0

Questions:I am not sure if I need a custombinding or wshttpsbinding.
This is my web.config

  <bindings>
  <!--<wsHttpBinding>
    <binding name="EBinding">
      <security mode="Transport" authenticationMode="SecureConversation" requireSecurityContextCancellation="true">
        <message clientCredentialType="IssuedToken"/>
        --><!--Specifies the character encoding and message versioning used for text-based XML messages.--><!--
        <textMessageEncoding messageVersion="Soap11"/>

        <httpTransport/>
      </security>
    </binding>

  </wsHttpBinding>-->
  <customBinding>
    <binding name="MHService_MHSPort">
      <!--    WsdlImporter encountered unrecognized policy assertions in ServiceDescription 'http://org/emedny/mhs/':    -->
      <!--    <wsdl:binding name='MHS'>    -->
      <!--        <dpe:summary xmlns:dpe="http://www.datapower.com/extensions">..</dpe:summary>    -->
      <!--        <sp:SupportingTokens xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">..</sp:SupportingTokens>    -->
      <security mode="Transport" authenticationMode="SecureConversation" requireSecurityContextCancellation="true">
        <message clientCredentialType="IssuedToken"/>
        <!--Specifies the character encoding and message versioning used for text-based XML messages.-->
        <textMessageEncoding messageVersion="Soap11"/>
      </security>

      <!--Specifies the character encoding and message versioning used for text-based XML messages.-->
      <textMessageEncoding messageVersion="Soap11"/>
      <httpTransport/>

    </binding>
  </customBinding>
</bindings>
<client>

  <endpoint address="https://12.23.28.113:9047/MHService" 
            binding="MHService_MHSPort" bindingConfiguration="MHService_MHSPort" contract="ProxyGeneration.MHS" name="MHSPort" />

</client>
<behaviors>
  <endpointBehaviors>
    <behavior name="CustomBehaviorConfiguration">
      <clientCredentials>
        <clientCertificate findValue="LMWARD" x509FindType="FindBySubjectName" storeLocation="CurrentUser" storeName="My"/>
        <serviceCertificate>
          <authentication revocationMode="NoCheck" certificateValidationMode="None"/>
        </serviceCertificate>
      </clientCredentials>
    </behavior>
  </endpointBehaviors>
</behaviors>

