个人中心
gpt4 book ai didi

java - 添加soap header 的C#代码 wsse :Security, wsse :BinarySecurityToken, ds :Signature, wsse :UsernameToken, wsu:Timestamp

转载 作者:太空宇宙 更新时间:2023-11-04 09:37:27 24 4
gpt4 key购买 nike

我们可以通过添加 key 存储、传出 WS-安全配置(时间戳、用户名和签名)以及用户 token 、时间戳主体的命名空间来从 SOAP UI 工具调用 Web 服务,然后应用传出 wss -> 应用“TimeStamp_Signed”。

但是如何在 C# 代码中执行这些操作(我们正在使用 Java Web 服务) 肥皂头:enter image description here

enter image description here我们使用自定义绑定(bind)选项来创建这些肥皂头,但是当我们在 IClientMessageInspector 中检查时 -> BeforeSendRequest 头尚未创建。

此处附有示例代码 public static bool AcceptAllCertificatePolicy(对象发送者,X509Certificate证书,X509Chain链,SslPolicyErrors sslPolicyErrors) { 返回真; }

    private static Binding GetCustomBinding()
    {
        var asbe = new AsymmetricSecurityBindingElement
        {
            MessageSecurityVersion = MessageSecurityVersion.WSSecurity11WSTrust13WSSecureConversation13WSSecurityPolicy12,
            InitiatorTokenParameters = new X509SecurityTokenParameters { InclusionMode = SecurityTokenInclusionMode.Never },
            RecipientTokenParameters = new X509SecurityTokenParameters { InclusionMode = SecurityTokenInclusionMode.Never },
            MessageProtectionOrder = System.ServiceModel.Security.MessageProtectionOrder.SignBeforeEncrypt,
            SecurityHeaderLayout = SecurityHeaderLayout.Strict,
            EnableUnsecuredResponse = true,
            IncludeTimestamp = true
        };

        asbe.SetKeyDerivation(false);
        asbe.AllowSerializedSigningTokenOnReply = true;

        asbe.DefaultAlgorithmSuite = System.ServiceModel.Security.SecurityAlgorithmSuite.Basic128Rsa15;
        asbe.EndpointSupportingTokenParameters.Signed.Add(new UserNameSecurityTokenParameters());
        asbe.EndpointSupportingTokenParameters.Signed.Add(new X509SecurityTokenParameters());

        var myBinding = new CustomBinding();

        myBinding.Elements.Add(asbe);

        myBinding.Elements.Add(new TextMessageEncodingBindingElement(MessageVersion.Soap11, Encoding.UTF8));

        var httpsBindingElement = new HttpsTransportBindingElement
        {
            RequireClientCertificate = true
        };

        myBinding.Elements.Add(httpsBindingElement);

        return myBinding;

    }

    private static Client GetCredentialingClient()
    {
        var customBinding = GetCustomBinding();

        var client = new Client
            (customBinding,
            new EndpointAddress(new Uri(_endpointAddress),
            new DnsEndpointIdentity(_dnsEndpointIdentity),
            new AddressHeaderCollection()));


        client.ClientCredentials.ServiceCertificate.Authentication.CertificateValidationMode =
            System.ServiceModel.Security.X509CertificateValidationMode.None;

        client.Endpoint.Contract.ProtectionLevel = ProtectionLevel.Sign;
        client.Endpoint.Behaviors.Add(new InspectorBehavior());


        SetClientCredentialsSecurity(client.ClientCredentials);

        Binding binding = client.Endpoint.Binding;
        BindingElementCollection elements = binding.CreateBindingElements();
        SecurityBindingElement security = elements.Find<SecurityBindingElement>();

        if (security != null)
        {
            X509SecurityTokenParameters tokenParameters = new X509SecurityTokenParameters();
            tokenParameters.InclusionMode = SecurityTokenInclusionMode.AlwaysToRecipient;
            tokenParameters.RequireDerivedKeys = false;
            security.EndpointSupportingTokenParameters.SignedEncrypted.Add(tokenParameters);
            client.Endpoint.Binding = new CustomBinding(elements.ToArray());
        }


            return client;
    }

    private static void SetClientCredentialsSecurity(ClientCredentials clientCredentials)
    {
        clientCredentials.ServiceCertificate.Authentication.CertificateValidationMode =
               System.ServiceModel.Security.X509CertificateValidationMode.None;
        clientCredentials.UserName.UserName = _userName;
        clientCredentials.UserName.Password = _password;
        clientCredentials.ServiceCertificate.DefaultCertificate = new X509Certificate2(_certificatePath, _certificatePassword);
        clientCredentials.ClientCertificate.Certificate = new X509Certificate2(_certificatePath,_certificatePassword);
    }

    static void Main(string[] args)
    {
        ServicePointManager.ServerCertificateValidationCallback = AcceptAllCertificatePolicy;

        using (var client = GetCredentialingClient())
        {
            client.Open();



            try
            {


            }
            catch (Exception ex)
            {
                Console.WriteLine(ex.Message);
            }

        }

        Console.ReadLine();
    }

请帮助我们在 C# 代码中创建这些肥皂头

谢谢

最佳答案

您可以尝试在 headers 节点下的 xml 中添加 header 。

<endpoint address="http://ws-wuxipc-5077:4000/calculator" binding="basicHttpBinding"
contract="ServiceInterface.ICalculatorService" name="cal">
<headers>
<Security xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
  <wsse:UsernameToken xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
    xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
    <wsse:Username>
    </wsse:Username>
    <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">monMonDePasse</wsse:Password>
    <wsse:Nonce>sdsdsdlojhfdsdM5Nw==</wsse:Nonce>
    <wsu:Created>2019-01-21T6:17:34Z</wsu:Created>
  </wsse:UsernameToken>
</Security>

或者您可以通过OperationContextScope 和XmlDocument 以编程方式添加 header 。

 using (ChannelFactory<ICalculatorService> ChannelFactory = new ChannelFactory<ICalculatorService>("cal"))
    {

        ICalculatorService employeeService = ChannelFactory.CreateChannel();
        using (OperationContextScope scope = new OperationContextScope((IContextChannel)employeeService))
        {

            System.Xml.XmlDocument document = new XmlDocument();


            XmlElement element = document.CreateElement("wsse", "UsernameToken", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd");


            XmlElement newChild = null;

            newChild = document.CreateElement("wsse", "Username", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd");
            newChild.InnerText = "finance";
            element.AppendChild(newChild);

            newChild = document.CreateElement("wsse", "password", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd");
            newChild.SetAttribute("Type", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest");
            newChild.InnerText = "387";
            element.AppendChild(newChild);

            MessageHeader messageHeader = MessageHeader.CreateHeader("security", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", element, false);


            OperationContext.Current.OutgoingMessageHeaders.Add(messageHeader);
            employeeService.Add(5, 6);
        }


        Console.Read();
    }

关于java - 添加soap header 的C#代码 wsse :Security, wsse :BinarySecurityToken, ds :Signature, wsse :UsernameToken, wsu:Timestamp,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/56339275/

24 4 0
文章推荐: python - 如何从 df.columns 中删除名称?
文章推荐: linux - SUID 在 Bash 中不起作用
文章推荐: python - 使用 pandas 在 python 中操作大文本文件的问题
文章推荐: javascript - 如何使用 Jquery 在同一个地方为不同的图像制作淡入和淡出?
太空宇宙
个人简介

我是一名优秀的程序员,十分优秀!

滴滴打车优惠券免费领取
滴滴打车优惠券
全站热门文章
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com