在 C# 中以编程方式创建 WCF 客户端的标头(wsse)部分
Posted
技术标签:
【中文标题】在 C# 中以编程方式创建 WCF 客户端的标头(wsse)部分【英文标题】:Creating Headers (wsse) Section of WCF Client Programmatically in C# 【发布时间】:2011-11-07 00:47:21 【问题描述】:如何以编程方式在 C# 中创建 app.config 的以下服务设置部分:
<client>
<endpoint address="https://someServiceUrl"
binding="basicHttpBinding" bindingConfiguration="Contact"
contract="ServiceReference.PostingWebService" name="PostingWebServicePort">
<headers>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:UsernameToken>
<wsse:Username>someusername</wsse:Username>
<wsse:Password Type='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText'>somepassword</wsse:Password>
</wsse:UsernameToken>
</wsse:Security>
</headers>
</endpoint>
</client>
我已经设法从 C# 生成绑定部分(上面未包括)和端点部分。我无法创建标题部分。
出现的错误是:(这是因为我从 C# 生成所有内容时没有标题部分)
此服务需要<wsse:Security>
,但缺少。
headers 部分很重要,就好像我将它从配置中排除并使用 config 运行代码一样,它也会给出上述错误。
我不想使用 web.config/app.config。我必须从 C# 运行所有东西。 (上面的 app.config 工作正常,但我想通过 C# 做同样的事情)
注意:下面的更新基于下面提供的解决方案,请仔细阅读下面对解决方案的评论,以便更好地理解
更新 1:(首先以编程方式使用 BasicHttpBinding)
BasicHttpBinding binding = new BasicHttpBinding();
binding.Name = "Contact";
binding.CloseTimeout = TimeSpan.FromMinutes(1);
binding.OpenTimeout = TimeSpan.FromMinutes(1);
binding.ReceiveTimeout = TimeSpan.FromMinutes(10);
binding.SendTimeout = TimeSpan.FromMinutes(1);
binding.AllowCookies = false;
binding.BypassProxyOnLocal = false;
binding.HostNameComparisonMode = HostNameComparisonMode.StrongWildcard;
binding.MaxBufferSize = 524288;
binding.MaxBufferPoolSize = 524288;
binding.MaxReceivedMessageSize = 524288;
binding.MessageEncoding = WSMessageEncoding.Text;
binding.TextEncoding = System.Text.Encoding.UTF8;
binding.TransferMode = TransferMode.Buffered;
binding.UseDefaultWebProxy = true;
binding.ReaderQuotas.MaxDepth = 32;
binding.ReaderQuotas.MaxStringContentLength = 65536;
binding.ReaderQuotas.MaxArrayLength = 131072;
binding.ReaderQuotas.MaxBytesPerRead = 32768;
binding.ReaderQuotas.MaxNameTableCharCount = 131072;
binding.Security.Mode = BasicHttpSecurityMode.Transport;
binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.None;
binding.Security.Transport.ProxyCredentialType = HttpProxyCredentialType.None;
binding.Security.Transport.Realm = "";
binding.Security.Message.ClientCredentialType = BasicHttpMessageCredentialType.UserName;
binding.Security.Message.AlgorithmSuite = System.ServiceModel.Security.SecurityAlgorithmSuite.Default;
CustomBinding customBinding = new CustomBinding(binding);
SecurityBindingElement element = customBinding.Elements.Find<SecurityBindingElement>();
// Remove security timestamp because it is not used by your original binding
//element.IncludeTimestamp = false; (element is NULL in my case)
EndpointAddress endpoint = new EndpointAddress("https://myserviceaddress");
PostingWebServiceClient client = new PostingWebServiceClient(customBinding, endpoint);
client.ClientCredentials.UserName.UserName = "myusername";
client.ClientCredentials.UserName.Password = "mypassword";
client.getActiveChannels(new getActiveChannels());
直接使用自定义绑定:
SecurityBindingElement securityElement = SecurityBindingElement.CreateUserNameOverTransportBindingElement();
securityElement.IncludeTimestamp = false;
TextMessageEncodingBindingElement encodingElement = new TextMessageEncodingBindingElement(MessageVersion.Soap11, Encoding.UTF8);
HttpsTransportBindingElement transportElement = new HttpsTransportBindingElement();
CustomBinding customBinding = new CustomBinding(securityElement, encodingElement, transportElement);
EndpointAddress endpoint = new EndpointAddress("https://myserviceaddress");
PostingWebServiceClient client = new PostingWebServiceClient(customBinding, endpoint);
client.ClientCredentials.UserName.UserName = "myusername";
client.ClientCredentials.UserName.Password = "mypassword";
client.getActiveChannels(new getActiveChannels());
【问题讨论】:
第一个例子是错误的。您使用了不正确的安全模式。您必须使用TransportWithMessage
凭据,而不仅仅是 Transport
。在您的第二个示例中,错误显然是在身份验证中。服务找到用户名和密码,但返回无效。
非常感谢您总结答案,这是我找到的添加安全标头的最干净的方法。
【参考方案1】:
在这种情况下您不必直接配置标头,因为您的方案应该由BasicHttpBinding
或CustomBinding
直接支持。
如果您需要从 C# 配置它,您必须在代码中创建绑定:
// Helper binding to have transport security with user name token
BasicHttpBinding binding = new BasicHttpBinding(BasicHttpSecurityMode.TransportWithMessageCredential);
binding.Security.Message.ClientCredentialType = BasicHttpMessageCredentialType.UserName;
// Rest of your binding configuration comes here
// Custom binding to have access to more configuration details of basic binding
CustomBinding customBinding = new CustomBinding(binding);
SecurityBindingElement element = customBinding.Elements.Find<SecurityBindingElement>();
// Remove security timestamp because it is not used by your original binding
element.IncludeTimestamp = false;
EndpointAddress address = new EndpointAddress("https://...");
ProxyWebServiceClient client = new ProxyWebServiceClient(customBinding, address);
client.ClientCredentials.UserName.UserName = "...";
client.ClientCredentials.UserName.Password = "...";
其他解决方案是直接构建自定义绑定,而不是从基本绑定开始:
SecurityBindingElemetn securityElement = SecurityBindingElement.CreateUserNameOverTransportBindingElement();
securityElement.IncludeTimestamp = false;
TextMessageEncodingBindingElement encodingElement = new TextMessageEncodingBindingElement(MessageVersion.Soap11, Encoding.UTF8);
HttpsTransportBindingElement tranportElement = new HttpsTransportBindingElement();
// Other configurations of basic binding are divided into properties of
// encoding and transport elements
CustomBinding customBinding = new CustomBinding(securityElement, encodingElement, transportElement);
EndpointAddress address = new EndpointAddress("https://...");
ProxyWebServiceClient client = new ProxyWebServiceClient(customBinding, address);
client.ClientCredentials.UserName.UserName = "...";
client.ClientCredentials.UserName.Password = "...";
【讨论】:
以上都不起作用。在第一种情况下(我首先创建基本绑定),我在 SecurityBindingElement element = customBinding.Elements.Find查看this *** question. 的已接受答案,它显示了如何以编程方式将客户端凭据添加到代理。它还显示了在客户端端点配置 XML 中添加标头,这是我以前从未见过的。
【讨论】:
以上是关于在 C# 中以编程方式创建 WCF 客户端的标头(wsse)部分的主要内容,如果未能解决你的问题,请参考以下文章
在 WCF 服务 C# 的服务器端获取客户端的 Mac 地址不重复(在 WCF 3.0 中获取客户端 IP 地址)