ws-security | 易学教程

ONVIF Authentication in .NET 4.0 with Visual Studios 2010

阅读更多关于 ONVIF Authentication in .NET 4.0 with Visual Studios 2010

My task is to try to establish a communication with a ONVIF camera in the building to, eventually, upgrade the company's domotic solution to automatically recognize ONVIF cameras and to be able to set them up and to use their services. I am already able to gather some basic informations like its model, its MAC address and its firmware version this way: EndpointAddress endPointAddress = new EndpointAddress("<mycameraurl:<mycameraport>/onvif/device_service"); CustomBinding bind = new CustomBinding("DeviceBinding"); DeviceClient temp = new DeviceClient(bind, endPointAddress); String[] arrayString

Adding ws-security to wsdl2java generated classes

阅读更多关于 Adding ws-security to wsdl2java generated classes

问题 I generated a bunch of client classes from a WSDL with CXF's wsdl2java. How do I add WS-Security to the header when doing something like this: URL url = new URL("http://fqdn:8080/service/MessageHandler"); MessageHandlerService service = new MessageHandlerService(url); MessageHandler handler = service.getMessageHandler(); MyMessage message = new MyMessage(); message.setSender("User 1"); handler.sendMessage(message); I think handler is a javax.xml.ws.Service instance. 回答1: Usually it's done

Remove timestamp element from ws-security headers created by WCF

阅读更多关于 Remove timestamp element from ws-security headers created by WCF

问题 I am consuming an old Java web service from WCF that requires the request in the form: <s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/"> <s:Header> <wsse:Security mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss- wssecurity-secext-1.0.xsd"> <wsse:UsernameToken wsu:Id="xxx" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-ssecurity-utility-1.0.xsd"> <wsse:Username>username</wsse:Username> <wsse:Password Type="http://docs

how to implement ws-security 1.1 in php5

阅读更多关于 how to implement ws-security 1.1 in php5

I'm trying to call a webservice with Soap in PHP5, for this, I need to use WS-Security 1.1. (In java and .NET this is all generated automatically.) Are there any frameworks available to generate the security headers easily in PHP? Or do I have to add the entire header myself ? Specifications of WS-Security 1.1: http://oasis-open.org/committees/download.php/16790/wss-1.1-spec-os-SOAPMessageSecurity.pdf On PHP Classes , Roger Veciana i Rovira submitted this (I just reformatted the code): class WSSoapClient extends SoapClient { private $username; private $password; /*Generates de WSSecurity

JAX-WS - Adding SOAP Headers

阅读更多关于 JAX-WS - Adding SOAP Headers

I am trying to create a standalone client to consume some web services. I must add my username and password to the SOAP Header. I tried adding the credentials as follows: OTSWebSvcsService service = new OTSWebSvcsService(); OTSWebSvcs port = service.getOTSWebSvcs(); BindingProvider prov = (BindingProvider)port; prov.getRequestContext().put(BindingProvider.USERNAME_PROPERTY, "myusername"); prov.getRequestContext().put(BindingProvider.PASSWORD_PROPERTY, "mypassword"); ... When I call a method on the service I get the following exception: com.ibm.wsspi.wssecurity.SoapSecurityException: WSEC5048E:

With C#, WCF SOAP consumer that uses WSSE plain text authentication?

阅读更多关于 With C#, WCF SOAP consumer that uses WSSE plain text authentication?

问题 I have a WCF SOAP consumer that is implemented by Visual Studio 2012 from a WSDL. The WSDL was generated by PeopleTools. The base object is of type System.ServiceModel.ClientBase . I need the SOAP request to resemble: <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:sch="http://xmlns.oracle.com/Enterprise/Tools/schemas"> <soapenv:Header> <wsse:Security soap:mustUnderstand="1" xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:wsse="http://docs.oasis-open

Does WCF support WS-Security with SOAP 1.1?

阅读更多关于 Does WCF support WS-Security with SOAP 1.1?

I need to call some 3rd Web services that require WS-Security. I created a WCF endpoint with the following configuration: <system.serviceModel> <bindings> <wsHttpBinding> <binding name="TestBinding"> <security mode="TransportWithMessageCredential"> <message clientCredentialType="Certificate" /> </security> </binding> </wsHttpBinding> </bindings> <behaviors> <endpointBehaviors> <behavior name="TestBehavior"> <callbackDebug includeExceptionDetailInFaults="true" /> <clientCredentials> <clientCertificate findValue="Acme" storeLocation="CurrentUser" storeName="My" x509FindType="FindBySubjectName" /

Can not get key from KeyStore

阅读更多关于 Can not get key from KeyStore

问题 I try to get Key from KeyStore. I created a keystore by Keytool: keytool -genkeypair -dname "cn=Mark Jones, ou=JavaSoft, o=Sun, c=US" -alias business2 -keypass abcdtest -keystore C:\workspace\XMLSample\keystore\mykeystore.jks -storepass 123456 And the following is GenerateXML.java import java.io.FileInputStream; import java.security.KeyStore; import java.security.cert.X509Certificate; import javax.xml.crypto.dsig.XMLSignContext; import javax.xml.crypto.dsig.XMLSignatureFactory; import javax

How to make WCF Client conform to specific WS-Security - sign UsernameToken and SecurityTokenReference

阅读更多关于 How to make WCF Client conform to specific WS-Security - sign UsernameToken and SecurityTokenReference

问题 I need to create a wcf client to call a service that I have no control over. I have been given a wsdl and a working soapui project. The service uses both a username/password and a x509 certificate. UPDATE I now understand what the problem is, but am still unsure what steps I need to take to be able to create the required message, so any help would be much appreciated. I need to sign both the UsernameToken and the SecurityTokenReference. The code I had to create the custom binding has been

User/Pass Authentication using RESTful WCF & Windows Forms

阅读更多关于 User/Pass Authentication using RESTful WCF & Windows Forms

问题 What is the best approach to implementing authorisation/authentication for a Windows Forms app talking to an IIS-hosted RESTful WCF Service? The reason I ask is I am very confused, after sifting through different articles and posts expressing a different method and eventually hitting a ~650 page document on WCF Security Best Practices" (http://www.codeplex.com/WCFSecurityGuide) I am just uncertain which approach is the BEST to take and how to get started on implementation, given my scenario.