C# 将WCF配置为不在SOAP消息中签名头
我正在尝试使用.NET中带有wcf的Java SOAP服务。虽然我可以向Web服务发送请求并得到响应,但我的代码在每个响应中都会引发以下异常: System.ServiceModel.Security.MessageSecurityException:不安全或 从另一方收到的错误保护故障 在调查了这个问题之后,发现在我的配置中,de请求中的SOAP头和主体都经过了签名,但它们在响应中没有经过签名。似乎我应该告诉wcf不应该对标题进行签名,但我一直无法做到这一点。任何帮助都将不胜感激 以下是我使用的绑定:C# 将WCF配置为不在SOAP消息中签名头,c#,.net,wcf,soap,ws-security,C#,.net,Wcf,Soap,Ws Security,我正在尝试使用.NET中带有wcf的Java SOAP服务。虽然我可以向Web服务发送请求并得到响应,但我的代码在每个响应中都会引发以下异常: System.ServiceModel.Security.MessageSecurityException:不安全或 从另一方收到的错误保护故障 在调查了这个问题之后,发现在我的配置中,de请求中的SOAP头和主体都经过了签名,但它们在响应中没有经过签名。似乎我应该告诉wcf不应该对标题进行签名,但我一直无法做到这一点。任何帮助都将不胜感激 以下是我使用
var binding = new CustomBinding();
var initiator = new X509SecurityTokenParameters(X509KeyIdentifierClauseType.IssuerSerial, SecurityTokenInclusionMode.Never);
var recipient = new X509SecurityTokenParameters(X509KeyIdentifierClauseType.IssuerSerial, SecurityTokenInclusionMode.Never);
var securityBindingElement = new AsymmetricSecurityBindingElement(initiator, recipient);
securityBindingElement.IncludeTimestamp = false;
securityBindingElement.EnableUnsecuredResponse = true;
binding.Elements.Add(securityBindingElement);
var textMessageEncoding = new TextMessageEncodingBindingElement
{
MessageVersion = MessageVersion.Soap11WSAddressing10,
WriteEncoding = Encoding.UTF8
};
binding.Elements.Add(textMessageEncoding);
var transportBindingElement = new HttpsTransportBindingElement
{
UseDefaultWebProxy = true,
RequireClientCertificate = true
};
binding.Elements.Add(transportBindingElement);
return binding;
<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" xmlns:a="http://www.w3.org/2005/08/addressing" xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<s:Header>
<a:Action s:mustUnderstand="1" u:Id="_3">urn:etoegang:1.9:bsn-koppelregister:DeassociateBSNRequest</a:Action>
<a:MessageID u:Id="_4">urn:uuid:258bd34d-a1ed-42c8-8bf0-039256b55cb6</a:MessageID>
<ActivityId CorrelationId="8c6addd4-7cde-4afd-a112-0634180beabb" xmlns="http://schemas.microsoft.com/2004/09/ServiceModel/Diagnostics">067c1704-3428-4891-a0d8-54ca0960e356</ActivityId>
<a:ReplyTo u:Id="_5">
<a:Address>http://www.w3.org/2005/08/addressing/anonymous</a:Address>
</a:ReplyTo>
<a:To s:mustUnderstand="1" u:Id="_6">https://simulator.eherkenning.nl/kr-simulator-1.9/services/BSNKRAssociation</a:To>
<o:Security s:mustUnderstand="1" xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
<SignedInfo>
<CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<Reference URI="#_2">
<Transforms>
<Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<DigestValue>wA5kpZvDRk+cc5Y5QJa4/ZkbvnI=</DigestValue>
</Reference>
<Reference URI="#_3">
<Transforms>
<Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<DigestValue>AtLNdwQtOpB+939+mECbmToeIpI=</DigestValue>
</Reference>
<Reference URI="#_4">
<Transforms>
<Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<DigestValue>08OvHoskB2j9qq0IjG6oOG+yziw=</DigestValue>
</Reference>
<Reference URI="#_5">
<Transforms>
<Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<DigestValue>k69pykploFPkXhw5ogDHcjcJUI0=</DigestValue>
</Reference>
<Reference URI="#_6">
