我需要使用第三方 Web 服务。我有一个WSDL文件和.pkcs12密钥库文件和密码。 使用该 WSDL 文件,我在项目中添加了 Web 引用。 读取密钥库文件。 创建了 X509certificate2 类的新实例,并在添加到服务类后导入了证书。我正在尝试在我的服务中调用方法
service.mymethod(param1)--> (At this line its throwing error stating that ws-security header not found)
通过谷歌搜索错误,我发现了StackOverflow链接以添加安全标头 点击该链接后,这里是完整的代码
//reading PCKS12 certificate
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;
var path = System.IO.Path.Combine(AppDomain.CurrentDomain.BaseDirectory, "Content\myKeyStoreFile.pkcs12");
var data = System.IO.File.ReadAllBytes(path);
//Importing Certificate
X509Certificate2 certificate = new X509Certificate2();
certificate.Import(data, "password", X509KeyStorageFlags.DefaultKeySet);
//adding WS-Security Headers
UsernameToken token = new UsernameToken("keyname", "password", PasswordOption.SendHashed);
service.RequestSoapContext.Security.Tokens.Add(token);
//adding certificate to service
service.ClientCertificates.Add(certificate);
//calling proxy class(service method)
service.methodname(param1);-->(its throwing System.web.service.protocols.soapheaderexception:'nested exception is org.apache.wss4j.common.ext.WSSSecurityException Original Exception was javax.security.auth.callback.unsupportedcallbackexception)
我有一个java代码(在春季启动中实现(供参考。 Wss4jSecurityInterceptor securityInterceptor = new Wss4jSecurityInterceptor((;
//crypto varible contains .pkcs12 file path and password properties
Crypto crypto = null;
try {
crypto = CryptoFactory.getInstance(cryptoPropertyFile);
}catch(WSSecurityException e) {
e.printStackTrace();}
securityInterceptor.setSecurementActions("Encrypt Signature");
securityInterceptor.setSecurementEncryptionUser(trustedCertKeyAlias);
securityInterceptor.setSecurementEncryptionCrypto(crypto);
securityInterceptor.setSecurementEncryptionParts("{Content {http://schemas.xmlsoap.org/soap/envelope/}Body");
securityInterceptor.setSecurementUsername(privateKeyAlias);
securityInterceptor.setSecurementPassword(privateKeyPassword);
securityInterceptor.setSecurementSignatureCrypto(crypto);
securityInterceptor.setSecurementSignatureKeyIdentifier("DirectReference");
securityInterceptor.setSecurementSignatureUser(privateKeyAlias);
securityInterceptor.setSecurementSignatureParts("{Content}{http://schemas.xmlsoap.org/soap/envelope/}Body");
securityInterceptor.setValidationActions("Encrypt");
securityInterceptor.setValidationDecryptionCrypto(crypto);
KeyStoreCallbackHandler keyStoreCallbackHandler = new KeyStoreCallbackHandler();
keyStoreCallbackHandler.setPrivateKeyPassword(privateKeyPassword);
securityInterceptor.setValidationCallbackHandler(keyStoreCallbackHandler);
LogHttpHeaderClientInterceptor logHttpHeaderClientInterceptor = new LogHttpHeaderClientInterceptor();
ClientInterceptor[] interceptors = {securityInterceptor, logHttpHeaderClientInterceptor};
template.setInterceptors(interceptors);
任何人都可以让我知道如何在 dotnet 中添加拦截器。我做了一些研究,但找不到任何解决方案。有没有什么东西对dotnet中的Wss4jSecurityInterceptor微笑。
IClientMessageInspector可能是你所追求的。
您需要创建IEndpointBehavior并向行为添加IClientMessageInspector,然后将行为添加到用于创建ChannelFactory的终结点。
请参阅:https://learn.microsoft.com/en-us/dotnet/framework/wcf/extending/how-to-inspect-or-modify-messages-on-the-client
另请参阅:https://learn.microsoft.com/en-us/dotnet/api/system.servicemodel.dispatcher.iclientmessageinspector?view=netframework-4.8
例:
class MyEndpointBehavior : IEndpointBehavior
{
public void AddBindingParameters(ServiceEndpoint endpoint, BindingParameterCollection bindingParameters)
{
}
public void ApplyClientBehavior(ServiceEndpoint endpoint, ClientRuntime clientRuntime)
{
clientRuntime.ClientMessageInspectors.Add(new MyMessageInspector());
}
public void ApplyDispatchBehavior(ServiceEndpoint endpoint, EndpointDispatcher endpointDispatcher)
{
}
public void Validate(ServiceEndpoint endpoint)
{
}
}
class MyMessageInspector : IClientMessageInspector
{
public void AfterReceiveReply(ref Message reply, object correlationState)
{
}
public object BeforeSendRequest(ref Message request, IClientChannel channel)
{
return null;
}
}
使用消息检查器:
var endpoint = new EndpointAddress("<your webservice uri>");
var binding = new BasicHttpBinding(); // Assume you are using HTTP binding
var channelFactory = new ChannelFactory<Soap>(binding, endpoint);
channelFactory.Endpoint.EndpointBehaviors.Add(new MyEndpointBehavior());
var client = channelFactory.CreateChannel();