gpt4 book ai didi

c# - 对于 C#,使用 WSSE 纯文本身份验证的 WCF SOAP 使用者?

转载 作者:太空狗 更新时间:2023-10-29 21:18:15 26 4
gpt4 key购买 nike

我有一个 WCF SOAP 使用者,它由 Visual Studio 2012 从 WSDL 实现。 WSDL 由 PeopleTools 生成。基础对象的类型为 System.ServiceModel.ClientBase

我需要 SOAP 请求类似于:

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:sch="http://xmlns.oracle.com/Enterprise/Tools/schemas">
<soapenv:Header>
<wsse:Security soap:mustUnderstand="1" xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:UsernameToken>
<wsse:Username>[plain text username goes here]</wsse:Username>
<wsse:Password>[plain text password goes here]</wsse:Password>
</wsse:UsernameToken>
</wsse:Security>
</soapenv:Header>
<soapenv:Body>
<sch:InputParameters>
<Last_Name>Aren</Last_Name>
<First_Name>Cambre</First_Name>
</sch:InputParameters>
</soapenv:Body>
</soapenv:Envelope>

这是我们能得到的最接近的:

<s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:a="http://www.w3.org/2005/08/addressing">
<s:Header>
<a:Action s:mustUnderstand="1">http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue</a:Action>
<a:MessageID>urn:uuid:3cc3f2ca-c647-466c-b38b-f2423462c837</a:MessageID>
<a:ReplyTo>
<a:Address>http://www.w3.org/2005/08/addressing/anonymous</a:Address>
</a:ReplyTo>
<a:To s:mustUnderstand="1">http://[internal URL to soap listener]</a:To>
</s:Header>
<s:Body>
<t:RequestSecurityToken Context="uuid-7db82975-2b22-4236-94a1-b3344a0bf04d-1" xmlns:t="http://schemas.xmlsoap.org/ws/2005/02/trust">
<t:TokenType>http://schemas.xmlsoap.org/ws/2005/02/sc/sct</t:TokenType>
<t:RequestType>http://schemas.xmlsoap.org/ws/2005/02/trust/Issue</t:RequestType>
<t:KeySize>256</t:KeySize>
<t:BinaryExchange ValueType=" http://schemas.xmlsoap.org/ws/2005/02/trust/tlsnego" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">FgMBAFoBAABWAwFQ9IhUFGUO6tCH+0baQ0n/3us//MMXzQA78Udm4xFj5gAAGAAvADUABQAKwBPAFMAJwAoAMgA4ABMABAEAABX/AQABAAAKAAYABAAXABgACwACAQA=</t:BinaryExchange>
</t:RequestSecurityToken>
</s:Body>
</s:Envelope>

你会注意到两个问题:

  • 没有纯文本 WSSE 凭证。传递服务不会使用的二进制形式的凭据。
  • 身份验证在 Body 中,而不是在 Header 中。
  • 请求省略了InputParameters

这是基本的 C# 代码:

var service = new ServiceWithBizarreNameFromPeoplesoft();

if (service.ClientCredentials == null)
throw new NullReferenceException();
service.ClientCredentials.UserName.UserName = "test";
service.ClientCredentials.UserName.Password = "password";

var binding = new WSHttpBinding(SecurityMode.TransportWithMessageCredential) {Security = new WSHttpSecurity()};
service.Endpoint.Binding = binding;

binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.None;
binding.Security.Message.ClientCredentialType = MessageCredentialType.UserName;
binding.Security.Mode = SecurityMode.Message;

var input = new InputParameters { Last_Name = "Cambre", First_Name = "Aren" };

var returnData = service.BizarrePeopleSoftNameForMethod(input);

没有 HTTP 层安全性,并且传输是 SSL 加密的。身份验证仅基于 SOAP 消息。

最佳答案

这是对 WS-SecureConversation token 的请求。它默认由 WSHttpSecurity 使用,除非您将其 EstablishSecurityContext 属性更改为 false。请改用此绑定(bind):

var binding = new BasicHttpBinding(BasicHttpSecurityMode.TransportWithMessageCredential);    
binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.None;
binding.Security.Message.ClientCredentialType = BasicHttpMessageCredentialType.UserName;

它将使用带有 UserName token 的 SOAP 1.1,并且需要 HTTPS 传输。

编辑:

要在没有 HTTPS 的情况下进行测试,请尝试使用此自定义绑定(bind):

var securityElement = SecurityBindingElement.CreateUserNameOverTransportBindingElement();
securityElement.AllowInsecureTransport = true;

var encodingElement = new TextMessageEncodingBindingElement(MessageVersion.Soap11, Encoding.UTF8);
var transportElement = new HttpTransportBindingElement();

var binding = new CustomBinding(securityElement, encodingElement, transportElement);

关于c# - 对于 C#,使用 WSSE 纯文本身份验证的 WCF SOAP 使用者?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/14327960/

26 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com