This is my wsdl

   <wsdl:definitions xmlns:wsp200607="http://www.w3.org/2006/07/ws-policy" xmlns:soap12="http://schemas.xmlsoap.org/wsdl/soap12/" xmlns:wsp="http://www.w3.org/ns/ws-policy" xmlns:mime="http://schemas.xmlsoap.org/wsdl/mime/" xmlns:ns0="http://org/emedny/mhs/" xmlns:wsp200409="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns:http="http://schemas.xmlsoap.org/wsdl/http/" xmlns:soap11="http://schemas.xmlsoap.org/wsdl/soap/" targetNamespace="http://org/emedny/mhs/" xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/">
  <wsp:Policy wsu:Id="policy0" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
    <wsp:ExactlyOne>
      <wsp:All>
        <sp:AsymmetricBinding xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
          <wsp:Policy>
            <wsp:ExactlyOne>
              <wsp:All>
                <sp:InitiatorToken>
                  <wsp:Policy>
                    <wsp:ExactlyOne>
                      <wsp:All>
                        <sp:X509Token>
                          <wsp:Policy>
                            <wsp:ExactlyOne>
                              <wsp:All>
                                <sp:WssX509V3Token11 />
                              </wsp:All>
                            </wsp:ExactlyOne>
                          </wsp:Policy>
                        </sp:X509Token>
                      </wsp:All>
                    </wsp:ExactlyOne>
                  </wsp:Policy>
                </sp:InitiatorToken>
                <sp:RecipientToken>
                  <wsp:Policy>
                    <wsp:ExactlyOne>
                      <wsp:All>
                        <sp:X509Token>
                          <wsp:Policy>
                            <wsp:ExactlyOne>
                              <wsp:All>
                                <sp:WssX509V3Token11 />
                              </wsp:All>
                            </wsp:ExactlyOne>
                          </wsp:Policy>
                        </sp:X509Token>
                      </wsp:All>
                    </wsp:ExactlyOne>
                  </wsp:Policy>
                </sp:RecipientToken>
                <sp:AlgorithmSuite>
                  <wsp:Policy>
                    <wsp:ExactlyOne>
                      <wsp:All>
                        <sp:TripleDesRsa15 />
                      </wsp:All>
                    </wsp:ExactlyOne>
                  </wsp:Policy>
                </sp:AlgorithmSuite>
              </wsp:All>
            </wsp:ExactlyOne>
          </wsp:Policy>
        </sp:AsymmetricBinding>
        <sp:SignedParts xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
          <sp:Body />
        </sp:SignedParts>
        <sp:EncryptedParts xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
          <sp:Body />
        </sp:EncryptedParts>
      </wsp:All>
    </wsp:ExactlyOne>
  </wsp:Policy>
  <wsp:Policy wsu:Id="policy1" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
    <wsp:ExactlyOne>
      <wsp:All>
        <dpe:summary xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:dpe="http://www.datapower.com/extensions">
          <dppolicy:domain xmlns:dppolicy="http://www.datapower.com/policy">
      http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702
    </dppolicy:domain>
          <description>
      Implements WS Security Policy 1.2 - UsernameToken 1.0 support
    </description>
        </dpe:summary>
        <sp:SupportingTokens xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
          <wsp:Policy>
            <wsp:ExactlyOne>
              <wsp:All>
                <sp:UsernameToken sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient">
                  <wsp:Policy>
                    <wsp:ExactlyOne>
                      <wsp:All>
                        <sp:WssUsernameToken10 />
                      </wsp:All>
                    </wsp:ExactlyOne>
                  </wsp:Policy>
                </sp:UsernameToken>
              </wsp:All>
            </wsp:ExactlyOne>
          </wsp:Policy>
        </sp:SupportingTokens>
      </wsp:All>
    </wsp:ExactlyOne>
  </wsp:Policy>
  <wsdl:types xmlns:xsd="http://www.w3.org/2001/XMLSchema">
    <xsd:schema>
      <xsd:import schemaLocation="MHService.xsd1.xsd" namespace="http://org/emedny/mhs/" />
    </xsd:schema>
  </wsdl:types>
  <wsdl:message name="getCCDResponse">
    <wsdl:part xmlns:xsns="http://org/emedny/mhs/" name="parameters" element="xsns:getCCDResponse" />
  </wsdl:message>
  <wsdl:message name="getEligibilityRequest">
    <wsdl:part xmlns:xsns="http://org/emedny/mhs/" name="parameters" element="xsns:getEligibility" />
  </wsdl:message>
  <wsdl:message name="getEligibilityResponse">
    <wsdl:part xmlns:xsns="http://org/emedny/mhs/" name="parameters" element="xsns:getEligibilityResponse" />
  </wsdl:message>
  <wsdl:message name="getNCPDPHistoryRequest">
    <wsdl:part xmlns:xsns="http://org/emedny/mhs/" name="parameters" element="xsns:getNCPDPHistory" />
  </wsdl:message>
  <wsdl:message name="getNCPDPHistoryResponse">
    <wsdl:part xmlns:xsns="http://org/emedny/mhs/" name="parameters" element="xsns:getNCPDPHistoryResponse" />
  </wsdl:message>
  <wsdl:message name="getPDQRequest">
    <wsdl:part xmlns:xsns="http://org/emedny/mhs/" name="parameters" element="xsns:getPDQRequest" />
  </wsdl:message>
  <wsdl:message name="MHSFault">
    <wsdl:part xmlns:xsns="http://org/emedny/mhs/" name="parameters" element="xsns:Fault" />
  </wsdl:message>
  <wsdl:portType name="MHS">
    <wsdl:operation name="getCCD">
      <wsdl:input name="getPDQRequest" message="ns0:getPDQRequest" />
      <wsdl:output name="getCCDResponse" message="ns0:getCCDResponse" />
      <wsdl:fault name="MHSFault" message="ns0:MHSFault" />
    </wsdl:operation>
    <wsdl:operation name="getEligibility">
      <wsdl:input name="getEligibilityRequest" message="ns0:getEligibilityRequest" />
      <wsdl:output name="getEligibilityResponse" message="ns0:getEligibilityResponse" />
      <wsdl:fault name="MHSFault" message="ns0:MHSFault" />
    </wsdl:operation>
    <wsdl:operation name="getNCPDPHistory">
      <wsdl:input name="getNCPDPHistoryRequest" message="ns0:getNCPDPHistoryRequest" />
      <wsdl:output name="getNCPDPHistoryResponse" message="ns0:getNCPDPHistoryResponse" />
      <wsdl:fault name="MHSFault" message="ns0:MHSFault" />
    </wsdl:operation>
  </wsdl:portType>
  <wsdl:binding name="MHS" type="ns0:MHS">
    <soap11:binding transport="http://schemas.xmlsoap.org/soap/http" />
    <wsdl:operation name="getCCD">
      <soap11:operation soapAction="" style="document" />
      <wsdl:input name="getPDQRequest">
        <soap11:body use="literal" />
      </wsdl:input>
      <wsdl:output name="getCCDResponse">
        <soap11:body use="literal" />
      </wsdl:output>
      <wsdl:fault name="MHSFault">
        <soap11:fault use="literal" name="MHSFault" namespace="" />
      </wsdl:fault>
    </wsdl:operation>
    <wsdl:operation name="getEligibility">
      <soap11:operation soapAction="" style="document" />

