我需要使用第三方web服务。我有一个wsdl文件和.pkcs12密钥库文件和密码。使用这个wsdl文件,我在项目中添加了web引用。读取密钥库文件。创建了x509certificate2类的新示例,并在添加到服务类后导入了证书。我正在尝试调用服务中的方法
service.mymethod(param1)--> (At this line its throwing error stating that ws-security header not found)通过搜索这个错误,我找到了stackoverflow链接来添加安全性头,下面的链接是完整的代码
//reading PCKS12 certificate
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;
var path = System.IO.Path.Combine(AppDomain.CurrentDomain.BaseDirectory, "Content\\myKeyStoreFile.pkcs12");
var data = System.IO.File.ReadAllBytes(path);
//Importing Certificate
X509Certificate2 certificate = new X509Certificate2();
certificate.Import(data, "password", X509KeyStorageFlags.DefaultKeySet);
//adding WS-Security Headers
UsernameToken token = new UsernameToken("keyname", "password", PasswordOption.SendHashed);
service.RequestSoapContext.Security.Tokens.Add(token);
//adding certificate to service
service.ClientCertificates.Add(certificate);
//calling proxy class(service method)
service.methodname(param1);-->(its throwing System.web.service.protocols.soapheaderexception:'nested exception is org.apache.wss4j.common.ext.WSSSecurityException Original Exception was javax.security.auth.callback.unsupportedcallbackexception)我有一个java代码(在SpringBoot中实现)供参考。wss4jsecurityinterceptor securityinterceptor=新wss4jsecurityinterceptor();
//crypto varible contains .pkcs12 file path and password properties
Crypto crypto = null;
try {
crypto = CryptoFactory.getInstance(cryptoPropertyFile);
}catch(WSSecurityException e) {
e.printStackTrace();}
securityInterceptor.setSecurementActions("Encrypt Signature");
securityInterceptor.setSecurementEncryptionUser(trustedCertKeyAlias);
securityInterceptor.setSecurementEncryptionCrypto(crypto);
securityInterceptor.setSecurementEncryptionParts("{Content {http://schemas.xmlsoap.org/soap/envelope/}Body");
securityInterceptor.setSecurementUsername(privateKeyAlias);
securityInterceptor.setSecurementPassword(privateKeyPassword);
securityInterceptor.setSecurementSignatureCrypto(crypto);
securityInterceptor.setSecurementSignatureKeyIdentifier("DirectReference");
securityInterceptor.setSecurementSignatureUser(privateKeyAlias);
securityInterceptor.setSecurementSignatureParts("{Content}{http://schemas.xmlsoap.org/soap/envelope/}Body");
securityInterceptor.setValidationActions("Encrypt");
securityInterceptor.setValidationDecryptionCrypto(crypto);
KeyStoreCallbackHandler keyStoreCallbackHandler = new KeyStoreCallbackHandler();
keyStoreCallbackHandler.setPrivateKeyPassword(privateKeyPassword);
securityInterceptor.setValidationCallbackHandler(keyStoreCallbackHandler);
LogHttpHeaderClientInterceptor logHttpHeaderClientInterceptor = new LogHttpHeaderClientInterceptor();
ClientInterceptor[] interceptors = {securityInterceptor, logHttpHeaderClientInterceptor};
template.setInterceptors(interceptors);有谁能告诉我如何在dotnet中添加拦截器吗。我做了一些研究,但找不到任何解决办法。在dotnet中有什么东西对wss4jsecurityinterceptor来说很可笑吗。
1条答案
按热度按时间vbopmzt11#
IClientMessageInspector可能是你要找的东西。你需要创造
IEndpointBehavior并添加IClientMessageInspector,然后将该行为添加到用于创建ChannelFactory.请参见:https://docs.microsoft.com/en-us/dotnet/framework/wcf/extending/how-to-inspect-or-modify-messages-on-the-client
另请参见:https://docs.microsoft.com/en-us/dotnet/api/system.servicemodel.dispatcher.iclientmessageinspector?view=netframework-4.8
例子:
使用消息检查器: