從WSSE安全頭中刪除時間戳C＃ASMX/WCF服務

Question

我在項目中添加了一個Java WSDL作爲Web引用。我正在使用它來調用端點上的服務。我在ASMX文件中添加了一個WebMethod並在那裏調用該服務。要求是使用WSE安全性並使用X509證書籤署請求。

不幸的是，時間戳是創造問題，我得到的迴應「被發現的錯誤處理的頭」。如果我從中刪除TimeStamp元素，則相同的請求會從SoapUI中起作用。 This is how the request look like

這裏是一個創建安全元素

//Set WSSE Security 
    svc.RequestSoapContext.Security.Timestamp.TtlInSeconds = 300; 
    svc.RequestSoapContext.Security.MustUnderstand = true; 
    svc.RequestSoapContext.Security.Tokens.Add(newtoken); 
    Microsoft.Web.Services3.Security.MessageSignature signature = new Microsoft.Web.Services3.Security.MessageSignature(newtoken); 
    signature.SignatureOptions = Microsoft.Web.Services3.Security.SignatureOptions.IncludeSoapBody;    
    svc.RequestSoapContext.Security.Elements.Add(signature); 

===============

使用WCF

的問題仍然存在代碼即使我使用WCF來做。只要我添加IncludeTimestamp = false;該請求沒有發送並將其設置爲true可以創建請求。

這裏是WCF碼 -

 //Create Endpoint 
     EndpointAddress address = new EndpointAddress((istest == true ? CHORUS_UFB_EMMA : CHORUS_UFB_PROD)); 

     //Add Certificate to EndPoint Service 
     X509Certificate2 cert = new X509Certificate2(@"Certificate Path", "Password", X509KeyStorageFlags.PersistKeySet); 

     //Setup custom binding with HTTPS + Body Signing + Soap1.1 
     CustomBinding binding = new CustomBinding(); 

     //HTTPS Transport 
     HttpsTransportBindingElement transport = new HttpsTransportBindingElement(); 

     //Set Security Binding as Transport 
     TransportSecurityBindingElement tsec = SecurityBindingElement.CreateCertificateOverTransportBindingElement(MessageSecurityVersion.WSSecurity10WSTrust13WSSecureConvers‌​ation13WSSecurityPol‌​icy12BasicSecurityPr‌​ofile10); 
     tsec.EnableUnsecuredResponse = true; 
     tsec.AllowInsecureTransport = true; 
     tsec.SecurityHeaderLayout = SecurityHeaderLayout.Lax; 
     tsec.LocalServiceSettings.DetectReplays = false; 
     tsec.LocalClientSettings.DetectReplays = false; 
     tsec.IncludeTimestamp = false; 
     tsec.SetKeyDerivation(false); 
     tsec.EndpointSupportingTokenParameters.Signed.Add(new SecureConversationSecurityTokenParameters()); 

     //Setup for SOAP 11 and UTF8 Encoding 
     TextMessageEncodingBindingElement textMessageEncoding = new TextMessageEncodingBindingElement(MessageVersion.Soap11, Encoding.UTF8); 

     //Bind in order (Security layer, message layer, transport layer) 
     binding.Elements.Add(tsec); 
     binding.Elements.Add(textMessageEncoding); 
     binding.Elements.Add(transport); 

Here is the generated request using above code 任何幫助，在此，將不勝感激。

Answer 1

這可能會通過你的客戶和你在哪裏調用服務託管Web服務器之間的時間差造成的。

仔細檢查，如果兩個服務器上的時間匹配，並且是同步的。時間可能需要在5分鐘之內。