WCF消息督察

Question

我需要基於WCF

這裏從服務到XML簽名的答覆是示例代碼：

public void BeforeSendReply(ref Message reply, object correlationState) 
     { 
      MemoryStream ms = new MemoryStream(); 
      XmlDictionaryWriter writer = XmlDictionaryWriter.CreateTextWriter(ms, Encoding.UTF8); 
      reply.WriteMessage(writer); 
      writer.Flush(); 
      ms.Seek(0, SeekOrigin.Begin); 
      XmlDocument doc = new XmlDocument(); 
      doc.Load(ms); 
      doc.Save(@"C:\reply.xml"); 
      ms.Seek(0, SeekOrigin.Begin); 

      CspParameters cspParams = new CspParameters(); 
      cspParams.KeyContainerName = "XML_DSIG_RSA_KEY";  

      RSACryptoServiceProvider rsaKey = new RSACryptoServiceProvider(cspParams); 

      SignedXml signedXml = new SignedXml(doc); 
      signedXml.SigningKey = rsaKey; 

      Reference reference = new Reference(); 
      reference.Uri = string.Empty; 

      XmlDsigEnvelopedSignatureTransform env = new XmlDsigEnvelopedSignatureTransform(); 
      reference.AddTransform(env); 

      signedXml.AddReference(reference); 

      signedXml.ComputeSignature(); 

      XmlElement xmlDigitalSignature = signedXml.GetXml(); 

      doc.DocumentElement.AppendChild(doc.ImportNode(xmlDigitalSignature, true)); 

      doc.Save(@"C:\signed_reply.xml"); 

      MemoryStream signedStream = new MemoryStream(); 
      doc.Save(signedStream); 
      signedStream.Seek(0, SeekOrigin.Begin); 

      XmlReader reader = XmlReader.Create(signedStream); 
      Message newMessage = Message.CreateMessage(reader, int.MaxValue, reply.Version); 
      newMessage.Properties.CopyProperties(reply.Properties); 
      reply = newMessage; 
     } 

當了SoapUI測試我什麼也看不見，並生成客戶端上的異常失敗。從變量ms返回時，一切都按預期進行。這段代碼有什麼錯誤？

reply.xml

<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/"> 
    <s:Header> 
    <Action s:mustUnderstand="1" xmlns="http://schemas.microsoft.com/ws/2005/05/addressing/none">http://tempuri.org/ITest/GetProductResponse</Action> 
    </s:Header> 
    <s:Body> 
    <GetProductResponse xmlns="http://tempuri.org/"> 
     <GetProductResult xmlns:a="http://schemas.datacontract.org/2004/07/WebJsonService" xmlns:i="http://www.w3.org/2001/XMLSchema-instance"> 
     <a:Description>test</a:Description> 
     <a:Id>5</a:Id> 
     <a:Name>test</a:Name> 
     <a:Price>0.25</a:Price> 
     </GetProductResult> 
    </GetProductResponse> 
    </s:Body> 
</s:Envelope> 

signed_reply.xml

<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/"> 
    <s:Header> 
    <Action s:mustUnderstand="1" xmlns="http://schemas.microsoft.com/ws/2005/05/addressing/none">http://tempuri.org/ITest/GetProductResponse</Action> 
    </s:Header> 
    <s:Body> 
    <GetProductResponse xmlns="http://tempuri.org/"> 
     <GetProductResult xmlns:a="http://schemas.datacontract.org/2004/07/WebJsonService" xmlns:i="http://www.w3.org/2001/XMLSchema-instance"> 
     <a:Description>test</a:Description> 
     <a:Id>5</a:Id> 
     <a:Name>test</a:Name> 
     <a:Price>0.25</a:Price> 
     </GetProductResult> 
    </GetProductResponse> 
    </s:Body> 
    <Signature xmlns="http://www.w3.org/2000/09/xmldsig#"> 
    <SignedInfo> 
     <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" /> 
     <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" /> 
     <Reference URI=""> 
     <Transforms> 
      <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" /> 
     </Transforms> 
     <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" /> 
     <DigestValue>fXEwGkEaeFkpQaxZr1T61l0q5XE=</DigestValue> 
     </Reference> 
    </SignedInfo> 
    <SignatureValue>eikY2sH9l12SyEiCwuEKBTqJZjKnkHND/8opBOp3uF0jkR/iYsAxFhDNuVXAghVsTbdllg+G8a/UKMN10JByvl5RV9wULM+5CLKQ2e1d3+0kBZdd5Q568yJNQhYbFENzJP2aRJiv9rWN8ji4QGdDITNy7IVcgv5M8flPr+5/9A8=</SignatureValue> 
    </Signature> 
</s:Envelope> 

Answer 1

可能是更好的選擇是使用由WCF本身提供的安全服務。 http://msdn.microsoft.com/en-us/library/ms789011.aspx