有次我们有个项目需要Call 一个 Java 的 web service, Soap包中需要一个 Security Head

  1. <soapenv:Header>
  2. <wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
  3. <wsse:UsernameToken xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" wsu:Id="UsernameToken-1" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
  4. <wsse:Username>username</wsse:Username>
  5. <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">password</wsse:Password>
  6. </wsse:UsernameToken>
  7. </wsse:Security>
  8. </soapenv:Header>

但是.net 默认的 Credentials 添加的 UserName 不符合这种格式

  1. orgClient.ClientCredentials.UserName.UserName = "userName";
  2. orgClient.ClientCredentials.UserName.Password = "password";

所以总是报错

System.Web.Services.Protocols.SoapHeaderException: An error was

discovered processing the <wsse: Security> header

没奈何,就只有用力气活,手动的把这段WSSE 的 head 添加到 Soap 包里面去了。

  1. orgClient.Endpoint.EndpointBehaviors.Add(new CustomEndpointBehavior());

下面是Behavior

  1. /// <summary>
  2.     /// Represents a run-time behavior extension for a client endpoint.
  3.     /// </summary>
  4.     public class CustomEndpointBehavior : IEndpointBehavior
  5.     {
  6.         /// <summary>
  7.         /// Implements a modification or extension of the client across an endpoint.
  8.         /// </summary>
  9.         /// <param name="endpoint">The endpoint that is to be customized.</param>
  10.         /// <param name="clientRuntime">The client runtime to be customized.</param>
  11.         public void ApplyClientBehavior(ServiceEndpoint endpoint, ClientRuntime clientRuntime)
  12.         {
  13.             clientRuntime.ClientMessageInspectors.Add(new ClientMessageInspector());
  14.         }
  15.  
  16.         /// <summary>
  17.         /// Implement to pass data at runtime to bindings to support custom behavior.
  18.         /// </summary>
  19.         /// <param name="endpoint">The endpoint to modify.</param>
  20.         /// <param name="bindingParameters">The objects that binding elements require to support the behavior.</param>
  21.         public void AddBindingParameters(ServiceEndpoint endpoint, BindingParameterCollection bindingParameters)
  22.         {
  23.             // Nothing special here
  24.         }
  25.  
  26.         /// <summary>
  27.         /// Implements a modification or extension of the service across an endpoint.
  28.         /// </summary>
  29.         /// <param name="endpoint">The endpoint that exposes the contract.</param>
  30.         /// <param name="endpointDispatcher">The endpoint dispatcher to be modified or extended.</param>
  31.         public void ApplyDispatchBehavior(ServiceEndpoint endpoint, EndpointDispatcher endpointDispatcher)
  32.         {
  33.             // Nothing special here
  34.         }
  35.  
  36.         /// <summary>
  37.         /// Implement to confirm that the endpoint meets some intended criteria.
  38.         /// </summary>
  39.         /// <param name="endpoint">The endpoint to validate.</param>
  40.         public void Validate(ServiceEndpoint endpoint)
  41.         {
  42.             // Nothing special here
  43.         }
  44.     }

