Binding, EndpointAddress) constructor.

要从代码设置,请使用MyServiceProxyClient(Binding,EndpointAddress)构造函数。

#2


0  

I believe you'll need to specify a security setting - the default for basicHttpBinding is None. Modify the <binding> part of your config file like this:

我相信你需要指定一个安全设置 - basicHttpBinding的默认设置是None。修改配置文件的 部分,如下所示:

<bindings>
    <basicHttpBinding>
        <binding name="MyWebServiceProxyPortBinding">
          <security mode="Message" clientCredentialType="UserName" />
        </binding>
    </basicHttpBinding>
</bindings>

#3


0  

SOLVED USING THIS LINK

使用此链接解决了问题

With C#, WCF SOAP consumer that uses WSSE plain text authentication?

使用C#,WCF SOAP使用者使用WSSE纯文本身份验证?

in code I did the following

在代码中我做了以下

var securityElement = SecurityBindingElement.CreateUserNameOverTransportBindingElement();
securityElement.AllowInsecureTransport = true;
securityElement.EnableUnsecuredResponse = true;
var encodingElement = new TextMessageEncodingBindingElement(MessageVersion.Soap11,   Encoding.UTF8);
var transportElement = new HttpTransportBindingElement();            
var binding = new CustomBinding(securityElement, encodingElement, transportElement);

ServiceReference1.MyWebServiceProxyClient client = new     ServiceReference1.MyWebServiceProxyClient();
ServiceReference1.getAddressFormatInput inputVO = new ServiceReference1.getAddressFormatInput();
ServiceReference1.getAddressFormatOutput outputVO = new     ServiceReference1.getAddressFormatOutput();

client.Endpoint.Binding = binding;
client.ClientCredentials.UserName.UserName = "username";
client.ClientCredentials.UserName.Password = "password";            
inputVO.addressNumber = 13602;
inputVO.addressNumberSpecified = true;
outputVO = client.GetAddressFormat(inputVO);

#1


0  

The Security settings are on the binding, which is typically set up in the XML Config file. See MSDN.

安全设置位于绑定上,通常在XML Config文件中设置。请参阅MSDN。

To set from code, use the MyServiceProxyClient(Binding, EndpointAddress) constructor.

要从代码设置,请使用MyServiceProxyClient(Binding,EndpointAddress)构造函数。

#2


0  

I believe you'll need to specify a security setting - the default for basicHttpBinding is None. Modify the <binding> part of your config file like this:

我相信你需要指定一个安全设置 - basicHttpBinding的默认设置是None。修改配置文件的 部分,如下所示:

<bindings>
    <basicHttpBinding>
        <binding name="MyWebServiceProxyPortBinding">
          <security mode="Message" clientCredentialType="UserName" />
        </binding>
    </basicHttpBinding>
</bindings>

#3


0  

SOLVED USING THIS LINK

使用此链接解决了问题

With C#, WCF SOAP consumer that uses WSSE plain text authentication?

使用C#,WCF SOAP使用者使用WSSE纯文本身份验证?

in code I did the following

在代码中我做了以下

var securityElement = SecurityBindingElement.CreateUserNameOverTransportBindingElement();
securityElement.AllowInsecureTransport = true;
securityElement.EnableUnsecuredResponse = true;
var encodingElement = new TextMessageEncodingBindingElement(MessageVersion.Soap11,   Encoding.UTF8);
var transportElement = new HttpTransportBindingElement();            
var binding = new CustomBinding(securityElement, encodingElement, transportElement);

ServiceReference1.MyWebServiceProxyClient client = new     ServiceReference1.MyWebServiceProxyClient();
ServiceReference1.getAddressFormatInput inputVO = new ServiceReference1.getAddressFormatInput();
ServiceReference1.getAddressFormatOutput outputVO = new     ServiceReference1.getAddressFormatOutput();

client.Endpoint.Binding = binding;
client.ClientCredentials.UserName.UserName = "username";
client.ClientCredentials.UserName.Password = "password";            
inputVO.addressNumber = 13602;
inputVO.addressNumberSpecified = true;
outputVO = client.GetAddressFormat(inputVO);