Fatal编程技术网
  • csharp/
  • C# Wcf服务服务器-使用usernametoken进行身份验证

C# Wcf服务服务器-使用usernametoken进行身份验证

c# wcf soap

C# Wcf服务服务器-使用usernametoken进行身份验证,c#,wcf,soap,wcf-security,C#,Wcf,Soap,Wcf Security,我们正在尝试从给定的演示wsdl创建服务器。Wsdl不包含安全性,但我们需要实现usernametoken,其中请求头如下所示: <soap:Header> <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/20

我们正在尝试从给定的演示wsdl创建服务器。Wsdl不包含安全性,但我们需要实现usernametoken,其中请求头如下所示:

<soap:Header>
        <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:env="http://www.w3.org/2003/05/soap-envelope" env:mustUnderstand="true">
            <wsse:UsernameToken wsu:Id="UsernameToken-7dd435a5-b8bb-4388-bba3-f77512a14351">
                <wsse:Username>CES</wsse:Username>
                <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">e8I23Z92JGgSREAb=</wsse:Password>
                <wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">v21JzUcrKZiZ7MC==</wsse:Nonce>
                <wsu:Created>2017-10-13T13:00:02.221Z</wsu:Created>
            </wsse:UsernameToken>
            <wsse:SecurityTokenReference>
                <wsse:Embedded wsse:ValueType="http://www.asktirweb.org/security/authentication/username" wsu:Id="alex"/>
            </wsse:SecurityTokenReference>
        </wsse:Security>
        <Action xmlns="http://www.w3.org/2005/08/addressing">http://www.asktirweb.org/services/TIRAccountingService-1/sendInvoice</Action>
        <MessageID xmlns="http://www.w3.org/2005/08/addressing">urn:uuid:321a0dff-61a8-4eae-8934-7f06e8d87648</MessageID>
        <To xmlns="http://www.w3.org/2005/08/addressing">http://wiesbaden:8040/askdemo/hs/AskTirWebDemo/WsSecurityRequests</To>
        <ReplyTo xmlns="http://www.w3.org/2005/08/addressing">
            <Address>http://www.w3.org/2005/08/addressing/anonymous</Address>
        </ReplyTo>
    </soap:Header>


消费电子
e8I23Z92JGgSREAb=
V21JZUCRKZ7MC==
2017-10-13T13:00:02.221Z
http://www.asktirweb.org/services/TIRAccountingService-1/sendInvoice
urn:uuid:321a0dff-61a8-4eae-8934-7f06e8d87648
http://wiesbaden:8040/askdemo/hs/AskTirWebDemo/WsSecurityRequests
http://www.w3.org/2005/08/addressing/anonymous
有什么建议吗

请尝试下面的自定义绑定,它可能对您有用

<customBinding>
   <binding name="mybinding">
     <textMessageEncoding messageVersion="Soap12WSAddressing10">
     </textMessageEncoding>
     <security authenticationMode="UserNameOverTransport" includeTimestamp="false" >
     </security>
     <httpsTransport></httpsTransport>
   </binding>
 </customBinding>
以及Fiddle捕获的请求主体。

此外,我们可以使用WSDL文件生成包含基本绑定类型和安全身份验证模式的客户端配置吗?喜欢下面的工具。

默认情况下,它是VS Developer命令提示中的内置工具

svcutil

它将在当前目录中生成output.config,其中包含要在WCF中使用的绑定配置。
如果有什么我能帮忙的,请随时告诉我