如何爲第三方Web服務創建特定的SOAP標頭

Question

我正在嘗試連接到第三方Web服務。我試圖用多種方式去做，但我一直無法做到。他們使用Java服務和客戶端，他們給我發了什麼應該是正確的標題：

<soapenv:Header> 
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"> 
    <ds:Signature Id="SIG-DF651A72BB4BD472F5149301750204095" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> 
     <ds:SignedInfo> 
      <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"> 
       <ec:InclusiveNamespaces PrefixList="doc soapenv web" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"/> 
      </ds:CanonicalizationMethod> 
      <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> 
      <ds:Reference URI="#id-DF651A72BB4BD472F5149301750203994"> 
       <ds:Transforms> 
        <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"> 
         <ec:InclusiveNamespaces PrefixList="doc web" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"/> 
        </ds:Transform> 
       </ds:Transforms> 
       <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> 
       <ds:DigestValue>iITj5pTonO3g052LVSnea1yZd0Q=</ds:DigestValue> 
      </ds:Reference> 
     </ds:SignedInfo> 
     <ds:SignatureValue>DhsMfNnidlHk7QIRAWBrr44T6nMLLG00AN/1jnZSlV7pbrMZ3V/MrvW1S5hzQYGQXRH1U1bqzCw8wF2nGtizDtagWGR9UfBoq+wvFBktQy6f7B91DbN++q03a28i2iiSxiEOVWaCvZzCmwOOLdOIIvaD8c8YsJAIgzB+wGg1s6d14+0rk4zAEQrtu7hWvOtU3s6aKIMrX9JiP+1qVInI4RPWynZ9pIbB87vaZSMHsqkjexxKMBB7v5sZugDjl2gPsJeE4dbtC8pXrfZ4QhQ+HSsEYvMJ90J8zyoG2gLuOeCrcQDBe6RrdwpP20r2sTFMKpy2ADZnl1LkwbadvLvnQ==</ds:SignatureValue> 
     <ds:KeyInfo Id="KI-DF651A72BB4BD472F5149301750203992"> 
      <wsse:SecurityTokenReference wsu:Id="STR-DF651A72BB4BD472F5149301750203993"> 
       <ds:X509Data> 
        <ds:X509IssuerSerial> 
         <ds:X509IssuerName>OU=yyy,O=xxx,C=ES</ds:X509IssuerName> 
         <ds:X509SerialNumber>a very long integer here</ds:X509SerialNumber> 
        </ds:X509IssuerSerial> 
       </ds:X509Data> 
      </wsse:SecurityTokenReference> 
     </ds:KeyInfo> 
    </ds:Signature> 
</wsse:Security> 
</soapenv:Header> 

我嘗試不同的綁定，像這樣的：

 <basicHttpBinding> 
      <binding name="GInsideCertificateWSSoapBinding" > 
       <security mode="TransportWithMessageCredential" > 
       <message clientCredentialType="Certificate" /> 
       </security> 
      </binding> 
     </basicHttpBinding> 

這一個：

 <customBinding> 
     <binding name="CustomSoapBinding"> 
      <security includeTimestamp="true" 
        authenticationMode="CertificateOverTransport" 
        defaultAlgorithmSuite="Basic256" 
        requireDerivedKeys="false" 
        messageSecurityVersion="WSSecurity11WSTrust13WSSecureConversation13WSSecurityPolicy12BasicSecurityProfile10" 
        > 
      </security> 
      <textMessageEncoding messageVersion="Soap11"></textMessageEncoding> 
      <httpsTransport maxReceivedMessageSize="2000000000"/> 
     </binding> 
     </customBinding> 

我也試過這個代碼： https://msdn.microsoft.com/en-us/library/microsoft.web.services2.security.tokens.binarysecuritytoken.aspx

但是沒有人會像他們寄給我的那樣產生一個標題。實施什麼樣的安全措施？他們告訴我BinarySecurityToken，但無法連接到服務。

任何想法？

Answer 1

您需要加載X509Certificate2之前撥打電話，因爲這：

X509Certificate2 certificat = null; 
X509Store store = new X509Store("My", StoreLocation.LocalMachine); 
store.Open(OpenFlags.ReadOnly | OpenFlags.OpenExistingOnly); 
foreach (X509Certificate2 cert in store.Certificates) { 
    // Retrouve le certificat par son nom commun (CN) 
    if (cert.GetNameInfo(X509NameType.SimpleName, false) == nomCertificat) { 
     certificat = cert; 
     break; 
    } 
} 

但提供C＃代碼，看到更多的詳細。