C# 带Java服务器的WSSE WCF客户端;找不到';System.IdentityModel.Tokens.UserNameSecurityToken';令牌类型。”;
我正在尝试与来自WCF的Java服务集成。服务器需要OASIS WSSE安全标头进行用户名+密码身份验证。传输安全性由服务器端的SSL提供(没有用于相互身份验证的客户端证书)。请求正在工作,但WCF在处理响应时失败 使用Fiddler2,我看到从服务器返回的有效响应没有任何问题,但看起来WCF阻塞了C# 带Java服务器的WSSE WCF客户端;找不到';System.IdentityModel.Tokens.UserNameSecurityToken';令牌类型。”;,c#,wcf,ws-security,C#,Wcf,Ws Security,我正在尝试与来自WCF的Java服务集成。服务器需要OASIS WSSE安全标头进行用户名+密码身份验证。传输安全性由服务器端的SSL提供(没有用于相互身份验证的客户端证书)。请求正在工作,但WCF在处理响应时失败 使用Fiddler2,我看到从服务器返回的有效响应没有任何问题,但看起来WCF阻塞了wsse:UsernameToken,这在服务器的响应中得到了响应 有没有办法忽略服务器响应中返回的令牌的客户端身份验证?我想我需要一个虚拟验证器,并以某种方式将其附加到客户机的响应处理中,但我不确定
wsse:UsernameToken
,这在服务器的响应中得到了响应
有没有办法忽略服务器响应中返回的令牌的客户端身份验证?我想我需要一个虚拟验证器,并以某种方式将其附加到客户机的响应处理中,但我不确定在何处连接到该逻辑
我不想使用WSE 3.0,所有的客户端设置都在代码中(没有外部程序集或配置文件)
代码
private static IEndPointClient NewProxy(string userName, string password)
{
//Basic SOAP over TLS/SSL with WSSE header for authentication
var baseBinding = new BasicHttpBinding(BasicHttpSecurityMode.TransportWithMessageCredential);
//Strip the TimeStamp element from the WSSE header - server does not expect it
var elements = baseBinding.CreateBindingElements();
var securityElem = elements.Find<SecurityBindingElement>();
securityElem.IncludeTimestamp = false;
var binding = new CustomBinding(elements);
var address = new EndpointAddress(UATSERVER);
var svc = new EndPointClient(binding, address);
svc.ClientCredentials.UserName.UserName = userName;
svc.ClientCredentials.UserName.Password = password;
}
您有两个选择:
谢谢,我使用了第二个选项和消息检查器。没有什么是容易的,但我希望这些类型的集成能够在WCF中开箱即用:(对我来说,构建XML和执行HTTP POST会更快。对于所有使用选项2的人来说):下面是一个链接,指向描述添加SOAP头的答案
Server stack trace:
at System.ServiceModel.Security.ReceiveSecurityHeader.ReadToken(XmlReader reader, SecurityTokenResolver tokenResolver, IList`1 allowedTokenAuthenticators, SecurityTokenAuthenticator& usedTokenAuthenticator)
at System.ServiceModel.Security.ReceiveSecurityHeader.ReadToken(XmlDictionaryReader reader, Int32 position, Byte[] decryptedBuffer, SecurityToken encryptionToken, String idInEncryptedForm, TimeSpan timeout)
at System.ServiceModel.Security.ReceiveSecurityHeader.ExecuteFullPass(XmlDictionaryReader reader)
at System.ServiceModel.Security.StrictModeSecurityHeaderElementInferenceEngine.ExecuteProcessingPasses(ReceiveSecurityHeader securityHeader, XmlDictionaryReader reader)
at System.ServiceModel.Security.ReceiveSecurityHeader.Process(TimeSpan timeout, ChannelBinding channelBinding, ExtendedProtectionPolicy extendedProtectionPolicy)
at System.ServiceModel.Security.TransportSecurityProtocol.VerifyIncomingMessageCore(Message& message, TimeSpan timeout)
at System.ServiceModel.Security.TransportSecurityProtocol.VerifyIncomingMessage(Message& message, TimeSpan timeout)
at System.ServiceModel.Security.SecurityProtocol.VerifyIncomingMessage(Message& message, TimeSpan timeout, SecurityProtocolCorrelationState[] correlationStates)
at System.ServiceModel.Channels.SecurityChannelFactory`1.SecurityRequestChannel.ProcessReply(Message reply, SecurityProtocolCorrelationState correlationState, TimeSpan timeout)
at System.ServiceModel.Channels.SecurityChannelFactory`1.SecurityRequestChannel.Request(Message message, TimeSpan timeout)
at System.ServiceModel.Dispatcher.RequestChannelBinder.Request(Message message, TimeSpan timeout)
at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)
at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs)
at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)
at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)