WCF client binding to sign the body of a request to a Java web service?
I need to send a message from a WCF client to a Java Web Service that requires the body to be signed. There seems to be a lot of information on this subject, but I can\'t wo
-
I created a custom binding, and used a TransportSecurityBindingElement as the security binding element:
Dim tsec As TransportSecurityBindingElement = SecurityBindingElement.CreateCertificateOverTransportBindingElement() tsec.EnableUnsecuredResponse = True tsec.SetKeyDerivation(False) tsec.AllowInsecureTransport = True tsec.IncludeTimestamp = TrueNote: The timestamp is set to true by default. I want it set to false, but that throws an error.
With this configured, the message sent, but the only property in the request didn't serialise. To make this happen, I added the following to the member variable in Reference.vb:
<System.ServiceModel.MessageBodyMemberAttribute([Namespace]:="", [order]:=0)> _ Public String_1 As StringThis gives the following request, though I can't be sure if it is correct yet as the services response seems to cut the body off (see below request).
<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"> <s:Header> <o:Security s:mustUnderstand="1" xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"> <u:Timestamp u:Id="_0"> <u:Created>2013-12-04T10:53:13.568Z</u:Created> <u:Expires>2013-12-04T10:58:13.568Z</u:Expires> </u:Timestamp> <o:BinarySecurityToken u:Id="uuid-bc441202-6c02-4eb9-a176-02f2a61a6002-1" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3">MIICBjCCAW8CAwLm/jANBgkqhkiG9w0BAQUFADBAMRQwEgYDVQQDDAtGb3JkRXRpcyBDQTEbMBkGA1UECgwSRm9yZCBNb3RvciBDb21wYW55MQswCQYDVQQGEwJHQjAgFw0xMzA0MTYxMjQ0MThaGA8yMTEzMDQxNjEyNDQxOFowUzERMA8GA1UEAwwIREVVVEVTVDYxFDASBgNVBAsMC0ZTQSBTZXJ2aWNlMRswGQYDVQQKDBJGb3JkIE1vdG9yIENvbXBhbnkxCzAJBgNVBAYTAkdCMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC2r/plg8pUmc35Vajc1ji4koYIFgvb5LFUs4GFl/4R0eRspjNwJ7TW1B3sXyGd272l5oGyNazsGeAZQ88XDRbL5Q60HwrDaKuA/UvT7pKaQufwvIJUWmUwry0K72x7x4jQNWC1fR3XXzztlrjpf9MmOkbQE1GMdKonldiCu59YcwIDAQABMA0GCSqGSIb3DQEBBQUAA4GBAIdSHIsqKrUAlwbD7AMSQ1PfyIRP9pX94416ELpcr6h/+2RnYF40HcZO9/oU1VJIgCJREI+pRpR2DISDFAhALhqzxLTy4G45zcuKjaoKSi6UcaOfsqxuagEanga2CXsapHHB/DB84jLES6fGf79z09xYZ+82iEm5Kgm6eho2Bqgn</o:BinarySecurityToken> <Signature xmlns="http://www.w3.org/2000/09/xmldsig#"> <SignedInfo> <CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> <Reference URI="#_0"> <Transforms> <Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> </Transforms> <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> <DigestValue>ePSLYY5UDloSReYYUDe4g+QKONk=</DigestValue> </Reference> </SignedInfo> <SignatureValue>LJfvWJHgU0jvHp69Zw0ZqN+Y/rJw8wm7/AGKMYCvwfzx3nYLA0nGVprBFtM+LSDTlfeHY5/JpiJc2t/qvwS5oMpkmIJtnvnGx/JxZFMEZALj7JBRam5ZdLAnWH6P/A1QgiaKS9vCnVOBf79nMxvKTpgZq1VyYAlXhr7LVqO6pZg=</SignatureValue> <KeyInfo> <o:SecurityTokenReference><o:Reference