1

我需要使用服务提供商公开的 Web 服务。我从他们那里得到了 WSDL 文件。在 SOAP 请求标头中,我必须添加带有 SAML 断言的 wsse:Security 标头。

请查看下面的 wsse:Security 标头。我进行了很多搜索并尝试使用 WSE 3.0、WIF 和 WCF。帮助我进一步移动花了大约 15 天,我的时间不多了。

我不需要密码。如果你给我线索就足够了。

 <wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
  <wsse:BinarySecurityToken EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" wsu:Id="CertId-2205212A7CE172EDAD136396070929096">MIIGOzCCBSOgAwIBAgIRAMLHEnngSJwPhUBrQD7Wau</wsse:BinarySecurityToken>
  <saml2:Assertion ID="2205212A7CE172EDAD136396070923593" IssueInstant="2013-03-22T13:58:29.235Z" Version="2.0" xsi:type="saml2:AssertionType" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
    <saml2:Issuer>Test.com</saml2:Issuer>
    <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
      <ds:SignedInfo>
        <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
        <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
        <ds:Reference URI="#2205212A7CE172EDAD136396070923593">
          <ds:Transforms>
            <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
            <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
          </ds:Transforms>
          <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
          <ds:DigestValue>NI1mY4izfZO9cTmY9RQ1wc=</ds:DigestValue>
        </ds:Reference>
      </ds:SignedInfo>
      <ds:SignatureValue>PPiZmdZRnUNl5XLT</ds:SignatureValue>
      <ds:KeyInfo>
        <ds:X509Data>
          <ds:X509Certificate>
            MIIGOzCCBSOgAwIBAgIRAMLHEnngSJwPhUBrQD7Wa
            uEwDQYJKoZIhvcNAQEFBQAwgYkxCzAJBgNV
            BAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAOBgNVBAcTB1NhbGZvcmQxGjAY            
            r7A/P/13q1BRTPvLM6CYNzb4wvAgBxiuBV97OoVSnMPxYVtW03OoOCquyXDrq8bLYuR5+l1YGahY
            D5nJfSXiCb9PCf5m+hZh6smWp1rMcafMLdr5+JbZEPPk36S1q1aokpoeEo2N0Hmg9mt2GOg6Z+Qu
            ya9s
          </ds:X509Certificate>
        </ds:X509Data>
      </ds:KeyInfo>
    </ds:Signature>
    <saml2:Subject>
      <saml2:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified" NameQualifier="Qualifier">CN=Test.com,OU=PlatinumSSL,OU=Test Company,OU=Test,O=Test</saml2:NameID>
      <saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:sender-vouches"/>
    </saml2:Subject>
    <saml2:Conditions NotBefore="2013-03-22T13:58:29.235Z" NotOnOrAfter="2013-03-22T14:03:29.235Z"/>
    <saml2:AuthnStatement>
      <saml2:AuthnContext>
        <saml2:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml2:AuthnContextClassRef>
      </saml2:AuthnContext>
    </saml2:AuthnStatement>
  </saml2:Assertion>
  <wsse:SecurityTokenReference wsse11:TokenType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0" wsu:Id="STRSAMLId-2205212A7CE172EDAD136396070929097" xmlns:wsse11="http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd">
    <wsse:KeyIdentifier ValueType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLID">2205212A7CE172EDAD136396070923593</wsse:KeyIdentifier>
  </wsse:SecurityTokenReference>
  <ds:Signature Id="SIG-19" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
    <ds:SignedInfo>
      <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
        <ec:InclusiveNamespaces PrefixList="head pros soapenv" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"/>
      </ds:CanonicalizationMethod>
      <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
      <ds:Reference URI="#id-1">
        <ds:Transforms>
          <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
            <ec:InclusiveNamespaces PrefixList="head pros" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"/>
          </ds:Transform>
        </ds:Transforms>
        <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
        <ds:DigestValue>yBGE2mVOFnzQPTA9v/7yIvq0CIk=</ds:DigestValue>
      </ds:Reference>
      <ds:Reference URI="#STRSAMLId-2205212A7CE172EDAD136396070929097">
        <ds:Transforms>
          <ds:Transform Algorithm="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#STR-Transform">
            <wsse:TransformationParameters>
              <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
            </wsse:TransformationParameters>
          </ds:Transform>
        </ds:Transforms>
        <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
        <ds:DigestValue>/2QpTYDtLM4GnZIVq5/RihtL6Ug=</ds:DigestValue>
      </ds:Reference>
    </ds:SignedInfo>
    <ds:SignatureValue>
      Yx4SB76RTGcrll18wYlwvLAWHgNeckPcO9be1opcAL99dzDe5RspWkmLjXJ0rY7wh+RPW+wzaJyI
      r0ezOByRNCFWHFNjZOdN5wj++h7pnJRFLe70WGNktREOckaQ/U/O5NLH8adkWFm+Q/wZApw2WLI6
      6uWmQ+l8rOaWPg8gsBS8sjn1S55W2MYPtnwSew==
    </ds:SignatureValue>
    <ds:KeyInfo Id="KeyId-2205212A7CE172EDAD136396070929094">
      <wsse:SecurityTokenReference wsu:Id="STRId-2205212A7CE172EDAD136396070929095">
        <wsse:Reference URI="#CertId-2205212A7CE172EDAD136396070929096" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"/>
      </wsse:SecurityTokenReference>
    </ds:KeyInfo>
  </ds:Signature>
</wsse:Security>

谢谢和问候, P.Ponkarthik

4

1 回答 1

0

看看 wsFederationHttpBinding,作为为您处理此安全元数据的特殊 WCF 绑定 ( http://msdn.microsoft.com/en-us/library/ms731374.aspx )

于 2013-04-01T08:56:10.527 回答