我已經創建的服務與這樣的綁定配置:WCF WS-Security服務器
<bindings>
<customBinding>
<binding name="DefaultBinding">
<textMessageEncoding messageVersion="Soap12" />
<httpTransport />
</binding>
</customBinding>
</bindings>
而當我的服務接收消息開始是這樣的:
<s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope">
<s:Header>
<Security s:mustUnderstand="1" xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<UsernameToken>
<Username>
</Username>
<Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">...</Password>
<Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">KWVa4abCrEemOMT55VEZkgIAAAAAAA==</Nonce>
<Created xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">2013-08-28T13:29:05.966Z</Created>
</UsernameToken>
</Security>
...
它產生錯誤:
的名字空間'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd'的標題'安全'未被理解...
我也試過:
<wsHttpBinding>
<binding name="DefaultBinding">
<security mode="Message" />
</binding>
</wsHttpBinding>
我如何處理這個頭或忽略它?
更新
我的理解,我需要在不安全的傳輸用戶名,所以我嘗試:
<customBinding>
<binding
name="DefaultBinding">
<textMessageEncoding messageVersion="Soap12" />
<security authenticationMode="UserNameOverTransport" allowInsecureTransport="True">
</security>
<httpTransport>
</httpTransport>
</binding>
</customBinding>
我也試過CUB:
<bindings>
<clearUsernameBinding>
<binding name="myClearUsernameBinding" messageVersion="Soap12">
</binding>
</clearUsernameBinding>
</bindings>
兩個錯誤結束在客戶端上:驗證消息安全性時發生錯誤。但它適用於測試CUB的客戶端。什麼可能是錯的?
是的,這是對的Valide客戶端發送用戶名後/越過HTTP不使用SSL。此時服務應該接受它而不檢查。我試過CUB,它與測試客戶端一起工作,但是與現有客戶端失敗:{「驗證郵件安全性時發生錯誤。」} 我比較了evelope的標頭: CUB包含以下元素: 時間戳,過期,UsernameToken,用戶名,密碼 礦有: 用戶名,密碼,現時,創建 – therg
請發佈工作和fialing消息的樣本 –
現在我看到你發佈它。您應該打開服務器上的wcf trace來查看確切的錯誤。 http://blogs.msdn.com/b/madhuponduru/archive/2006/05/18/601458.aspx –