C# 如何为第三方web服务创建特定的SOAP头_C#_Web Services_Soap_Sts Securitytokenservice

C# 如何为第三方web服务创建特定的SOAP头

c# web-services soap

C# 如何为第三方web服务创建特定的SOAP头,c#,web-services,soap,sts-securitytokenservice,C#,Web Services,Soap,Sts Securitytokenservice,我正在尝试连接到第三方web服务。我试过用多种方法来做这件事，但都做不到。他们将java用于服务和客户端，并向我发送了正确的标题： <soapenv:Header> <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/0

我正在尝试连接到第三方web服务。我试过用多种方法来做这件事，但都做不到。他们将java用于服务和客户端，并向我发送了正确的标题：

<soapenv:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
    <ds:Signature Id="SIG-DF651A72BB4BD472F5149301750204095" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
        <ds:SignedInfo>
            <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
                <ec:InclusiveNamespaces PrefixList="doc soapenv web" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"/>
            </ds:CanonicalizationMethod>
            <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
            <ds:Reference URI="#id-DF651A72BB4BD472F5149301750203994">
                <ds:Transforms>
                    <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
                        <ec:InclusiveNamespaces PrefixList="doc web" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                    </ds:Transform>
                </ds:Transforms>
                <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
                <ds:DigestValue>iITj5pTonO3g052LVSnea1yZd0Q=</ds:DigestValue>
            </ds:Reference>
        </ds:SignedInfo>
        <ds:SignatureValue>DhsMfNnidlHk7QIRAWBrr44T6nMLLG00AN/1jnZSlV7pbrMZ3V/MrvW1S5hzQYGQXRH1U1bqzCw8wF2nGtizDtagWGR9UfBoq+wvFBktQy6f7B91DbN++q03a28i2iiSxiEOVWaCvZzCmwOOLdOIIvaD8c8YsJAIgzB+wGg1s6d14+0rk4zAEQrtu7hWvOtU3s6aKIMrX9JiP+1qVInI4RPWynZ9pIbB87vaZSMHsqkjexxKMBB7v5sZugDjl2gPsJeE4dbtC8pXrfZ4QhQ+HSsEYvMJ90J8zyoG2gLuOeCrcQDBe6RrdwpP20r2sTFMKpy2ADZnl1LkwbadvLvnQ==</ds:SignatureValue>
        <ds:KeyInfo Id="KI-DF651A72BB4BD472F5149301750203992">
            <wsse:SecurityTokenReference wsu:Id="STR-DF651A72BB4BD472F5149301750203993">
                <ds:X509Data>
                    <ds:X509IssuerSerial>
                        <ds:X509IssuerName>OU=yyy,O=xxx,C=ES</ds:X509IssuerName>
                        <ds:X509SerialNumber>a very long integer here</ds:X509SerialNumber>
                    </ds:X509IssuerSerial>
                </ds:X509Data>
            </wsse:SecurityTokenReference>
        </ds:KeyInfo>
    </ds:Signature>
</wsse:Security>
</soapenv:Header>


iITj5pTonO3g052LVSnea1yZd0Q=
2.中国政府在一份研究报告中提出了一个新的概念。一份研究报告中提出了一个新的概念。2）中国政府在一个研究中提出了一个新的概念。2）世界wwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwfwffwwfwfwwwwwwwwwwwwffffffwwwfffffffwfffffffffffffffffffffffffffffffffff8-fffffffffwfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff8。ADZNL1LKWBADVLVNQ==
OU=yyy，O=xxx，C=ES
这里有一个很长的整数

我尝试了不同的绑定，例如：

        <basicHttpBinding>
            <binding name="GInsideCertificateWSSoapBinding"  >
              <security mode="TransportWithMessageCredential"    >
                <message clientCredentialType="Certificate"  />
              </security>
            </binding>
         </basicHttpBinding>

      <customBinding>
        <binding name="CustomSoapBinding">
          <security includeTimestamp="true"
                    authenticationMode="CertificateOverTransport"
                    defaultAlgorithmSuite="Basic256"
                    requireDerivedKeys="false"
                    messageSecurityVersion="WSSecurity11WSTrust13WSSecureConversation13WSSecurityPolicy12BasicSecurityProfile10"
                    >
          </security>
          <textMessageEncoding messageVersion="Soap11"></textMessageEncoding>
          <httpsTransport maxReceivedMessageSize="2000000000"/>
        </binding>
      </customBinding>

还有这个：

        <basicHttpBinding>
            <binding name="GInsideCertificateWSSoapBinding"  >
              <security mode="TransportWithMessageCredential"    >
                <message clientCredentialType="Certificate"  />
              </security>
            </binding>
         </basicHttpBinding>

      <customBinding>
        <binding name="CustomSoapBinding">
          <security includeTimestamp="true"
                    authenticationMode="CertificateOverTransport"
                    defaultAlgorithmSuite="Basic256"
                    requireDerivedKeys="false"
                    messageSecurityVersion="WSSecurity11WSTrust13WSSecureConversation13WSSecurityPolicy12BasicSecurityProfile10"
                    >
          </security>
          <textMessageEncoding messageVersion="Soap11"></textMessageEncoding>
          <httpsTransport maxReceivedMessageSize="2000000000"/>
        </binding>
      </customBinding>

我还尝试了以下代码：

但是没有人能像他们发给我的那样生成标题。实现了什么样的安全性？他们告诉我BinarySecurityToken，但我无论如何都无法连接到该服务

有什么想法吗？

您需要先加载

X509Certificate2

，然后再打电话，如下所示：

X509Certificate2 certificat = null;
X509Store store = new X509Store("My", StoreLocation.LocalMachine);
store.Open(OpenFlags.ReadOnly | OpenFlags.OpenExistingOnly);
foreach (X509Certificate2 cert in store.Certificates) {
    // Retrouve le certificat par son nom commun (CN)
    if (cert.GetNameInfo(X509NameType.SimpleName, false) == nomCertificat) {
        certificat = cert;
        break; 
    }
}

但是提供C代码来查看更多细节。

我已经用这种方式完成了。我想要的是一个简单的BinarySecurityToken，就像上面的SOAP消息一样签名，但是生成的消息确实不同。问题不在于如何获取证书，而在于如何生成像上面那样的SOAP。然后你要检查这一页。它是关于如何创建自定义令牌的。它已经很老了（2003年），所以现在可能有一些扩展或nugget包可用。检查这个答案，这是相同的问题。或