在 WCF 代理中实现 Ws 安全
我已将基于轴的 wsdl 导入到 VS 2008 项目中作为服务参考。
我需要能够传递安全详细信息(例如用户名/密码和随机数值)来调用基于轴的服务。
我已经考虑过为 wse 做这件事,我知道世界讨厌它(那里没有问题)
我对 WCF 的经验很少,但现在已经研究如何物理调用端点,感谢 SO,但不知道如何设置如下图所示,打开 SoapHeaders:
<S:Envelope
xmlns:S="http://www.w3.org/2001/12/soap-envelope"
xmlns:ws="http://schemas.xmlsoap.org/ws/2002/04/secext">
<S:Header>
<ws:Security>
<ws:UsernameToken>
<ws:Username>aarons</ws:Username>
<ws:Password>snoraa</ws:Password>
</ws:UsernameToken>
</wsse:Security>
•••
</S:Header>
•••
</S:Envelope>
非常感谢任何帮助,
谢谢,马克
I have imported an axis based wsdl into a VS 2008 project as a service reference.
I need to be able to pass security details such as username/password and nonce values to call the axis based service.
I have looked into doing it for wse, which i understand the world hates (no issues there)
I have very little experience of WCF, but have worked how to physically call the endpoint now, thanks to SO, but have no idea how to set up the SoapHeaders as the schema below shows:
<S:Envelope
xmlns:S="http://www.w3.org/2001/12/soap-envelope"
xmlns:ws="http://schemas.xmlsoap.org/ws/2002/04/secext">
<S:Header>
<ws:Security>
<ws:UsernameToken>
<ws:Username>aarons</ws:Username>
<ws:Password>snoraa</ws:Password>
</ws:UsernameToken>
</wsse:Security>
•••
</S:Header>
•••
</S:Envelope>
Any help much appreciated
Thanks, Mark
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
为了调用这些类型的服务,您通常会使用
basicHttpBinding(即不带 WS-* 实现的 SOAP 1.1)或wsHttpBinding(SOAP 1.2,带 WS-* 实现)实施)。主要问题是确保所有安全参数正确。我有一个类似的 Web 服务(基于 Java),我需要调用 - 这是我的设置和代码:
app./web.config
,然后在调用该服务时在您的客户端代码中,您需要这个代码片段:
这有帮助吗?
In order to call these kind of services, you will typically use either
basicHttpBinding(that's SOAP 1.1 without WS-* implementations) or thenwsHttpBinding(SOAP 1.2, with WS-* implementations).The main issue will be getting all the security parameters right. I have a similar web service (Java-based) that I need to call - here's my settings and code:
app./web.config
and then in your client's code when calling the service, you need this snippet of code:
Does that help at all?
WCF 客户端代理不支持密码摘要选项。执行此操作的唯一方法是自己构建 UsernameToken,然后在发送消息之前将其注入到 SOAP 标头中。
我有一个类似的问题,描述为这里,这应该足以帮助您解决同样的问题。
我最终使用旧的 WSE3.0 库作为 UsernameToken,而不是自己编码哈希算法,然后使用自定义行为来更改 SOAP 标头。
The WCF client proxy doesn't support the password digest option. The only way to do this is to build the UsernameToken yourself and then inject it into the SOAP headers before the message is sent.
I had a similar problem which is described here, which should be enough to help you solve your same issue.
I ended up using the old WSE3.0 library for the UsernameToken, rather than coding the hashing algorithm myself and then using a custom behavior to alter the SOAP headers.