1

这是一个有点乏味的问题。我已经构建了一个 WCF 来使用 WS-Security,它在我的日志中看起来像这样:

<h:Security xmlns:h="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" 
              xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
  <UsernameToken>
    <Username>
      <!-- Removed-->
    </Username>
    <Password>
      <!-- Removed-->
    </Password>
  </UsernameToken>
</h:Security>

问题是,为什么我会两次引用相同的命名空间(“ http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd ”)?我知道相同的命名空间是否被引用两次并不重要,只要元素引用正确的命名空间,但我确实想知道为什么要这样做。

我的代码:

[System.Diagnostics.DebuggerStepThroughAttribute()]
[System.CodeDom.Compiler.GeneratedCodeAttribute("System.ServiceModel", "3.0.0.0")]
[System.ServiceModel.MessageContractAttribute(IsWrapped = false)]
public partial class InventoryCountRequest
{

  [System.ServiceModel.MessageHeaderAttribute(Namespace = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd")]
  public Security Security;

  //Other MessageHeader and MessageBody attributes
}

[System.CodeDom.Compiler.GeneratedCodeAttribute("svcutil", "3.0.4506.2152")]
[System.SerializableAttribute()]
[System.Diagnostics.DebuggerStepThroughAttribute()]
[System.ComponentModel.DesignerCategoryAttribute("code")]
[System.Xml.Serialization.XmlTypeAttribute(Namespace = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd")]
public partial class Security
{
  private UsernameToken usernameTokenField;

    [System.Xml.Serialization.XmlElementAttribute(Order = 0)]
    public UsernameToken UsernameToken
    {
       get{return this.usernameTokenField;}
       set{this.usernameTokenField = value;}
    }
}

[System.CodeDom.Compiler.GeneratedCodeAttribute("svcutil", "3.0.4506.2152")]
[System.SerializableAttribute()]
[System.Diagnostics.DebuggerStepThroughAttribute()]
[System.ComponentModel.DesignerCategoryAttribute("code")]
[System.Xml.Serialization.XmlTypeAttribute(Namespace = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd")]
public partial class UsernameToken
{
  private string usernameField;
  private Password passwordField;

  [System.Xml.Serialization.XmlElementAttribute(Order = 0)]
  public string Username
  {
    get{return this.usernameField;}
    set{this.usernameField = value;}
  }

  [System.Xml.Serialization.XmlElementAttribute(Order = 1)]
  public Password Password
  {
    get{return this.passwordField;}
    set{this.passwordField = value;}
  }
}

[System.CodeDom.Compiler.GeneratedCodeAttribute("svcutil", "3.0.4506.2152")]
[System.SerializableAttribute()]
[System.Diagnostics.DebuggerStepThroughAttribute()]
[System.ComponentModel.DesignerCategoryAttribute("code")]
[System.Xml.Serialization.XmlTypeAttribute(Namespace = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd")]
public partial class Password
{
  private string typeField;
  private string valueField;

  [System.Xml.Serialization.XmlAttributeAttribute()]
  public string Type
  {
    get{return this.typeField;}
    set{this.typeField = value;}
  }

  [System.Xml.Serialization.XmlTextAttribute()]
  public string Value
  {
    get{return this.valueField;}
    set{this.valueField = value;}
  }
}

非常感谢阅读

4

1 回答 1

0

也许这不是消息在网络上的样子。可能是 WCF 日志查看器添加了它(您可以看到它进行了一些操作,因为它删除了密码)。使用 Fiddler 查看真实消息的外观。

然后您手动(通过数据合同)添加安全标头。一般来说,WCF 可以通过配置绑定来配置。因此,也许 WCF 标识了一个安全标头并始终将一些命名空间附加到它。

我不会担心的。

于 2013-08-06T21:48:14.170 回答