无法从“SignatureConfirmation”读取令牌元素..(Java-WCF)
我有一个 WCF(3.5) 客户端与 Java Web 服务(Spring-WS、WSS4J)通信,客户端在接收来自服务器的响应时失败,并给出以下异常消息
无法使用“http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd' BinarySecretSecurityToken 的命名空间,带有 '' ValueType。如果预计此元素有效,请确保将安全性配置为使用指定名称、命名空间和值类型的令牌。
这是我的客户端配置
<system.serviceModel>
<behaviors>
<endpointBehaviors>
<behavior name="DISEndPointBehaviour">
<clientCredentials>
<clientCertificate storeLocation="LocalMachine" storeName="Root"
x509FindType="FindBySubjectName" findValue="shameerpartner"/>
<serviceCertificate>
<defaultCertificate storeLocation="LocalMachine" storeName="Root"
x509FindType="FindBySubjectName" findValue="dis"/>
<authentication certificateValidationMode="PeerOrChainTrust"/>
</serviceCertificate>
</clientCredentials>
</behavior>
</endpointBehaviors>
</behaviors>
<bindings>
<customBinding>
<binding name="DISMutualCertificateDuplexBinding">
<textMessageEncoding messageVersion="Soap11WSAddressing10"/>
<security authenticationMode="MutualCertificateDuplex"
includeTimestamp="true"
requireDerivedKeys="false"
messageProtectionOrder="SignBeforeEncrypt"
defaultAlgorithmSuite="Basic128Rsa15"
requireSignatureConfirmation="false"
messageSecurityVersion=
"WSSecurity10WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10">
</security>
<httpTransport />
</binding>
</customBinding>
</bindings>
<client>
<endpoint binding="customBinding"
bindingConfiguration="DISMutualCertificateDuplexBinding"
contract="DaDeskDataExchange"
name="DaDeskDataExchangeSoap11_DaDeskDataExchange"
address="http://192.168.0.27:8080/disweb/1.0/spring-ws/"
behaviorConfiguration="DISEndPointBehaviour">
<identity>
<dns value="dis"/>
</identity>
<headers>
<wsse:UsernameToken
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
wsu:Id="UsernameToken-1"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:Username>119136</wsse:Username>
<wsse:Password
Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">R3WWGSkNtmPztaSUbiyAWOcpwTM=</wsse:Password>
<wsse:Nonce
EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">pkJh0dN0yE8iIRe49T1bwg==</wsse:Nonce>
<wsu:Created>2010-08-18T10:32:23.937Z</wsu:Created>
</wsse:UsernameToken>
</headers>
</endpoint>
</client>
</system.serviceModel>
有人知道这个错误吗?
谢谢,
沙米尔
I have a WCF(3.5) client talking to a Java Web Service (Spring-WS, WSS4J), the client fails while recieving the response from server giving the following exception message
Cannot read the token from the 'SignatureConfirmation' element with the 'http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd' namespace for BinarySecretSecurityToken, with a '' ValueType. If this element is expected to be valid, ensure that security is configured to consume tokens with the name, namespace and value type specified.
Here is my client configuration
<system.serviceModel>
<behaviors>
<endpointBehaviors>
<behavior name="DISEndPointBehaviour">
<clientCredentials>
<clientCertificate storeLocation="LocalMachine" storeName="Root"
x509FindType="FindBySubjectName" findValue="shameerpartner"/>
<serviceCertificate>
<defaultCertificate storeLocation="LocalMachine" storeName="Root"
x509FindType="FindBySubjectName" findValue="dis"/>
<authentication certificateValidationMode="PeerOrChainTrust"/>
</serviceCertificate>
</clientCredentials>
</behavior>
</endpointBehaviors>
</behaviors>
<bindings>
<customBinding>
<binding name="DISMutualCertificateDuplexBinding">
<textMessageEncoding messageVersion="Soap11WSAddressing10"/>
<security authenticationMode="MutualCertificateDuplex"
includeTimestamp="true"
requireDerivedKeys="false"
messageProtectionOrder="SignBeforeEncrypt"
defaultAlgorithmSuite="Basic128Rsa15"
requireSignatureConfirmation="false"
messageSecurityVersion=
"WSSecurity10WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10">
</security>
<httpTransport />
</binding>
</customBinding>
</bindings>
<client>
<endpoint binding="customBinding"
bindingConfiguration="DISMutualCertificateDuplexBinding"
contract="DaDeskDataExchange"
name="DaDeskDataExchangeSoap11_DaDeskDataExchange"
address="http://192.168.0.27:8080/disweb/1.0/spring-ws/"
behaviorConfiguration="DISEndPointBehaviour">
<identity>
<dns value="dis"/>
</identity>
<headers>
<wsse:UsernameToken
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
wsu:Id="UsernameToken-1"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:Username>119136</wsse:Username>
<wsse:Password
Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">R3WWGSkNtmPztaSUbiyAWOcpwTM=</wsse:Password>
<wsse:Nonce
EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">pkJh0dN0yE8iIRe49T1bwg==</wsse:Nonce>
<wsu:Created>2010-08-18T10:32:23.937Z</wsu:Created>
</wsse:UsernameToken>
</headers>
</endpoint>
</client>
</system.serviceModel>
Anybody has an idea about this error ?
Thanks,
Shameer
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论