请注意13行红色部分的代码,相当于一层层的使用了Provider 的模式

  1. /// <summary>
  2.     /// Represents a message inspector object that can be added to the <c>MessageInspectors</c> collection to view or modify messages.
  3.     /// </summary>
  4.     public class ClientMessageInspector : IClientMessageInspector
  5.     {
  6.         /// <summary>
  7.         /// Enables inspection or modification of a message before a request message is sent to a service.
  8.         /// </summary>
  9.         /// <param name="request">The message to be sent to the service.</param>
  10.         /// <param name="channel">The WCF client object channel.</param>
  11.         /// <returns>
  12.         /// The object that is returned as the <paramref name="correlationState " /> argument of
  13.         /// the <see cref="M:System.ServiceModel.Dispatcher.IClientMessageInspector.AfterReceiveReply(System.ServiceModel.Channels.Message@,System.Object)" /> method.
  14.         /// This is null if no correlation state is used.The best practice is to make this a <see cref="T:System.Guid" /> to ensure that no two
  15.         /// <paramref name="correlationState" /> objects are the same.
  16.         /// </returns>
  17.         public object BeforeSendRequest(ref System.ServiceModel.Channels.Message request, IClientChannel channel)
  18.         {
  19.             SoapSecurityHeader header = new SoapSecurityHeader("UsernameToken-1", UserName, Password, "");
  20.  
  21.             request.Headers.Add(header);
  22.  
  23.             return header.Id;
  24.         }
  25.  
  26.         /// <summary>
  27.         /// Enables inspection or modification of a message after a reply message is received but prior to passing it back to the client application.
  28.         /// </summary>
  29.         /// <param name="reply">The message to be transformed into types and handed back to the client application.</param>
  30.         /// <param name="correlationState">Correlation state data.</param>
  31.         public void AfterReceiveReply(ref System.ServiceModel.Channels.Message reply, object correlationState)
  32.         {
  33.             var a = reply;
  34.             // Nothing special here
  35.         }
  36.     }

下面是写入Head的部分

  1. public class SoapSecurityHeader : MessageHeader
  2.     {
  3.         private readonly string _password, _username, _nonce;
  4.         private readonly DateTime _createdDate;
  5.  
  6.         public SoapSecurityHeader(string id, string username, string password, string nonce)
  7.         {
  8.             _password = password;
  9.             _username = username;
  10.             _nonce = nonce;
  11.             _createdDate = DateTime.Now;
  12.             this.Id = id;
  13.         }
  14.  
  15.         public string Id { get; set; }
  16.  
  17.         public override string Name
  18.         {
  19.             get { return "Security"; }
  20.         }
  21.  
  22.         public override string Namespace
  23.         {
  24.             get { return "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"; }
  25.         }
  26.  
  27.         protected override void OnWriteStartHeader(XmlDictionaryWriter writer, MessageVersion messageVersion)
  28.         {
  29.             writer.WriteStartElement("wsse", Name, Namespace);
  30.             writer.WriteXmlnsAttribute("wsse", Namespace);
  31.         }
  32.  
  33.         protected override void OnWriteHeaderContents(XmlDictionaryWriter writer, MessageVersion messageVersion)
  34.         {
  35.             writer.WriteStartElement("wsse", "UsernameToken", Namespace);
  36.             writer.WriteAttributeString("Id", "UsernameToken-10");
  37.             writer.WriteAttributeString("wsu", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd");
  38.  
  39.             writer.WriteStartElement("wsse", "Username", Namespace);
  40.             writer.WriteValue(_username);
  41.             writer.WriteEndElement();
  42.  
  43.             writer.WriteStartElement("wsse", "Password", Namespace);
  44.             writer.WriteAttributeString("Type", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText");
  45.             writer.WriteValue(_password);
  46.             writer.WriteEndElement();
  47.  
  48.             writer.WriteStartElement("wsse", "Nonce", Namespace);
  49.             writer.WriteAttributeString("EncodingType", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary");
  50.             writer.WriteValue(_nonce);
  51.             writer.WriteEndElement();
  52.  
  53.             writer.WriteStartElement("wsse", "Created", Namespace);
  54.             writer.WriteValue(_createdDate.ToString("YYYY-MM-DDThh:mm:ss"));
  55.             writer.WriteEndElement();
  56.  
  57.             writer.WriteEndElement();
  58.         }
  59.     }

至此大功告成!

扩展Wcf call security service, 手动添加 Soap Security Head.的更多相关文章

  1. WCF 在VS中,添加服务引用,地址输入http://ip/Service.svc,点击前往,提示错误,内容如下:

    WCF的service端的webconfig如下: <?xml version="1.0"?> <configuration> <system.ser ...

  2. centos6.5 gsoap安装过程+ php添加soap扩展

    参考博客: CentOS编译安装gSOAP Linux C实现webservice调用 安装gsoap流程  里面提到make时可能碰到的问题 还没有用到 1.从官网下载最新的版本:http://so ...

