如何为第三方Web服务创建特定的SOAP标头

Question

我正在尝试连接到第三方Web服务。我试图用多种方式去做，但我一直无法做到。他们使用Java服务和客户端，他们给我发了什么应该是正确的标题：

<soapenv:Header> 
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"> 
    <ds:Signature Id="SIG-DF651A72BB4BD472F5149301750204095" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> 
     <ds:SignedInfo> 
      <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"> 
       <ec:InclusiveNamespaces PrefixList="doc soapenv web" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"/> 
      </ds:CanonicalizationMethod> 
      <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> 
      <ds:Reference URI="#id-DF651A72BB4BD472F5149301750203994"> 
       <ds:Transforms> 
        <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"> 
         <ec:InclusiveNamespaces PrefixList="doc web" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"/> 
        </ds:Transform> 
       </ds:Transforms> 
       <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> 
       <ds:DigestValue>iITj5pTonO3g052LVSnea1yZd0Q=</ds:DigestValue> 
      </ds:Reference> 
     </ds:SignedInfo> 
     <ds:SignatureValue>DhsMfNnidlHk7QIRAWBrr44T6nMLLG00AN/1jnZSlV7pbrMZ3V/MrvW1S5hzQYGQXRH1U1bqzCw8wF2nGtizDtagWGR9UfBoq+wvFBktQy6f7B91DbN++q03a28i2iiSxiEOVWaCvZzCmwOOLdOIIvaD8c8YsJAIgzB+wGg1s6d14+0rk4zAEQrtu7hWvOtU3s6aKIMrX9JiP+1qVInI4RPWynZ9pIbB87vaZSMHsqkjexxKMBB7v5sZugDjl2gPsJeE4dbtC8pXrfZ4QhQ+HSsEYvMJ90J8zyoG2gLuOeCrcQDBe6RrdwpP20r2sTFMKpy2ADZnl1LkwbadvLvnQ==</ds:SignatureValue> 
     <ds:KeyInfo Id="KI-DF651A72BB4BD472F5149301750203992"> 
      <wsse:SecurityTokenReference wsu:Id="STR-DF651A72BB4BD472F5149301750203993"> 
       <ds:X509Data> 
        <ds:X509IssuerSerial> 
         <ds:X509IssuerName>OU=yyy,O=xxx,C=ES</ds:X509IssuerName> 
         <ds:X509SerialNumber>a very long integer here</ds:X509SerialNumber> 
        </ds:X509IssuerSerial> 
       </ds:X509Data> 
      </wsse:SecurityTokenReference> 
     </ds:KeyInfo> 
    </ds:Signature> 
</wsse:Security> 
</soapenv:Header> 

我尝试不同的绑定，像这样的：

 <basicHttpBinding> 
      <binding name="GInsideCertificateWSSoapBinding" > 
       <security mode="TransportWithMessageCredential" > 
       <message clientCredentialType="Certificate" /> 
       </security> 
      </binding> 
     </basicHttpBinding> 

这一个：

 <customBinding> 
     <binding name="CustomSoapBinding"> 
      <security includeTimestamp="true" 
        authenticationMode="CertificateOverTransport" 
        defaultAlgorithmSuite="Basic256" 
        requireDerivedKeys="false" 
        messageSecurityVersion="WSSecurity11WSTrust13WSSecureConversation13WSSecurityPolicy12BasicSecurityProfile10" 
        > 
      </security> 
      <textMessageEncoding messageVersion="Soap11"></textMessageEncoding> 
      <httpsTransport maxReceivedMessageSize="2000000000"/> 
     </binding> 
     </customBinding> 

我也试过这个代码： https://msdn.microsoft.com/en-us/library/microsoft.web.services2.security.tokens.binarysecuritytoken.aspx

但是没有人会像他们寄给我的那样产生一个标题。实施什么样的安全措施？他们告诉我BinarySecurityToken，但无法连接到服务。

任何想法？

Answer 1

您需要加载X509Certificate2之前拨打电话，因为这：

X509Certificate2 certificat = null; 
X509Store store = new X509Store("My", StoreLocation.LocalMachine); 
store.Open(OpenFlags.ReadOnly | OpenFlags.OpenExistingOnly); 
foreach (X509Certificate2 cert in store.Certificates) { 
    // Retrouve le certificat par son nom commun (CN) 
    if (cert.GetNameInfo(X509NameType.SimpleName, false) == nomCertificat) { 
     certificat = cert; 
     break; 
    } 
} 

但提供C＃代码，看到更多的详细。