I dont have any kind of SOAp headers to use in my proxyclass. I am missing security headers for ws-security for web.config. This is how the sample soap request header looks like

 <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:mhs="http://org/emedny/mhs/" xmlns:urn="urn:hl7-org:v3">
    <soapenv:Header>
    <wsse:Security soap:mustUnderstand="1" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
    <wsse:BinarySecurityToken ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="SecurityToken-e00c8062-83d2-4f04-88fc-996218e7bb3d">MIICeDCC....(eMedNY signed user MLS cert).......</wsse:BinarySecurityToken>
    <wsse:BinarySecurityToken ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="SecurityToken-c0cc2cd4-cb77-4fa5-abfa-bd485afd1685">MIIDFj.....( eMedNY MLS web-service end-point public cert)........</wsse:BinarySecurityToken>
    <wsse:UsernameToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="SecurityToken-970e9a80-00cc-4c86-8ec4-3ba16e029a5b">
    <wsse:Username>....your_username.....</wsse:Username>
    <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">.....your_plaintext_password....</wsse:Password>
    <wsse:Nonce>KNyu6MsXCkTg4DDyvwvEiw==</wsse:Nonce>
    <wsu:Created>2010-09-15T18:00:30Z</wsu:Created>
    </wsse:UsernameToken>
    <xenc:EncryptedKey xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
    <xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/>
    <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
    <wsse:SecurityTokenReference>
    <wsse:Reference URI="#SecurityToken-c0cc2cd4-cb77-4fa5-abfa-bd485afd1685" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"/>
    </wsse:SecurityTokenReference>
    </KeyInfo>
    <xenc:CipherData>
    <xenc:CipherValue>gpBAWt91pdwhKva............</xenc:CipherValue>
    </xenc:CipherData>
    <xenc:ReferenceList>
    <xenc:DataReference URI="#Enc-0641b860-b16d-4941-91c0-d60bece67794"/>
    </xenc:ReferenceList>
    </xenc:EncryptedKey>
    <Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
    <SignedInfo>

I am using wcf to do this.How do I actually generate the soap xml. I don't want to be hard coding all this.. Although I started to do this. ` soapXML = "http://schemas.xmlsoap.org/soap/envelope/\" xmlns:mhs=\"http://org/emedny/mhs/\" xmlns:urn=\"urn:hl7-org:v3\" >"; soapXML += "\n";

                    // Add security block for X.509 certificate
                    soapXML = "<wsse:Security soap:mustUnderstand=\"1\" xmlns:soap=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:wsse=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd\">";
                    soapXML += "<wsse:BinarySecurityToken ValueType=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3";
                    soapXML += "EncodingType=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary\" xmlns:wsu=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
` 

Even if I do how would I generate these security and binary tokens. This request uses ws-security..I am doing my research and reading about it to the best of my understanding.

Thank you user

4

0 回答 0