我需要使用服务提供商公开的 Web 服务。我从他们那里得到了 WSDL 文件。在 SOAP 请求标头中,我必须添加带有 SAML 断言的 wsse:Security 标头。
请查看下面的 wsse:Security 标头。我进行了很多搜索并尝试使用 WSE 3.0、WIF 和 WCF。帮助我进一步移动花了大约 15 天,我的时间不多了。
我不需要密码。如果你给我线索就足够了。
<wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsse:BinarySecurityToken EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" wsu:Id="CertId-2205212A7CE172EDAD136396070929096">MIIGOzCCBSOgAwIBAgIRAMLHEnngSJwPhUBrQD7Wau</wsse:BinarySecurityToken>
<saml2:Assertion ID="2205212A7CE172EDAD136396070923593" IssueInstant="2013-03-22T13:58:29.235Z" Version="2.0" xsi:type="saml2:AssertionType" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<saml2:Issuer>Test.com</saml2:Issuer>
<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<ds:Reference URI="#2205212A7CE172EDAD136396070923593">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<ds:DigestValue>NI1mY4izfZO9cTmY9RQ1wc=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>PPiZmdZRnUNl5XLT</ds:SignatureValue>
<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate>
MIIGOzCCBSOgAwIBAgIRAMLHEnngSJwPhUBrQD7Wa
uEwDQYJKoZIhvcNAQEFBQAwgYkxCzAJBgNV
BAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAOBgNVBAcTB1NhbGZvcmQxGjAY
r7A/P/13q1BRTPvLM6CYNzb4wvAgBxiuBV97OoVSnMPxYVtW03OoOCquyXDrq8bLYuR5+l1YGahY
D5nJfSXiCb9PCf5m+hZh6smWp1rMcafMLdr5+JbZEPPk36S1q1aokpoeEo2N0Hmg9mt2GOg6Z+Qu
ya9s
</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</ds:Signature>
<saml2:Subject>
<saml2:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified" NameQualifier="Qualifier">CN=Test.com,OU=PlatinumSSL,OU=Test Company,OU=Test,O=Test</saml2:NameID>
<saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:sender-vouches"/>
</saml2:Subject>
<saml2:Conditions NotBefore="2013-03-22T13:58:29.235Z" NotOnOrAfter="2013-03-22T14:03:29.235Z"/>
<saml2:AuthnStatement>
<saml2:AuthnContext>
<saml2:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml2:AuthnContextClassRef>
</saml2:AuthnContext>
</saml2:AuthnStatement>
</saml2:Assertion>
<wsse:SecurityTokenReference wsse11:TokenType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0" wsu:Id="STRSAMLId-2205212A7CE172EDAD136396070929097" xmlns:wsse11="http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd">
<wsse:KeyIdentifier ValueType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLID">2205212A7CE172EDAD136396070923593</wsse:KeyIdentifier>
</wsse:SecurityTokenReference>
<ds:Signature Id="SIG-19" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<ec:InclusiveNamespaces PrefixList="head pros soapenv" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:CanonicalizationMethod>
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<ds:Reference URI="#id-1">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<ec:InclusiveNamespaces PrefixList="head pros" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<ds:DigestValue>yBGE2mVOFnzQPTA9v/7yIvq0CIk=</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#STRSAMLId-2205212A7CE172EDAD136396070929097">
<ds:Transforms>
<ds:Transform Algorithm="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#STR-Transform">
<wsse:TransformationParameters>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</wsse:TransformationParameters>
</ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<ds:DigestValue>/2QpTYDtLM4GnZIVq5/RihtL6Ug=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>
Yx4SB76RTGcrll18wYlwvLAWHgNeckPcO9be1opcAL99dzDe5RspWkmLjXJ0rY7wh+RPW+wzaJyI
r0ezOByRNCFWHFNjZOdN5wj++h7pnJRFLe70WGNktREOckaQ/U/O5NLH8adkWFm+Q/wZApw2WLI6
6uWmQ+l8rOaWPg8gsBS8sjn1S55W2MYPtnwSew==
</ds:SignatureValue>
<ds:KeyInfo Id="KeyId-2205212A7CE172EDAD136396070929094">
<wsse:SecurityTokenReference wsu:Id="STRId-2205212A7CE172EDAD136396070929095">
<wsse:Reference URI="#CertId-2205212A7CE172EDAD136396070929096" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"/>
</wsse:SecurityTokenReference>
</ds:KeyInfo>
</ds:Signature>
</wsse:Security>
谢谢和问候, P.Ponkarthik