我需要创建一个wcf客户端来调用我无法控制的服务.
我得到了一个wsdl和一个有效的soapui项目.
该服务使用用户名/密码和x509证书.
UPDATE
我现在明白问题是什么,但我仍然不确定我需要采取哪些步骤来创建所需的消息,所以任何帮助都将非常感激.
我需要同时签署UsernameToken和SecurityTokenReference.
由于不再使用,我必须从此帖子中删除我必须创建自定义绑定的代码.我不再向绑定添加SecurityBindingElement,而是添加了一个将安全元素写入标头的新行为.
因此,通过继承SignedXml类,添加签名引用然后调用ComputeSignature以在Security头中创建Signature节点,从头开始创建安全节点.
您需要传递xml以登录SignedXml构造函数才能使其生效.传递UsernameToken没问题,这似乎是正确签名的.
问题是SecurityTokenReference仅在调用ComputeSignature()时创建,因此我无法为此元素添加签名引用,因为它在需要时不存在(在SignedXml的重写的GetIdElement方法中)在ComputeSignature()之前调用的)
我用来创建要插入Security头的签名块的代码如下
string certificatePath = System.Windows.Forms.Application.StartupPath + "\\" + "Certs\\sign-and- enc.p12";
XmlDocument xd = new XmlDocument();
xd.LoadXml(xml);
// Set Certificate
System.Security.Cryptography.X509Certificates.X509Certificate2 cert = new X509Certificate2(certificatePath, "password");
MySignedXml signedXml = new MySignedXml(xd);
signedXml.SigningKey = cert.PrivateKey;
// Create a new KeyInfo object.
KeyInfo keyInfo = new KeyInfo();
keyInfo.Id = "";
MemoryStream keyInfoStream = new MemoryStream();
XmlWriter keyInfoWriter = XmlWriter.Create(keyInfoStream);
WSSecurityTokenSerializer.DefaultInstance.WriteKeyIdentifierClause(keyInfoWriter, new LocalIdKeyIdentifierClause("token_reference", typeof(X509SecurityToken)));
keyInfoWriter.Flush();
keyInfoStream.Position = 0;
XmlDocument keyInfoDocument = new XmlDocument();
keyInfoDocument.Load(keyInfoStream); …