<Transforms>
<Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<DigestValue>DGryA9qhfi+NZyoILEH/V94d0ho=</DigestValue>
</Reference>
</SignedInfo>
<SignatureValue><!-- REMOVED ---></SignatureValue>
<KeyInfo>
<o:SecurityTokenReference>
<X509Data>
<X509IssuerSerial>
<X509IssuerName><!-- REMOVED ---></X509IssuerName>
<X509SerialNumber><!-- REMOVED ---></X509SerialNumber>
</X509IssuerSerial>
</X509Data>
</o:SecurityTokenReference>
</KeyInfo>
</Signature>
</o:Security>
</s:Header>
<s:Body u:Id="_2" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<!-- REMOVED -->
</s:Body>
urn:etoegang:1.9:bsn koppelregister:DeAssociateBSN请求
urn:uuid:258bd34d-a1ed-42c8-8bf0-039256b55cb6
067c1704-3428-4891-a0d8-54ca0960e356
http://www.w3.org/2005/08/addressing/anonymous
https://simulator.eherkenning.nl/kr-simulator-1.9/services/BSNKRAssociation
wA5kpZvDRk+cc5Y5QJa4/ZkbvnI=
AtLNdwQtOpB+939+mECbmToeIpI=
08OVHOSB2J9QQ0IJG6OOG+yziw=
K69PYKPLOFPKXHW5OGDHCJUI0=
DGryA9qhfi+NZyoILEH/V94d0ho=
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
<soap:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" soap:mustUnderstand="1">
<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#" Id="SIG-9f731bee-4c9d-4077-9be7-3ff5e2859d03">
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="soap"/>
</ds:CanonicalizationMethod>
<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
<ds:Reference URI="#id-1e140697-4c68-4117-90d6-daf8758ab99a">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList=""/>
</ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<ds:DigestValue>Uwk+AbgFqCSZT6M+4D3deIgwBeMi0EOOXN8bJTFWIG4=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue><!-- REMOVED --></ds:SignatureValue>
<ds:KeyInfo Id="KI-013c2040-dc4d-4ae9-bf6a-cbaa9f144e90">
<wsse:SecurityTokenReference wsu:Id="STR-4eb51680-c51f-4fa8-b33a-8a10531dd830">
<ds:X509Data>
<ds:X509IssuerSerial>
<ds:X509IssuerName><!-- REMOVED --></ds:X509IssuerName>
<ds:X509SerialNumber><!-- REMOVED --></ds:X509SerialNumber>
</ds:X509IssuerSerial>
</ds:X509Data>
</wsse:SecurityTokenReference>
</ds:KeyInfo>
</ds:Signature>
</wsse:Security>
<Action xmlns="http://www.w3.org/2005/08/addressing">urn:etoegang:1.9:bsn-koppelregister:BSNKR_Association_Port:BSNKR_DeassociateBSN:Fault:DeassociateBSNFault</Action>
<MessageID xmlns="http://www.w3.org/2005/08/addressing">urn:uuid:fdc4f1b4-9e35-459a-ad45-e05fb6fc83c8</MessageID>
<To xmlns="http://www.w3.org/2005/08/addressing">http://www.w3.org/2005/08/addressing/anonymous</To>
<RelatesTo xmlns="http://www.w3.org/2005/08/addressing">urn:uuid:258bd34d-a1ed-42c8-8bf0-039256b55cb6</RelatesTo>
</soap:Header>
<soap:Body xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="id-1e140697-4c68-4117-90d6-daf8758ab99a">
<!-- REMOVED -->
</soap:Body>
Uwk+AbgFqCSZT6M+4D3deIgwBeMi0EOOXN8bJTFWIG4=
urn:etoegang:1.9:bsn koppelregister:BSNKR_Association\u Port:BSNKR_DeassociateBSN:Fault:DeassociateBSNFault
urn:uuid:fdc4f1b4-9e35-459a-ad45-e05fb6fc83c8
http://www.w3.org/2005/08/addressing/anonymous
urn:uuid:258bd34d-a1ed-42c8-8bf0-039256b55cb6
我没有使用wcf,而是自己生成soap消息并实现特定于我需要的签名,从而解决了这个问题