All geek questions in one place

WSHttpBinding TransportWithMessageCredential SecurityMode modifies the request

I am struggling with binding configurations WCF. I have a third-party service added as a reference to my project. I was given some specifications.

I need to use SOAP v1.2, so I decided what I need WSHttpBinding, it will be https, so I needSecurityMode.Transport

Something like that:

var binding = new WSHttpBinding();
binding.Security.Mode = SecurityMode.Transport;
var client = new MyClient(binding, addr);
var result = client.Method(new MyObject());

As a result of this request body.

 <S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope"      
            xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing">
  <S:Header>
     <wsa:MessageID>
       uuid:6B29FC40-CA47-1067-B31D-00DD010662DA
     </wsa:MessageID>
     <wsa:ReplyTo>
       <wsa:Address>example</wsa:Address>
     </wsa:ReplyTo>
     <wsa:To>example</wsa:To>
     <wsa:Action>example</wsa:Action>
  </S:Header>
  <S:Body>
     <MyObject>...</MyObject>
  </S:Body>
 </S:Envelope>

According to the specification I provided, I need to include an element Securityin the header with UsernameTokenand Timestamp. Exactly what I would get with BasicHttpBindingandBasicHttpSecurityMode.TransportWithMessageCredential

When I try to set the TransportWithMessageCredentialmode with the body WSHttpBinding, I will explicitly change the body.

binding.Security.Mode = SecurityMode.TransportWithMessageCredential;
binding.Security.Message.ClientCredentialType = MessageCredentialType.UserName;
var client = new MyClient(binding, addr);
client.ClientCredentials.UserName.UserName = "username";
client.ClientCredentials.UserName.Password = "123456";
var result = client.Method(new MyObject());

 <S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope"      
            xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing">
  <S:Header>
     <wsa:MessageID>
       uuid:b633067e-9a9e-4216-b036-4afa3aca161e
     </wsa:MessageID>
     <wsa:ReplyTo>
       <wsa:Address>http://www.w3.org/2005/08/addressing/anonymous</wsa:Address>
     </wsa:ReplyTo>
     <wsa:To>example</wsa:To>
     <wsa:Action>http://schemas.xmlsoap.org/ws/2005/02/trust/RST/SCT</wsa:Action>
     <o:Security s:mustUnderstand=1 xmlns:o=http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd>
      <u:Timestamp>...<u:Timestamp>
      <o:UsernameToken>
      <o:Username>...</o:Username>
      <o:Password>...</o:Password>
      </o:UsernameToken>
     </o:Security>
  </S:Header>
  <S:Body>
     <t:RequestSecurityToken>...</t:RequestSecurityToken>
  </S:Body>
 </S:Envelope>

, . ?

( ) - :

 <S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope"      
            xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing">
  <S:Header>
     <wsa:MessageID>
       uuid:6B29FC40-CA47-1067-B31D-00DD010662DA
     </wsa:MessageID>
     <wsa:ReplyTo>
       <wsa:Address>example</wsa:Address>
     </wsa:ReplyTo>
     <wsa:To>example</wsa:To>
     <wsa:Action>example</wsa:Action>
     <o:Security s:mustUnderstand=1 xmlns:o=http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd>
      <u:Timestamp>...<u:Timestamp>
      <o:UsernameToken>
      <o:Username>...</o:Username>
      <o:Password>...</o:Password>
      </o:UsernameToken>
     </o:Security>
  </S:Header>
  <S:Body>
     <MyObject>...</MyObject>
  </S:Body>
 </S:Envelope>
+4
2

WCF, . RequestSecurityToken , RequestSecurityTokenResponse. , , , . Service Trace Viewer:

enter image description here

, ? WCF? , . WCF .

, , , SecurityMode Message NegotiateServiceCredential false.

UPDATE:

, .

wsa: ReplyTo, ReplyTo OperationContext.OutgoingMessageHeaders, :

using (new OperationContextScope(client.InnerChannel))
{
    OperationContext.Current.OutgoingMessageHeaders.ReplyTo = new EndpointAddress("http://someclient/callback");
    var request = client.Method(new MyObject());
}

. .

0

CustomBinding .

var b = new CustomBinding();

var security = TransportSecurityBindingElement.CreateUserNameOverTransportBindingElement();
    security.IncludeTimestamp = true;
    security.DefaultAlgorithmSuite = SecurityAlgorithmSuite.Default;
    security.MessageSecurityVersion = MessageSecurityVersion.Default;
    security.SecurityHeaderLayout = SecurityHeaderLayout.Lax;
    security.EnableUnsecuredResponse = true;

var encoding = new TextMessageEncodingBindingElement();
    encoding.MessageVersion = MessageVersion.Soap12WSAddressing10;

var transport = new HttpsTransportBindingElement
    {
       MaxBufferPoolSize = 2147483647,
       MaxBufferSize = 2147483647,
       MaxReceivedMessageSize = 2147483647,
    };

    b.Elements.Add(security);
    b.Elements.Add(encoding);
    b.Elements.Add(transport);

var client = new MyClient(binding, addr);
var result = client.Method(new MyObject());
0

Source: https://habr.com/ru/post/1665377/

More articles:


All Articles