我正在尝试创建一个要从客户端使用的服务。它必须符合 WS-Security Oasis 标准,并且响应必须类似于:
<soapenv:Envelope xmlns:ns="http://inti.notariado.org/XML" xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
<soapenv:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsu:Timestamp wsu:Id="TS-3E29AD5728CD9B921B14555351279296">
<wsu:Created>2016-02-15T11:18:47.928Z</wsu:Created>
<wsu:Expires>2016-02-15T11:23:47.928Z</wsu:Expires>
</wsu:Timestamp>
<wsse:BinarySecurityToken EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"
ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509PKIPathv1"
wsu:Id="X509-3E29AD5728CD9B921B14555351276791">MIIH6zCCB+cw...OMMITED...2lpK
</wsse:BinarySecurityToken>
<ds:Signature Id="SIG-3E29AD5728CD9B921B14555351277955" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<ds:Reference URI="#id-3E29AD5728CD9B921B14555351277904">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<InclusiveNamespaces PrefixList="ns" xmlns="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transform>
</ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<ds:DigestValue>jBhSy8vJGQtkVx9ok+aiLklTMaU=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>ui...OMMITED...eLzGcWA==
</ds:SignatureValue>
<ds:KeyInfo Id="KI-3E29AD5728CD9B921B14555351277502">
<wsse:SecurityTokenReference wsse11:TokenType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509PKIPathv1"
wsu:Id="STR-3E29AD5728CD9B921B14555351277533"
xmlns:wsse11="http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd">
<wsse:Reference URI="#X509-3E29AD5728CD9B921B14555351276791"
ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509PKIPathv1"/>
</wsse:SecurityTokenReference>
</ds:KeyInfo>
</ds:Signature>
</wsse:Security>
<ns:SERVICE_DISPATCHER>
<ns:TIMESTAMP>2008-09-29T03:49:45</ns:TIMESTAMP>
<ns:TIPO_MSJ>1</ns:TIPO_MSJ>
<ns:EMISOR>TEST</ns:EMISOR>
<ns:RECEP>CGN</ns:RECEP>
<!--Optional:-->
<ns:SERVICIO>CTREEF</ns:SERVICIO>
</ns:SERVICE_DISPATCHER>
</soapenv:Header>
<soapenv:Body wsu:Id="id-3E29AD5728CD9B921B14555351277904" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<ns:SERVICE_DISPATCHER_REQUEST>
<con:ConsultaTitularidadRealRequest xmlns:con="http://ancert.notariado.org/XML/ConsultaTitularidadReal/Terceros">
<con:TipoConsulta>EMPRESAS_ACTUAL</con:TipoConsulta>
<con:TipoResultado>XML_PDF</con:TipoResultado>
<con:DatosConsulta>
<con:Identificacion>
<con:TipoDocumento>1</con:TipoDocumento>
<con:NumeroDocumento>N4361258I</con:NumeroDocumento>
</con:Identificacion>
</con:DatosConsulta>
</con:ConsultaTitularidadRealRequest>
</ns:SERVICE_DISPATCHER_REQUEST>
</soapenv:Body>
我尝试使用 WSE 3.0 和 WCF 来做到这一点,但我总是卡住,找不到关于如何保护服务的好的教程。
所以问题是......开发它的最佳方法是什么?有什么好的教程可以帮助我吗?我应该通过代码还是通过 web.config 配置安全性?
提前致谢。