编程语言
首页 > 编程语言> > c#-soap ws security http中的用户名令牌

c#-soap ws security http中的用户名令牌

作者:互联网

这是我试图生成的第一部分肥皂头

 <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:mhs="http://org/emedny/mhs/" xmlns:urn="urn:hl7-org:v3">
<soapenv:Header>
<wsse:Security soap:mustUnderstand="1" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:BinarySecurityToken ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="SecurityToken-e00c8062-83d2-4f04-88fc-996218e7bb3d">MIICeDCC....(eMedNY signed user MLS cert).......</wsse:BinarySecurityToken>
<wsse:BinarySecurityToken ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="SecurityToken-c0cc2cd4-cb77-4fa5-abfa-bd485afd1685">MIIDFj.....( eMedNY MLS web-service end-point public cert)........</wsse:BinarySecurityToken>
<wsse:UsernameToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="SecurityToken-970e9a80-00cc-4c86-8ec4-3ba16e029a5b">
<wsse:Username>....your_username.....</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">.....your_plaintext_password....</wsse:Password>
<wsse:Nonce>KNyu6MsXCkTg4DDyvwvEiw==</wsse:Nonce>
<wsu:Created>2010-09-15T18:00:30Z</wsu:Created>
</wsse:UsernameToken>
<xenc:EncryptedKey xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
<xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/>
<KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
<wsse:SecurityTokenReference>
<wsse:Reference URI="#SecurityToken-c0cc2cd4-cb77-4fa5-abfa-bd485afd1685" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"/>
</wsse:SecurityTokenReference>

尽管我有wsdl,但这是我在C#中创建自定义绑定的代码.我不确定如何使用wsdl创建soap标头.我知道如何使用它来调用某些操作.我使用svcutil生成代理.让我知道是否有人想看wsdl
另外,我相信我的webconfig不需要任何绑定配置.因为我正在设置所有绑定,所以代码中的端点

       protected void Button2_Click(object sender, EventArgs e)
        {
        var b = new CustomBinding();
        var sec = (AsymmetricSecurityBindingElement)SecurityBindingElement.CreateMutualCertificateBindingElement(MessageSecurityVersion.WSSecurity10WSTrust13WSSecureConversation13WSSecurityPolicy12BasicSecurityProfile10);

            UserNameSecurityTokenParameters tokenParameters = new
              UserNameSecurityTokenParameters();
            tokenParameters.InclusionMode =
              SecurityTokenInclusionMode.AlwaysToRecipient;
            tokenParameters.RequireDerivedKeys = false;
            sec.EndpointSupportingTokenParameters.SignedEncrypted.Add(
              tokenParameters);
        //b.Elements.Add(security);
   //     sec.EndpointSupportingTokenParameters.Signed.Add(new UserNameSecurityTokenParameters());
        sec.MessageSecurityVersion =
            MessageSecurityVersion.
                WSSecurity10WSTrust13WSSecureConversation13WSSecurityPolicy12BasicSecurityProfile10;
        sec.IncludeTimestamp = true;
        sec.MessageProtectionOrder = System.ServiceModel.Security.MessageProtectionOrder.EncryptBeforeSign;

        b.Elements.Add(sec);
        b.Elements.Add(new TextMessageEncodingBindingElement(MessageVersion.Soap11, Encoding.UTF8));
        b.Elements.Add(new HttpTransportBindingElement());


        //AddressHeader addressHeader1 = AddressHeader.CreateAddressHeader("wsse", "http://12.23.28.113:9047/MHService", 1);
        AddressHeader[] addressHeaders = null;
        EndpointAddress endptAddress = new EndpointAddress(new Uri("http://12.23.28.113:9047/MHService"), EndpointIdentity.CreateDnsIdentity("DPMedsHistory"), addressHeaders);

        MHSClient serviceProxy = new MHSClient(b, endptAddress);
        serviceProxy.ClientCredentials.UserName.UserName = "sss";
        serviceProxy.ClientCredentials.UserName.Password = "fff";
        serviceProxy.ClientCredentials.ClientCertificate.SetCertificate(StoreLocation.CurrentUser, StoreName.My, X509FindType.FindBySubjectName, "sss");
        serviceProxy.ClientCredentials.ServiceCertificate.SetDefaultCertificate(StoreLocation.CurrentUser, StoreName.My, X509FindType.FindBySubjectName, "dsfdsa");

            byte[] array = Encoding.ASCII.GetBytes("Hi");
        Transaction t = new Transaction();
        t.transData = array;
        serviceProxy.getEligibility(t);

    }

这是我根据提琴手生成的请求

<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<s:Header><VsDebuggerCausalityData xmlns="http://schemas.microsoft.com/vstudio/diagnostics/servicemodelsink">VsDebuggerCausalityData>
<o:Security s:mustUnderstand="1" xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<u:Timestamp u:Id="uuid-c243958e-b070-4ac7-b497-9f668427eeb9-2"><u:Created>2013-05-08T17:03:14.129Z</u:Created><u:Expires>2013-05-08T17:08:14.129Z</u:Expires>
</u:Timestamp>
<o:BinarySecurityToken u:Id="uuid-2e5edef4-96b6-4747-83ad-f8b5a34d1ada-6" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" 
EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">l81/yYTa2h</e:CipherValue></e:CipherData></e:EncryptedData></s:Body></s:Envelope>

问题:为什么不生成用户名令牌
2)如何获得这些wsse标头.我的外部服务网址使用http

解决方法:

好吧,我得到了这个随机数,可以使用这些链接进行工作
WCF: Adding Nonce to UsernameToken

http://blogs.msdn.com/b/aszego/archive/2010/06/24/usernametoken-profile-vs-wcf.aspx
 http://www.west-wind.com/weblog/posts/2012/Nov/24/WCF-WSSecurity-and-WSE-Nonce-Authentication

感谢Yaron Naveh

标签:ws-security,c,soap
来源: https://codeday.me/bug/20191123/2066761.html