  3. wcf和web service的区别

    1.WebService:严格来说是行业标准,不是技术,使用XML扩展标记语言来表示数据(这个是夸语言和平台的关键).微软的Web服务实现称为ASP.NET Web Service.它使用Soap简单 ...

  4. WCF和Web Service的 区(guan)别(xi)

    参考文献:http://social.microsoft.com/Forums/zh-CN/c06420d1-69ba-4aa6-abe5-242e3213b68f/wcf-webservice 之前 ...

  5. WCF与 Web Service的区别是什么?各自的优点在哪里呢?

    这是很多.NET开发人员容易搞错的问题.面试的时候也经常遇到,初学者也很难分快速弄明白 Web service: .net技术中其实就指ASP.NET Web Service,用的时间比较长,微软其实 ...

  6. 如何手动添加Windows服务和如何把一个服务删除

    windows 手动添加服务方法一:修改注册表 在注册表编辑器,展开分支"HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services" ...

  7. Windows服务的手动添加和删除方法

    Windows服务的手动添加和删除方法 服务,是指执行指定系统功能的程序.例程或进程,以便支持其他程序,尤其是低层(接近硬件)程序.其实,服务就是一种特殊的应用程序,它从服务启动开始就一直处于运行状态 ...

  8. 解决 Cocos2d-x 中 Android.mk 手动添加源文件

    转自:http://blog.csdn.net/ypfsoul/article/details/8909178 Makefile Android.mk 引发的思索 在我们编写 Android 平台 c ...

  9. Quartz动态添加定时任务执行sql(服务启动添加+手动添加)

    系统用来每天插入视图数据... 一.数据库表设计 1.接口配置表(t_m_db_interface_config) 2.接口日志表(t_m_db_interface_log) 3.前端配置页面 查询页 ...

随机推荐

  1. [BZOJ3874][AHOI2014] 宅男计划

    Description 外卖店一共有N种食物,分别有1到N编号.第i种食物有固定的价钱Pi和保质期Si.第i种食物会在Si天后过期.JYY是不会吃过期食物的.比如JYY如果今天点了一份保质期为1天的食 ...

  2. JS:事件对象1

    一,this关键字和上下文 var box = document.getElementById("box");. 普通的函数如果没有给他传递参数,函数本身是没有参数的. test( ...

  3. asp.net三层架构详解

    一.数据库 /*==============================================================*/ /* DBMS name:      Microsof ...

  4. uva10375 Choose and Divide(唯一分解定理)

    uva10375 Choose and Divide(唯一分解定理) 题意: 已知C(m,n)=m! / (n!*(m-n!)),输入整数p,q,r,s(p>=q,r>=s,p,q,r,s ...

  5. java并发编程(十)使用wait/notify/notifyAll实现线程间通信

    转载请注明出处:http://blog.csdn.net/ns_code/article/details/17225469 wait()方法:public final void wait()  thr ...

  6. mysql数据库封装

    <?php /** * name: sql操作封装,可扩展 . * User: 张云山 * Date: 2016/9/4 * Time: 22:02 */ //php文件编码设置header(' ...

  7. 【iCore3双核心板】发布 iCore3 应用开发平台用户手册

    PDF手册下载地址:http://pan.baidu.com/s/1miBBYi8 iCore3应用开发平台购买地址:https://item.taobao.com/item.htm?spm=a1z1 ...

  8. JavaScript:数组大全

    栈/队列 数组es3: pop删除最后一项(栈) shift删除第一项(队列) push增加到最后(栈) unshift增加到最前(队列) reverse翻转 join转字符串 slice截取(切片) ...

  9. 函数Curry化

    之前写过一个函数Curry化的小文章 那会儿对Curry化的理解不够深,平时遇到的需要Curry化的例子也比较少,今天,重新整理这个问题 函数Curry化,其实就是将一个参数非常多的函数,在大多数参数 ...

  10. php 截取中文字符串 - ord()函数 0xa0...

    在ASCII中,0xa0表示汉字的开始 其中php中的一个函数ord()函数 此函数功能返回一个字符的askii码值: 如ord('A')=65; <?php function GBsubstr ...