问题
This is how I'm currently (and successfully) connecting to a WCF web service in C#. I do not have any control over this web service as it's not developed by me, so I cannot change it. Here is the C# code I use:
WSHttpBinding binding = new WSHttpBinding();
binding.Security.Mode = SecurityMode.TransportWithMessageCredential;
binding.Security.Message.ClientCredentialType = MessageCredentialType.UserName;
binding.Security.Message.NegotiateServiceCredential = true;
binding.Security.Message.AlgorithmSuite = System.ServiceModel.Security.SecurityAlgorithmSuite.Default;
binding.Security.Message.EstablishSecurityContext = true;
EndpointAddress endpoint = new EndpointAddress("<address>");
fooClient client = new fooClient(binding, endpoint);
client.ClientCredentials.UserName.UserName = "the_username";
client.ClientCredentials.UserName.Password = "the_password";
//fooClient class came from running
// svcutil.exe https://<thedomain>/foo/foo.svc?wsdl
//I now work with fooClient, call methods on it, etc.
I want to connect to the web service without C# - by manually creating a SOAP envelope and doing a POST request on the endpoint. I tried doing a POST request that looks like this:
POST /foo/foo.svc HTTP/1.1
Content-Type: application/soap+xml; charset=utf-8
Host: <thedomain>
Connection: close
User-Agent: <my user agent>
Content-Length: 416
<?xml version="1.0" encoding="utf-8"?>
<soap12:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap12="http://www.w3.org/2003/05/soap-envelope">
<soap12:Body>
<someWebServiceFunction xmlns="http://<thedomain>/foo/foo">
<someParameter>some parameter value</someParameter>
</someWebServiceFunction>
</soap12:Body>
</soap12:Envelope>
But this does not work because the credentials are missing. (I get an error back: "BadContextToken", "The security context token is expired or is not valid. The message was not processed.")
My question is, how do I add credentials to my SOAP envelope / HTTP request? I tried doing plain HTTP Basic Auth (in the Authorization HTTP header), but this continues to give me the same "BadContextToken" error.
回答1:
There are two simple ways to trouble shoot your issue:
If you are using Visual Studio, in debug, send the request and intercept what is the detailed content in the request, and you can simulate it using plain HTTP POST.
If you can use SoapUI, you can target the service using SoapUI and send one working request, in the raw tab, you will see what's the accepted request with credentials.
来源:https://stackoverflow.com/questions/38039901/converting-a-wcf-svcutil-c-sharp-code-into-the-corresponding-soap-envelope-pos