时间戳

首页 > 解决方案 > 在 .NET Core 中调用带有安全标头的 SOAP 端点

.net - 在 .NET Core 中调用带有安全标头的 SOAP 端点

问题描述

.net core- 调用带有 wss 安全标头的肥皂服务

在我的 .net 核心类库项目中,我添加了对 WCF 服务的引用(使用 wsdl 文件),现在我在 Connected Services 下生成了引用类。我可以使用 BasicHttpBinding 调用 WCF 服务,但问题是服务器还需要一个安全元素以及 SOAP 标头

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
    <soapenv:Header xmlns:wsa="http://www.w3.org/2005/08/addressing">
        <wsse:Security
            xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
            xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
            <ds:Signature Id="SIG-"
                xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <ds:SignedInfo>                    
                </ds:SignedInfo>
                <ds:SignatureValue>==gMg==</ds:SignatureValue>
                <ds:KeyInfo Id="KI-">                    
                </ds:KeyInfo>
            </ds:Signature>
            <wsu:Timestamp wsu:Id="TS-34A069E7A55FECD03D16098926271579">                
            </wsu:Timestamp>
        </wsse:Security>
        <wsa:Action>http://www.test.com/Namespace/test_action</wsa:Action>
        <wsa:MessageID>uuid:XXX</wsa:MessageID>
    </soapenv:Header>
    </soapenv:Envelope>

所以基本上我希望 SOAP 消息将这种安全标记附加到标头。请参阅上面的示例 SOAP。

提前致谢 :-)

标签: .netwcf.net-coresoap

解决方案

所以问题是向 SOAP 请求添加安全标头。我发现,通过绑定中的配置,您也可以发送安全标头。您可能不需要任何额外的代码。

<system.serviceModel>
    <behaviors>
      <endpointBehaviors>
        <behavior name="ClientBehavior">
          <clientCredentials>
            <clientCertificate findValue="<certificate thumbprint here >" storeLocation="LocalMachine" storeName="My" x509FindType="FindByThumbprint"/>
            <serviceCertificate>
              <authentication revocationMode="NoCheck"/>
            </serviceCertificate>
          </clientCredentials>
        </behavior>
      </endpointBehaviors>
    </behaviors>

    <bindings>
      <customBinding>
        <binding name="BasicHttpBinding_IExampleService">
          <security 
                    defaultAlgorithmSuite="Default"                    
                    requireDerivedKeys="false"
                    messageProtectionOrder="SignBeforeEncrypt"
                    requireSignatureConfirmation="false"
                    securityHeaderLayout="Lax"
                    messageSecurityVersion="WSSecurity10WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10"
                    includeTimestamp="true"
                    >
            <localClientSettings detectReplays="true" />
            <localServiceSettings detectReplays="true" />
          </security>
          <textMessageEncoding messageVersion="Soap11" />
          <httpTransport />
        </binding>
      </customBinding>
    </bindings>
    <client>
      <endpoint address="http://localhost:63454/ExampleService.svc"
        binding="customBinding" bindingConfiguration="BasicHttpBinding_IExampleService"
        contract="ServiceReference1.IExampleService" name="BasicHttpBinding_IExampleService" behaviorConfiguration="ClientBehavior" >
        <identity>
          <certificateReference findValue="<certificate thumbprint here >" storeLocation="LocalMachine" storeName="My" x509FindType="FindByThumbprint" />
        </identity>
      </endpoint>
    </client>

  </system.serviceModel>

推荐阅读