c# – WebServicesClientProtocol在安全标头中将EncodingType添

发布时间：2020-12-15 21:05:03 所属栏目：百科来源：网络整理

导读：类似的问题： How do I add an EncodingType attribute to the Nonce element of a UsernameToken in WSE 3.0 (.NET) 我正在尝试修改由WebServicesClientProtocol发送到服务的标头. 遗憾的是,Microsoft的WSSE用户名和令牌安全规范1.1的实现与标准不兼容,并且

类似的问题： How do I add an EncodingType attribute to the Nonce element of a UsernameToken in WSE 3.0 (.NET)

我正在尝试修改由WebServicesClientProtocol发送到服务的标头.
遗憾的是,Microsoft的WSSE用户名和令牌安全规范1.1的实现与标准不兼容,并且没有使用Nonce发送EncodingType.

在类似的问题我已经链接在顶部解决方案是禁用服务器上的EncodingType验证,但我无法修改任何东西.

我已将WSDL导入为Web Reference,我已将基类更改为WebServicesClientProtocol

然后在我的代码里面我这样做：

var client = new QueryClient();

SoapContext requestContext = client.RequestSoapContext;
requestContext.Security.Timestamp.TtlInSeconds = 60;
var userToken = new UsernameToken(_userName,_password,PasswordOption.SendHashed);
requestContext.Security.Tokens.Add(userToken);
X509SecurityToken signatureToken = GetSecurityToken();
requestContext.Security.Tokens.Add(signatureToken);
MessageSignature sig = new MessageSignature(signatureToken);
requestContext.Security.Elements.Add(sig);
client.SetClientCredential(signatureToken);
client.SetClientCredential(new UsernameToken(_userName,PasswordOption.SendHashed));

这创建了几乎理想的请求,但Nonce没有EncodingType：

<wsse:UsernameToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="SecurityToken-096b3d09-bc08-4d9b-a561-c5c793dd7197">
    <wsse:Username>ws_test_user</wsse:Username>
    <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">XrFybEBGGqAIp2ybV6BbAdGa01U=</wsse:Password>
    <wsse:Nonce>gXsJgA6vV/HwY4pew9pi9Q==</wsse:Nonce>
    <wsu:Created>2017-02-03T12:17:57Z</wsu:Created>
</wsse:UsernameToken>

Nonce必须具有以下属性：EncodingType =“http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary”

如何添加此属性？我想避免手动创建请求,因为我必须指定Username,Password,BinarySecurityToken和Signature. Microsoft.Web.Services3正在为我创建所有必需的元素,缺少的一件事就是属性.

编辑：

这是我正在尝试创建的请求：

<soap:Envelope xmlns:dz="http://dom.query.api.com" xmlns:soap="http://www.w3.org/2003/05/soap-envelope" xmlns:xsd="http://dz.api.swd.zbp.pl/xsd">
    <soap:Header>
        <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
            <wsse:UsernameToken wsu:Id="UsernameToken-E94CEB6F4708FB7C23148611494797612">
                <wsse:Username>my_login</wsse:Username>
                <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">XqEwZ/CxaBfFvh487TjvN8qD63c=</wsse:Password>
                <wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">JzURe0CxvzRjmEcH/ndldw==</wsse:Nonce>
                <wsu:Created>2017-02-09T09:42:27.976Z</wsu:Created>
            </wsse:UsernameToken>
            <wsse:BinarySecurityToken EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509PKIPathv1" wsu:Id="X509-E94CEB6F4708FB7C2314861149479517">MIIKnDCCB.........nmIngeg6d6TNI=</wsse:BinarySecurityToken>
            <ds:Signature Id="SIG-E94CEB6F4708FB7C23148611494795311" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <ds:SignedInfo>
                    <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
                        <ec:InclusiveNamespaces PrefixList="dz soap xsd" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                    </ds:CanonicalizationMethod>
                    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
                    <ds:Reference URI="#id-E94CEB6F4708FB7C23148611494795310">
                        <ds:Transforms>
                            <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
                                <ec:InclusiveNamespaces PrefixList="dz xsd" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                            </ds:Transform>
                        </ds:Transforms>
                        <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
                        <ds:DigestValue>mlABQuNUFOmLqsDswxXxQ6XnjpQ=</ds:DigestValue>
                    </ds:Reference>
                </ds:SignedInfo>
                <ds:SignatureValue>lYhBHSQ/L...XL1HEbMQjJ/Q2Rvg==</ds:SignatureValue>
                <ds:KeyInfo Id="KI-E94CEB6F4708FB7C2314861149479518">
                    <wsse:SecurityTokenReference wsse11:TokenType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509PKIPathv1" wsu:Id="STR-E94CEB6F4708FB7C2314861149479519" xmlns:wsse11="http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd">
                        <wsse:Reference URI="#X509-E94CEB6F4708FB7C2314861149479517" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509PKIPathv1"/>
                    </wsse:SecurityTokenReference>
                </ds:KeyInfo>
            </ds:Signature>
        </wsse:Security>
    </soap:Header>
    <soap:Body wsu:Id="id-E94CEB6F4708FB7C23148611494795310" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
        <dz:query>
            <dz:param>
                <xsd:userQueryId>27467</xsd:userQueryId>
            </dz:param>
        </dz:query>
    </soap:Body>
</soap:Envelope>

我已将我的请求发送给服务创建者,他确认我需要的是Nonce中的EncodingType属性

解决方法

EncodingType标志符合WSSE用户名和令牌安全规范1.1,这是此Java Web服务正在使用的Apache CXF框架版本所需的规范. .NET不符合该规范.幸运的是,CXF中有一面旗帜可以关闭这个要求.我们做到了,现在能够沟通.

（编辑：李大同）

【声明】本站内容均来自网络，其相关言论仅代表作者个人观点，不代表本站立场。若无意侵犯到您的权利，请及时与联系站长删除相关内容!