URI="#uuid-bc441202-6c02-4eb9-a176-02f2a61a6002-1"/></o:SecurityTokenReference> </KeyInfo> </Signature> </o:Security> </s:Header> <s:Body xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema"> <list xmlns="http://hostdomain.com/services/fsa/1.0"> <String_1 xmlns="">[removed]</String_1> </list> </s:Body> </s:Envelope>Response (for some reason it isn't complete):
<s:Envelope xmlns:s='http://schemas.xmlsoap.org/soap/envelope/' xmlns:u='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd'> <s:Header> <o:Security s:mustUnderstand='1' xmlns:o='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd'> <u:Timestamp u:Id='_0'> <u:Created>2013-12-04T10:53:13.568Z</u:Created> <u:Expires>2013-12-04T10:58:13.568Z</u:Expires> </u:Timestamp> <o:BinarySecurityToken ValueType='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3' u:Id='uuid-bc441202-6c02-4eb9-a176-02f2a61a6002-1'>MIICBjCCAW8CAwLm/jANBgkqhkiG9w0BAQUFADBAMRQwEgYDVQQDDAtGb3JkRXRpcyBDQTEbMBkGA1UECgwSRm9yZCBNb3RvciBDb21wYW55MQswCQYDVQQGEwJHQjAgFw0xMzA0MTYxMjQ0MThaGA8yMTEzMDQxNjEyNDQxOFowUzERMA8GA1UEAwwIREVVVEVTVDYxFDASBgNVBAsMC0ZTQSBTZXJ2aWNlMRswGQYDVQQKDBJGb3JkIE1vdG9yIENvbXBhbnkxCzAJBgNVBAYTAkdCMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC2r/plg8pUmc35Vajc1ji4koYIFgvb5LFUs4GFl/4R0eRspjNwJ7TW1B3sXyGd272l5oGyNazsGeAZQ88XDRbL5Q60HwrDaKuA/UvT7pKaQufwvIJUWmUwry0K72x7x4jQNWC1fR3XXzztlrjpf9MmOkbQE1GMdKonldiCu59YcwIDAQABMA0GCSqGSIb3DQEBBQUAA4GBAIdSHIsqKrUAlwbD7AMSQ1PfyIRP9pX94416ELpcr6h/+2RnYF40HcZO9/oU1VJIgCJREI+pRpR2DISDFAhALhqzxLTy4G45zcuKjaoKSi6UcaOfsqxuagEanga2CXsapHHB/DB84jLES6fGf79z09xYZ+82iEm5Kgm6eho2Bqgn</o:BinarySecurityToken> <Signature xmlns='http://www.w3.org/2000/09/xmldsig#'> <SignedInfo> <CanonicalizationMethod Algorithm='http://www.w3.org/2001/10/xml-exc-c14n#'/> <SignatureMethod Algorithm='http://www.w3.org/2000/09/xmldsig#rsa-sha1'/> <Reference URI='#_0'> <Transforms> <Transform Algorithm='http://www.w3.org/2001/10/xml-exc-c14n#'/> </Transforms> <DigestMethod Algorithm='http://www.w3.org/2000/09/xmldsig#sha1'/> <DigestValue>ePSLYY5UDloSReYYUDe4g+QKONk=</DigestValue> </Reference> </SignedInfo> <SignatureValue>LJfvWJHgU0jvHp69Zw0ZqN+Y/rJw8wm7/AGKMYCvwfzx3nYLA0nGVprBFtM+LSDTlfeHY5/JpiJc2t/qvwS5oMpkmIJtnvnGx/JxZFMEZALj7JBRam5ZdLAnWH6P/A1QgiaKS9vCnVOBf79nMxvKTpgZq1VyYAlXhr7LVqO6pZg=</SignatureValue> <KeyInfo> <o:SecurityTokenReference xmlns:o='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd'> <o:Reference URI='#uuid-bc441202-6c02-4eb9-a176-02f2a61a6002-1' xmlns:o='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd'/> </o:SecurityTokenReference> </KeyInfo> </Signature> </o:Security> </s:Header> <s:Body xmlns:xsd='http://www.w3.org/2001/XMLSchema讨论(0)
加载中...
- 热议问题