C# 如何为WS-Security生成UsernameToken？_C#_.net_Web Services_Soap_Ws Security

C# 如何为WS-Security生成UsernameToken？

c# .net web-services soap

C# 如何为WS-Security生成UsernameToken？,c#,.net,web-services,soap,ws-security,C#,.net,Web Services,Soap,Ws Security,我有一些web服务（用Java编写），我需要在.NET中为它创建客户端。Web服务具有WS-Security，需要PasswordDigest。首先，我在SoapUI中测试了它，它适用于： POST http://192.168.100.101:8181/services/ws/SomeService HTTP/1.1 Accept-Encoding: gzip,deflate Content-Type: application/soap+xml;charset=UTF-8;action="s

我有一些web服务（用Java编写），我需要在.NET中为它创建客户端。Web服务具有WS-Security，需要PasswordDigest。首先，我在SoapUI中测试了它，它适用于：

POST http://192.168.100.101:8181/services/ws/SomeService HTTP/1.1
Accept-Encoding: gzip,deflate
Content-Type: application/soap+xml;charset=UTF-8;action="someMethod"
Content-Length: 971
Host: 192.168.100.101:8181
Connection: Keep-Alive
User-Agent: Apache-HttpClient/4.1.1 (java 1.5)

<soap:Envelope xmlns:not="http://existing-domain.com/op/integration/services" xmlns:soap="http://www.w3.org/2003/05/soap-envelope">
   <soap:Header>
    <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
        <wsse:UsernameToken wsu:Id="UsernameToken-2C1E2DE2B61EBB94E115572099598331">
            <wsse:Username>SOME_LOGIN</wsse:Username>
            <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">rcSb6Hd8btcI9g6JvO7dGdiTBTI=</wsse:Password>
            <wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">PCoVwJm9oEXtusx6gkMb7w==</wsse:Nonce>
            <wsu:Created>2019-05-07T06:19:19.824Z</wsu:Created>
        </wsse:UsernameToken>
    </wsse:Security>
   </soap:Header>
   <soap:Body>
      <not:someMethod/>
   </soap:Body>
</soap:Envelope>

有一些文章介绍了如何创建密码数字（Base64（SHA1（password+nonce+created））、nonce（Base64（RandomString））或created date，但我找不到什么是

wsu:Id=“UsernameToken-2c1e2db61ebb94e115572099598331”

以及如何创建它。上面我从UsernameToken获取xml的代码返回完整的部分，所以我决定使用它，但我注意到它附加了

wsu:Id=“SecurityToken-85707168-b5c6-47dc-93e9-45afa466fa2a”

（而不是

wsu:Id=“UsernameToken-2C1E2DE2DB61EBB94E115572099598331”

）。我可以更改名称并删除

字符，但没有任何更改，我仍然收到500个内部服务器错误消息“验证消息时遇到安全错误”

所以，我的问题是如何使用正确的
wsu:Id=“UsernameToken-xxxxxxxxxxxxx”
数据生成UsernameToken节？它是什么-只是随机字符串或基于用户名和密码创建的哈希？
明白了！我注意到从.NET客户端发送的SOAP在
Nonce
节点中没有属性
EncodingType
。代码稍作修改后：

UsernameToken t = new UsernameToken("SOME_LOGIN", "SOME_PASSWORD", PasswordOption.SendHashed); string usernameTokenSection = t.GetXml(new XmlDocument()).OuterXml.ToString().Replace("<wsse:Nonce", "<wsse:Nonce EncodingType=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary\"");

UsernameToken t=newusernametoken（“一些登录”、“一些密码”、PasswordOption.SendHashed）；字符串UsernameTokeSection=t.GetXml（新的XmlDocument（））.OuterXml.ToString（）.Replace（“ <soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope"> <soap:Body> <soap:Fault> <soap:Code> <soap:Value>soap:Sender</soap:Value> <soap:Subcode> <soap:Value xmlns:ns1="http://ws.apache.org/wss4j">ns1:SecurityError</soap:Value> </soap:Subcode> </soap:Code> <soap:Reason> <soap:Text xml:lang="en">A security error was encountered when verifying the message</soap:Text> </soap:Reason> </soap:Fault> </soap:Body> </soap:Envelope> UsernameToken t = new UsernameToken("SOME_LOGIN", "SOME_PASSWORD", PasswordOption.SendHashed); string usernameTokenSection = t.GetXml(new XmlDocument()).OuterXml.ToString(); UsernameToken t = new UsernameToken("SOME_LOGIN", "SOME_PASSWORD", PasswordOption.SendHashed); string usernameTokenSection = t.GetXml(new XmlDocument()).OuterXml.ToString().Replace("<wsse:Nonce", "<wsse:Nonce EncodingType=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary\""); public static void Execute() { UsernameToken usernameTokenSection = new UsernameToken("SOME_LOGIN", "SOME_PASSWORD", PasswordOption.SendHashed); HttpWebRequest request = CreateWebRequest(); XmlDocument soapEnvelopeXml = new XmlDocument(); soapEnvelopeXml.LoadXml(@"<soap:Envelope xmlns:not=""http://existing-domain.com/op/integration/services"" xmlns:soap=""http://www.w3.org/2003/05/soap-envelope"">" + "<soap:Header>" + @"<wsse:Security xmlns:wsse=""http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"" xmlns:wsu=""http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"">"+ usernameTokenSection.GetXml(new XmlDocument()).OuterXml.ToString().Replace("<wsse:Nonce", "<wsse:Nonce EncodingType=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary\"") + "</wsse:Security>" + "</soap:Header>"+ "<soap:Body>"+ "<not:someMethod/>"+ "</soap:Body>"+ "</soap:Envelope>"); using (Stream stream = request.GetRequestStream()) { soapEnvelopeXml.Save(stream); } using (WebResponse response = request.GetResponse()) { using (StreamReader rd = new StreamReader(response.GetResponseStream())) { string soapResult = rd.ReadToEnd(); Console.WriteLine(soapResult); } } } public static HttpWebRequest CreateWebRequest() { HttpWebRequest webRequest = (HttpWebRequest)WebRequest.Create(@"http://192.168.100.101:8181/services/ws/SomeService"); webRequest.Method = "POST"; webRequest.Headers.Add("Accept-Encoding:gzip,deflate"); webRequest.ContentType = "application/soap+xml;charset=UTF-8;action=\"someMethod\""; //NOTE: below it's not necessary //webRequest.Host = "192.168.100.101:8181"; //webRequest.KeepAlive = true; //webRequest.UserAgent = "Apache-HttpClient/4.1.1 (java 1.5)"; return webRequest; } static void Main(string[] args) { try { Execute(); } catch (Exception ex) { Console.WriteLine(ex.Message); } finally { Console.ReadLine(); } }