Error in WCF client consuming Axis 2 web service with WS-Security UsernameToken PasswordDigest authentication scheme
I have a WCF client connecting to a Java based Axis2 web service (outside my control). It is about to have WS-Security applied to it, and I need to fix the .NET client. However, I am struggling to provide the correct authentication. I am aware that WSE 3.0 might make it easier, but I would prefer not to revert to an obsolete technology. Similar issues (unsolved), include this, this and this. The SOAP message should look like this:
However, mine looks like this:
My client looks like this: P.S. Note the required SecurityHeaderType param. What is that?
Current binding is as follows:
I've also tried a custom binding and got a similar error:
And endpoint (Address obviously changed...):
The custom fault that is being returned is as follows:
I've read lots about custom headers, tokens, bindings and my brain is completely confused. Can anyone suggest a step by step process for sending the message in the right format? This appears to be the way forward for WCF, using custom tokens, but how should one apply the digest and nonce as required? Any help welcomed. UPDATEI've had some limited success. I've used the Microsoft.Web.Services3 library to create a UsernameToken with the correct digest. I've then created my own custom behavior and in the BeforeSendRequest method I've done the following to inject the header:
I add the behavior like so:
I can now see the headers going across:
But I'm getting the error:
There appears to be a missing Type attribute on the password node:
However, I'm not sure if the security tracing and logging settings are blanket removing the attributes and content of those nodes. I've attempted to use the logKnownPii setting in the diagnostics logging, but the security information remains obscured. Any ideas on that one? |
||||
I can confirm that the UPDATE from my question actually works:
And the client:
The error message was unrelated. The security header works with a very simple basicHttpBinding:
Code sample of this in action can be found on my blog: http://benpowell.org/supporting-the-ws-i-basic-profile-password-digest-in-a-wcf-client-proxy/ |
||||
This question is well written -- many thanks. In reference to @Junto's "How do I use this" comment, it turns out that the SecurityHeader param on the service method can be used to add the header. I've included an example below. I believe that what's happening is that the SvcUtil.exe tool is barfing when trying to read the WS* DTDs. This is not obvious when you use the "Add Service Reference" wizard. But it is very obvious when you run svcutil.exe from the command line. Because svcutil.exe fails to read the WS* DTD's, the SecurityHeader object is not well developed. But Microsoft gives you an out with the .Any property. You can serialize the UsernameToken class right into the .Any property and your header will be added to the message. Again, thanks for this excellent question. How to use the SecurityHeader parameter to add a UsernameToken security header: Required tools:
Required Reference:
WCF service call:
App.config:
|
|||||
|
I had a similar problem recently and gave up searching for a non-WSE solution. After a couple days of pulling my hair out I ended downloading the WSE 3.0 SDK, generating a proxy class using WseWsdl3.exe, and creating a new policy for the UsernameToken. I was up and running in 15min. The following is currently working for me.
|
Error in WCF client consuming Axis 2 web service with WS-Security UsernameToken PasswordDigest authentication scheme的更多相关文章
- 应用Apache Axis进行Web Service开发
转自(http://tscjsj.blog.51cto.com/412451/84813) 一.概述 SOAP原意为Simple Object Access Protocol(简单对象访问协议),是一 ...
- Axis开发Web Service
可以自动生成代码的 一.Axis环境的安装 1.安装环境 J2SE SDK 1.4,Tomcat 5.0,eclipse 3.2. 2.到 http://xml.apache.org 网站下载Axis ...
- iOS 中client和server的 Web Service 网络通信 (1)
当你打开你手机上新浪微博应用或者知乎应用是.你是否会去想这些显示在手机上的图片和数据时从哪里来的?又是通过如何的方法实现的?好.那么接下来就介绍是如何实现的.过程又是怎么样的. 当我们浏览着 ...
- 使用axis开发web service服务端
一.axis环境搭建 1.安装环境 JDK.Tomcat或Resin.eclipse等. 2.到 http://www.apache.org/dyn/closer.cgi/ws/axis/1_4下载A ...
- WCF、Net remoting、Web service概念及区别
Windows通信基础(Windows Communication Foundation,WCF)是基于Windows平台下开发和部署服务的软件开发包(Software Development Kit ...
- Consuming a RESTful Web Service
本篇文章将介绍使用Spring来建立RESTful的Web Service. 我们通过一个例子来说明这篇文章:这个例子将会使用Spring的RestTemplate来从Facebook的提供的API中 ...
- WCF、.Net Remoting、Web Service概念及区别
此文章主要参考http://www.cnblogs.com/weiweibtm/archive/2013/06/21/3148583.html 参考书籍<WCF全面解析上册>.<WC ...
- iOS 中client和server的 Web Service 网络通信 (2)
在实际的应用开发过程中,同步请求的用户体验并非非常好:我们都知道.Apple是非常重视用户体验的.这一点也成为了行业的标杆,没实用户哪里来的好产品.所以用户体验是极其重要的.貌似废话有点多.接下来进入 ...
- Part 17 Consuming ASP NET Web Service in AngularJS using $http
Here is what we want to do1. Create an ASP.NET Web service. This web service retrieves the data from ...
随机推荐
- python webdriver 测试框架-数据驱动exce驱动,不用ddt的方式
data.xlsx: 脚本: #encoding=utf-8from selenium import webdriverimport timeimport datetimefrom openpyxl ...
- Vue学习笔记之Nodejs入门
0x00 前言 打开Nodejs英文网:https://nodejs.org/en/ 中文网:http://nodejs.cn/ 我们会发现这样一句话: 翻译成中文如下: Node.js 是一个基于 ...
- P1131 [ZJOI2007]时态同步(树形dp)
P1131 [ZJOI2007]时态同步 设$f[i]$为与$i$与最远的点的距离 在dfs时每次更新的时候顺便统计一下长度,不同的话就改成最长的那条并更新答案 #include<iostrea ...
- 20145221 《Java程序设计》第六周学习总结
20145221 <Java程序设计>第六周学习总结 教材学习内容总结 第十一章部分 - 输入与输出 文件的读写 网络上传数据的基础 同样要先掌握父类中方法,核心类如下: 以上则是老师提出 ...
- Redis之Python 使用 Redis
Python 使用 Redis 参考文档: http://redis.cn/clients.html#python https://github.com/andymccurdy/redis-py 安装 ...
- Anaconda中常用的用法
Anaconda中常用的用法 conda 是开源包(packages)和虚拟环境(environment)的管理系统. packages 管理: 可以使用 conda 来安装.更新 .卸载工具包 ,并 ...
- nodejs使用multiparty模块实现文件上传(另附express.bodyParser()的说明)
最近师弟师妹们在用formidable做文件上传的时候会出现form.parse()不会触发的问题,在stackoverflow也没有找到答案,反而是几个答案推荐使用multiparty来代替,因为那 ...
- 这些HTML、CSS知识点,面试和平时开发都需要 No5-No7(知识点:文字设置、设置背景、数据列表)
系列知识点汇总 这些HTML.CSS知识点,面试和平时开发都需要 No1-No4(知识点:HTML.CSS.盒子模型.内容布局) 这些HTML.CSS知识点,面试和平时开发都需要 No5-No7(知识 ...
- CC工具列表
QuasarRAT Adwind Adzok Arcom Babylon Blacknix Blue Banana Bozok Coringa DarkComet DRAT Gh0st Huige ...
- PHP:第五章——字符串过滤函数
<?php header("Content-Type:text/html;charset=utf-8"); //字符串过滤函数: //1.n12br 在所有新行之前插入Htm ...