5

我有一个使用 WSDL.exe 创建的简单 C# Web 服务代理类。我正在远程 Web 服务上调用一个方法,它包含一堆我不想要的 WS-Addressing 和 WS-Security 标头(并且服务器正在阻塞)。以下是 raw soap 请求的示例:

<?xml version="1.0" encoding="utf-8"?>
<soap:Envelope 
  xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" 
  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
  xmlns:xsd="http://www.w3.org/2001/XMLSchema" 
  xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing" 
  xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" 
  xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
  <soap:Header>
    <wsa:Action></wsa:Action>
    <wsa:MessageID>urn:uuid:22f12267-b162-4703-a451-2d1c5c5a619b</wsa:MessageID>
    <wsa:To>http://example.com/wstest</wsa:To>
    <wsse:Security>
      <wsu:Timestamp wsu:Id="Timestamp-5c9f0ef0-ab45-421d-a633-4c4fad26d945">
        <wsu:Created>2009-04-15T16:27:25Z</wsu:Created>
        <wsu:Expires>2009-04-15T16:32:25Z</wsu:Expires>
      </wsu:Timestamp>
    </wsse:Security>
  </soap:Header>
  <soap:Body>
    <Func1 xmlns="http://example.com">
      <arg_1 xmlns="">blah</arg_1>
      <arg_2 xmlns="">blah2</arg_2></arg_2>
    </Func1>
  </soap:Body>
</soap:Envelope>

我不关心 WS-Addressing/WS-Security 的东西。我没有做任何事情来包括它。.NET WSE 3.0 包似乎默认添加它们。有没有办法摆脱这些?我在代理对象上看不到允许我删除这些部分的属性。我试过了:

proxyObject.Addressing.Clear();
proxyObject.Security.Clear();

当我调用我的 Web 服务方法时,这些会导致空引用异常。

我希望 SOAP 请求看起来像这样:

<?xml version="1.0" encoding="utf-8"?>
<soap:Envelope 
  xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" 
  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
  xmlns:xsd="http://www.w3.org/2001/XMLSchema">
  <soap:Header>
  </soap:Header>
  <soap:Body>
    <Func1 xmlns="http://example.com">
      <arg_1 xmlns="">blah</arg_1>
      <arg_2 xmlns="">blah2</arg_2></arg_2>
    </Func1>
  </soap:Body>
</soap:Envelope>

提前致谢

4

6 回答 6

4

好吧,我最终使用了我过去使用过的技术。我创建了实现SoapFilterPolicyAssertion的类,它们允许我在发送 SOAP 请求之前修改它的原始 XML。下面是一个例子:

    public class MyPolicy : SoapFilter
    {
        public override SoapFilterResult ProcessMessage(SoapEnvelope envelope)
        {
            // Remove all WS-Addressing and WS-Security header info
            envelope.Header.RemoveAll();

            return SoapFilterResult.Continue;
        }
    }

    public class MyAssertion : PolicyAssertion
    {
        public override SoapFilter CreateClientInputFilter(FilterCreationContext context)
        {
            return null;
        }

        public override SoapFilter CreateClientOutputFilter(FilterCreationContext context)
        {
            return new MyPolicy();
        }

        public override SoapFilter CreateServiceInputFilter(FilterCreationContext context)
        {
            return null;
        }

        public override SoapFilter CreateServiceOutputFilter(FilterCreationContext context)
        {
            return null;
        }
    }

然后在您的 Web 服务代理的构造器中应用该策略:

/// <remarks/>
    [System.CodeDom.Compiler.GeneratedCodeAttribute("System.Web.Services", "2.0.50727.1433")]
    [System.Diagnostics.DebuggerStepThroughAttribute()]
    [System.ComponentModel.DesignerCategoryAttribute("code")]       
 [System.Web.Services.WebServiceBindingAttribute(Name="MyBinding", Namespace="http://example.com")]
    public partial class MyWebClient : WebServicesClientProtocol {

        // ... member variables here

        /// <remarks/>
        public MyWebClient()
        {
            this.Url = "http://example.com";           
            if ((this.IsLocalFileSystemWebService(this.Url) == true)) {
                this.UseDefaultCredentials = true;
                this.useDefaultCredentialsSetExplicitly = false;
            }
            else {
                this.useDefaultCredentialsSetExplicitly = true;
            }

            // Apply policy here
            Policy policy = new Policy();
            policy.Assertions.Add(new MyAssertion());
            this.SetPolicy(policy); 
        }
  }
于 2009-04-15T21:43:57.100 回答
1

要删除寻址标头,我在我的一个应用程序中使用了以下代码。

  public override void SecureMessage(SoapEnvelope envelope, Security security)
    {
       //remove addressing Header from envelope

        AddressingHeaders objAH = new AddressingHeaders(envelope);

        objAH.RemoveXml(envelope);


        //Add Wahtever security token you want to add.

        security.Tokens.Add(bla-bla-bla);

    }

我使用SecureMessage函数是因为我想添加安全令牌,但可以在ProcessMessage函数中使用相同的代码。

于 2012-03-06T15:52:12.783 回答
0

我想知道您的问题是否也无法通过不使用 WSE 来解决?

于 2009-04-27T10:14:02.510 回答
0

根据此页面中的答案,我添加了以下代码以从 XML 中递归删除特定标头(按标记名)。

Public Overrides Function ProcessMessage(ByVal envelope As SoapEnvelope) As SoapFilterResult
    ' Remove all WS-Addressing and WS-Security header info
    RemoveTag(envelope.DocumentElement, "wsa:Action")
    RemoveTag(envelope.DocumentElement, "wsa:MessageID")
    RemoveTag(envelope.DocumentElement, "wsa:To")
    Return SoapFilterResult.[Continue]
End Function

Private Sub RemoveTag(ByVal XE As System.Xml.XmlElement, ByVal TagName As String)
    For Each N As XmlNode In XE
        If N.ChildNodes.Count > 0 Then
            RemoveTag(N, TagName)
        End If
        If N.Name = TagName Then
            XE.RemoveChild(N)
        End If
    Next
End Sub
于 2010-06-28T09:19:11.293 回答
0

我发现删除这些寻址和安全标头的最简单方法是将 Web 服务配置更改为使用BasicHttpBinding而不是WSHttp binding.

于 2010-09-15T17:08:09.900 回答
0

楼上的答案是对的!(自定义策略和断言解决方案)。但您也可以选择通过修改 web.config 文件中的客户端绑定标头来解决此问题。

前任:

<system.serviceModel>
    <bindings>
      <basicHttpBinding>
        <binding name="AGSServiceSOAP"/>
      </basicHttpBinding>
    </bindings>
    <client>
      <endpoint address="http://tosweb101u.mersinport.com.tr:19050/GTOSServiceBus/CTCS/service"
        binding="basicHttpBinding" bindingConfiguration="AGSServiceSOAP"
        contract="CTCSService.AGSService" name="AGSServiceSOAP">
        <headers>
          <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
            <wsse:UsernameToken>
              <wsse:Username>USERNAME</wsse:Username>
              <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">PASSWORD</wsse:Password>
            </wsse:UsernameToken>
          </wsse:Security>
        </headers>
      </endpoint>
    </client>
</system.serviceModel>
于 2021-09-20T07:58:24.080 回答