我如何在WCF客戶端簽署肥皂標題

Question

我正在嘗試調用Web服務。 （從服務規範）的結構良好的SOAP消息看起來像：

<soapenv:Envelope xmlns:ebs="http://ebs.health.ontario.ca/" xmlns:edt="http://edt.health.ontario.ca/" xmlns:idp="http://idp.ebs.health.ontario.ca/" xmlns:msa="http://msa.ebs.health.ontario.ca/" xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"> 
    <soapenv:Header> 
    <wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"> 
     <wsse:BinarySecurityToken EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" wsu:Id="X509-ED7F771775BF23B4CE137760623417313">MIICDzCCAXigAwIBAgIEUYu//zANBgkqhkiG9w0BAQQFADBMMQswCQYDVQQGEwJDQTETMBEGA1UECgwKREVOSVNfVGVzdDEoMCYGA1UEAxMfT05EMkMwMDczMTMwMy5jaWhzLmFkLmdvdi5vbi5jYTAeFw0xMzA1MDkxNTI1NTFaFw0xNDA1MDkxNTI1NTFaMEwxCzAJBgNVBAYTAkNBMRMwEQYDVQQKDApERU5JU19UZXN0MSgwJgYDVQQDEx9PTkQyQzAwNzMxMzAzLmNpaHMuYWQuZ292Lm9uLmNhMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCBDiEjn5QX0qL9Xgp1t1+y/nGmBke8oYqEybV0/slsffe7nmK//TqMxhDCxxYx1BiU/ddpxI8hlsLGVaGu/QfcBFYeGfTSQBQ+ZQNbp9D8O5I9T7Uds52dOljCq6fIgZ5eMFWKHL1zlm2VUOi19SS++HuhpDDsAgEClUCDYhs1BwIDAQABMA0GCSqGSIb3DQEBBAUAA4GBABeuNnUGNWSlLHALdJMCdiU4C40+QXOrOwy5IB5rXA3RsQt0MPU7+FKCBClCcKrIJEKGZFrRg/axN0woiQhKPfcuOT7n1O8dvbXf5cGGR5l/kVDOO6DR2Mguo3jcKndVVpp0AjqI1jpxo1MkROJwbERtBqbjYRdOKyFexICVHN3k</wsse:BinarySecurityToken> 
     <ds:Signature Id="SIG-30" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> 
     <ds:SignedInfo> 
      <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"> 
      <ec:InclusiveNamespaces PrefixList="ebs edt idp msa soapenv" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"/> 
      </ds:CanonicalizationMethod> 
      <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> 
      <ds:Reference URI="#TS-25"> 
      <ds:Transforms> 
       <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"> 
       <ec:InclusiveNamespaces PrefixList="wsse ebs edt idp msa soapenv" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"/> 
       </ds:Transform> 
      </ds:Transforms> 
      <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/> 
      <ds:DigestValue>vVFQZIFYpfV/qk0X7lZpVuV9ao6Zckl4g78O+UXKCBE=</ds:DigestValue> 
      </ds:Reference> 
      <ds:Reference URI="#UsernameToken-26"> 
      <ds:Transforms> 
       <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"> 
       <ec:InclusiveNamespaces PrefixList="ebs edt idp msa soapenv" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"/> 
       </ds:Transform> 
      </ds:Transforms> 
      <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/> 
      <ds:DigestValue>IqZOA4Ha1Ial3UqDc9Gl6wPLQF18xOSTBPR1/oj0mwY=</ds:DigestValue> 
      </ds:Reference> 
      <ds:Reference URI="#id-27"> 
      <ds:Transforms> 
       <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"> 
       <ec:InclusiveNamespaces PrefixList="edt idp msa soapenv" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"/> 
       </ds:Transform> 
      </ds:Transforms> 
      <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/> 
      <ds:DigestValue>qHx6/vbUQhLVSqZmvJZSIEFXwSJ5TQhfgtJ3OfSnhdY=</ds:DigestValue> 
      </ds:Reference> 
      <ds:Reference URI="#id-28"> 
      <ds:Transforms> 
       <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"> 
       <ec:InclusiveNamespaces PrefixList="ebs edt msa soapenv" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"/> 
       </ds:Transform> 
      </ds:Transforms> 
      <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/> 
      <ds:DigestValue>Mm83R8AW0mj1cGq4MwOxMiT9sI5nD8qo4KGcKfr/N8Q=</ds:DigestValue> 
      </ds:Reference> 
      <ds:Reference URI="#id-29"> 
      <ds:Transforms> 
       <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"> 
       <ec:InclusiveNamespaces PrefixList="ebs edt idp msa" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"/> 
       </ds:Transform> 
      </ds:Transforms> 
      <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/> 
      <ds:DigestValue>f5Rcb1Z6o074KqaJDr7DDuIPIqaYS1OcYnZogVFWln0=</ds:DigestValue> 
      </ds:Reference> 
     </ds:SignedInfo> 
     <ds:SignatureValue> 
      Uue2z5y0zbmbiG2qYXm83L5WYTeDL6uMasDMo6Ns7KLUmRndX0Iv+XGuA6EIG4HEpeCpCsjjFaQ8 
      m1wZbEg+uLjug7QlkdhMCTA6gXEdlzgl7p9IGbnHgTGjPuY+af57ArwMAgktr5FXTKXLEPMQHyg/ 
      Isi6r1c12vFdERUai7w= 
     </ds:SignatureValue> 
     <ds:KeyInfo Id="KI-ED7F771775BF23B4CE137760623417314"> 
      <wsse:SecurityTokenReference wsu:Id="STR-ED7F771775BF23B4CE137760623417315"> 
      <wsse:Reference URI="#X509-ED7F771775BF23B4CE137760623417313" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"/> 
      </wsse:SecurityTokenReference> 
     </ds:KeyInfo> 
     </ds:Signature> 
     <wsse:UsernameToken wsu:Id="UsernameToken-26"> 
     <wsse:Username>username</wsse:Username> 
     <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">password</wsse:Password> 
     </wsse:UsernameToken> 
     <wsu:Timestamp wsu:Id="TS-25"> 
     <wsu:Created>2013-08-27T12:23:54Z</wsu:Created> 
     <wsu:Expires>2013-08-27T12:28:54Z</wsu:Expires> 
     </wsu:Timestamp> 
    </wsse:Security> 
    <idp:IDP wsu:Id="id-28" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"> 
     <ServiceUserMUID>282673</ServiceUserMUID> 
    </idp:IDP> 
    <ebs:EBS wsu:Id="id-27" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"> 
     <SoftwareConformanceKey>1111</SoftwareConformanceKey> 
     <AuditId>2222</AuditId> 
    </ebs:EBS> 
    </soapenv:Header> 
    <soapenv:Body wsu:Id="id-29" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"> 
    <edt:list> 
     <resourceType>CL</resourceType> 
     <pageNo>1</pageNo> 
    </edt:list> 
    </soapenv:Body> 
</soapenv:Envelope> 

