0

我正在尝试使用 .Net 通过 Http 而不是 Https 调用 Java Web 服务。我从 Web 服务团队得到的唯一提示是在 SOAP 消息或端点设置中传递凭证。

我创建了一个简单的控制台应用程序并添加了对 Web 服务的服务引用。以下是生成的绑定(我看到有关于无法识别的策略的警告,但无法弄清楚它的含义或它是否相关):

<customBinding>
    <binding name="CurrencyInformationServiceSoapBinding">
        <!--    WsdlImporter encountered unrecognized policy assertions in ServiceDescription 'http://www.openuri.org/':    -->
        <!--    <wsdl:binding name='CurrencyInformationServiceSoapBinding'>    -->
        <!--        <ns1:SupportingTokens xmlns:ns1="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512">..</ns1:SupportingTokens>    -->
        <textMessageEncoding maxReadPoolSize="64" maxWritePoolSize="16"
            messageVersion="Soap11" writeEncoding="utf-8">
            <readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
                maxBytesPerRead="4096" maxNameTableCharCount="16384" />
        </textMessageEncoding>
      <!--<security authenticationMode="UserNameOverTransport" allowInsecureTransport="true"/>-->  
      <httpTransport manualAddressing="false" maxBufferPoolSize="524288"
            maxReceivedMessageSize="65536" allowCookies="false" authenticationScheme="Anonymous"
            bypassProxyOnLocal="false" decompressionEnabled="true" hostNameComparisonMode="StrongWildcard"
            keepAliveEnabled="true" maxBufferSize="65536" proxyAuthenticationScheme="Anonymous"
            realm="" transferMode="Buffered" unsafeConnectionNtlmAuthentication="false"
            useDefaultWebProxy="true" />
    </binding>
</customBinding>

这是我的试验:

Trail #1:
-----------

使用以下代码:

CurrencyInformationServiceClient client = new CurrencyInformationServiceClient();  
foreignCurrencyDTO[] results = client.getAllForeignCurrencies();  

或在 Windows 属性中提供凭据

CurrencyInformationServiceClient client = new CurrencyInformationServiceClient();  
client.ClientCredentials.Windows.ClientCredential = new System.Net.NetworkCredential("crmuser", "welcome1");  
foreignCurrencyDTO[] results = client.getAllForeignCurrencies();  

或在 UserName 属性中提供凭据

CurrencyInformationServiceClient client = new CurrencyInformationServiceClient();  
client.ClientCredentials.UserName.UserName = "someuser";  
client.ClientCredentials.UserName.Password = "somepassword";  
foreignCurrencyDTO[] results = client.getAllForeignCurrencies();  

导致

 System.ServiceModel.FaultException: Error on verifying message against security policy Error code:1000

Trail #2:
------------

根据我看到的一条评论,我尝试在绑定中添加以下标记,并通过在 ClientCredentials 的 UserName 属性中传递凭据来调用 Web 服务

<security authenticationMode="UserNameOverTransport" allowInsecureTransport="true"/>

但结果是

System.ServiceModel.Security.MessageSecurityException: Security processor was unable to find a security header in the message. This might be because the message is an unsecured fault or because there is a binding mismatch between the communicating parties. This can occur if the service is configured for security and the client is not using security.

Trail #3:
------------

我尝试使用 WSHttpBinding 而不是 VS 生成的 CustomBinding,如下所示:

WSHttpBinding binding = new WSHttpBinding();
binding.Security.Mode = SecurityMode.Message;
binding.Security.Message.ClientCredentialType = MessageCredentialType.UserName;
EndpointAddress ea = new EndpointAddress("http://someurl/CurrencyInformationService.jws");
CurrencyInformationServiceClient client = new CurrencyInformationServiceClient(binding, ea);
client.ClientCredentials.UserName.UserName = "someuser";
client.ClientCredentials.UserName.Password = "somepassword";
foreignCurrencyDTO[] results = client.getAllForeignCurrencies();

但结果是

System.ServiceModel.ProtocolException: Content Type application/soap+xml; charset=utf-8 was not supported by service http://someurl/CurrencyInformationService.jws.  The client andservice bindings may be mismatched. ---> System.Net.WebException: The remote server returned an error: (415) Unsupported Media Type.

更新:
-----------

我收到了供应商的工作请求,并在soapUI中进行了尝试,它给出了正确的响应。

<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
        <soap:Header>
                <wsse:Security soap:mustUnderstand="1">
                        <wsse:UsernameToken wsu:Id="SecurityToken-35598fb7-5aa2-4623-b07b-3277c6578beb" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
                                <wsse:Username>someuser</wsse:Username>
                                <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">somepassword</wsse:Password>
                        </wsse:UsernameToken>
                </wsse:Security>
        </soap:Header>
        <soap:Body>
                <getAllForeignCurrencies xmlns="http://www.openuri.org/">
                </getAllForeignCurrencies>
        </soap:Body>
</soap:Envelope>

有人可以给我一个提示如何生成这样的 SOAP 请求吗?

4

2 回答 2

3

我在使用 .Net 使用 java web 服务时遇到了同样的问题,这个线程帮助我部分地能够使用 web 服务。

但是,不知何故,我遇到了这篇文章,它对我来说是一个最终的解决方案:http ://weblog.west-wind.com/posts/2012/Nov/24/WCF-WSSecurity-and-WSE-Nonce-Authentication

以下设置对我来说效果很好:

<?xml version="1.0"?>
<configuration>
  <system.serviceModel>
    <bindings>
      <customBinding>
        <binding name="CustomSoapBinding">
          <security includeTimestamp="false"
                    authenticationMode="UserNameOverTransport"
                    defaultAlgorithmSuite="Basic256"
                    requireDerivedKeys="false"
                    messageSecurityVersion="WSSecurity10WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10">
          </security>
          <textMessageEncoding messageVersion="Soap11"></textMessageEncoding>
          <httpsTransport maxReceivedMessageSize="2000000000"/>
        </binding>
      </customBinding>
    </bindings>
    <client>
      <endpoint address="https://notrealurl.com:443/services/RealTimeOnline"
                binding="customBinding"
                bindingConfiguration="CustomSoapBinding"
                contract="RealTimeOnline.RealTimeOnline"
                name="RealTimeOnline" />
    </client>
  </system.serviceModel>
  <startup>
    <supportedRuntime version="v4.0"
                      sku=".NETFramework,Version=v4.0"/>
  </startup>
</configuration>
于 2014-08-27T21:33:06.383 回答
0

如果您使用 SSL,请使用:

<basicHttpBinding>
                <binding name="NewBinding0">
                    <security mode="TransportWithMessageCredential" />
                </binding>
</basicHttpBinding>

如果没有 SSL,则使用CUB

于 2013-10-01T11:02:27.030 回答