在WCF消息日誌我看到下面的輸出

<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/"> 
<s:Header> 
<Action s:mustUnderstand="1" xmlns="http://schemas.microsoft.com/ws/2005/05/addressing/none">http://edt.health.ontario.ca/EDTDelegate/listRequest</Action> 
<h:EBS xmlns="http://ebs.health.ontario.ca/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:h="http://ebs.health.ontario.ca/"> 
<SoftwareConformanceKey xmlns="">1111</SoftwareConformanceKey> 
<AuditId xmlns="">2222</AuditId> 
</h:EBS> 
<h:IDP xmlns="http://idp.ebs.health.ontario.ca/" xmlns:h="http://idp.ebs.health.ontario.ca/"> 
<ServiceUserMUID xmlns="">user11</ServiceUserMUID> 
</h:IDP> 
<h:MSA xmlns="http://msa.ebs.health.ontario.ca/" xmlns:h="http://msa.ebs.health.ontario.ca/"> 
<UserID xmlns="">user</UserID> 
</h:MSA> 
<ActivityId CorrelationId="a87eb831-b9d2-4333-8cae-f4138320fff1" xmlns="http://schemas.microsoft.com/2004/09/ServiceModel/Diagnostics">036f870c-b78f-40f7-ba27-7cdc8516f4fe</ActivityId> 
<VsDebuggerCausalityData xmlns="http://schemas.microsoft.com/vstudio/diagnostics/servicemodelsink"></VsDebuggerCausalityData> 
</s:Header> 
<s:Body xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema"> 
<list xmlns="http://edt.health.ontario.ca/"> 
<resourceType xmlns="">CL</resourceType> 
<pageNo xmlns="">1</pageNo> 
</list> 
</s:Body> 
</s:Envelope> 

而且我得到的例外它說

SecurityVersion .WSSecurityJan2004不支持標題加密。 名稱爲'EBS'且名稱空間爲'http://ebs.health.ontario.ca/' 的標頭配置爲加密。考慮使用 SecurityVersion.WsSecurity11及更高版本或使用傳輸安全性至 加密完整郵件。

Answer 1

編輯：See here一個詳細的解決方案，以消耗這EBS-EDT服務

既然你只需要簽名，而不是加密嘗試指定在郵件合同本身：

[MessageHeader(ProtectionLevel=System.Net.Security.ProtectionLevel.Sign)]