Click here to Skip to main content
15,886,873 members
Search within:


Probem generating right soap message with WCF client - WS-Security stan dard
Please Sign up or sign in to vote.
4.00/5 (1 vote)
See more:
WCF
Basically my problem is communicate with a web service that use WS-Security standard. The client I’m working on is in .net 4.0 C# (WCF) and the service is non .net (I don’t know what kind of technology is behind)
Basically the message that I have to send to the service, must have a signed UsernameToken without password and encrypted body trough HTTPS using a certificate. Although I have written a lot of wcf services, I ‘m not an expert in signing, cryptography and in SW-security so I don’t know how to resolve the problem.

I Attached an example of the message that was been provided to me by a company that has already done a client like this, but in another technology (I suppose in java or PHP),
the WSDL file that represents the service + (xsd).

I already lost a week googling around and trying some approaches but without success.

Regards

An example of message that I have to generate:
(I will post the WSDL, if it is necessary)

XML
<?xml version="1.0" encoding="UTF-8"?>

<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ns1="http://model.ws.contidigioco.sogei.it"><SOAP-ENV:Header><wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" SOAP-ENV:mustUnderstand="1"><wsse:BinarySecurityToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" wsu:Id="pfx5103b365-8647-6f38-f83a-96b62ed8ba8a" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3">MIIFFTCCA/2gAwIBAgIERCtuGjANBgkqhkiG9w0BAQUFADBlMQswCQYDVQQGEwJJVDESMBAGA1UECgwJU29nZWkgU3BBMSowKAYDVQQLDCFTZXJ2aXppIEludGVybmkgZGkgQ2VydGlmaWNhemlvbmUxFjAUBgNVBAsMDUNBIFNvZ2VpIFRlc3QwHhcNMTEwODE5MTMyMTU4WhcNMTQwODE5MTM1MTU4WjBOMQswCQYDVQQGEwJJVDENMAsGA1UECgwEQUFNUzEXMBUGA1UECwwOY29udGkgZGkgZ2lvY28xFzAVBgNVBAMMDjA5MjU1NTUxMDA1LTAxMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCftiIx8u7rAMe3Goylc3EHwYp3xHl9N0H9PlDjkZvex8l8oMSR0zeYbLGGZZ3GVXRn5iE08Vn7Du/MTLt3zBwJchCcvKua+6fmaS4A9sBeqSHvCHUpQw7Z2Rg1Kt2IF8bfYQfxIhbGSzfy6E4CxJ/PuS1DCWPLIOAsPLx2agV9cwIDAQABo4ICZjCCAmIwDgYDVR0PAQH/BAQDAgZAMIICDgYDVR0fBIICBTCCAgEwgbuggbiggbWGgYxsZGFwOi8vY2Fkcy1zb2dlaS1jb2xsLnNvZ2VpLml0L291PUNBJTIwU29nZWklMjBUZXN0LG91PVNlcnZpemklMjBJbnRlcm5pJTIwZGklMjBDZXJ0aWZpY2F6aW9uZSxvPVNvZ2VpJTIwU3BBLGM9SVQ/Y2VydGlmaWNhdGVSZXZvY2F0aW9uTGlzdIYkaHR0cDovL2NhY3JsLXNvZ2VpLWNvbGwuc29nZWkuaXQvY3JsMIIBP6CCATugggE3pHYwdDELMAkGA1UEBhMCSVQxEjAQBgNVBAoMCVNvZ2VpIFNwQTEqMCgGA1UECwwhU2Vydml6aSBJbnRlcm5pIGRpIENlcnRpZmljYXppb25lMRYwFAYDVQQLDA1DQSBTb2dlaSBUZXN0MQ0wCwYDVQQDDARDUkwzhoGUbGRhcDovL2NhZHMtc29nZWktY29sbC5zb2dlaS5pdC9jbj1DUkwzLG91PUNBJTIwU29nZWklMjBUZXN0LG91PVNlcnZpemklMjBJbnRlcm5pJTIwZGklMjBDZXJ0aWZpY2F6aW9uZSxvPVNvZ2VpJTIwU3BBLGM9SVQ/Y2VydGlmaWNhdGVSZXZvY2F0aW9uTGlzdIYmaHR0cDovL2NhY3JsLXNvZ2VpLWNvbGwuc29nZWkuaXQvY3JsYzMwHwYDVR0jBBgwFoAU64njNZbZjaXO1ir0HgJlhE9CKkUwHQYDVR0OBBYEFAMcOkgKA+KREWiI3K7mCKP2teMaMA0GCSqGSIb3DQEBBQUAA4IBAQBqJ4Cfs1vPCNZN+aT1eRbyYUrsdoJgPTrUelrB7r1UtUwiGZl2JmAAq7rjBocw6yZGshbdAiKWgAzbcPi3Irr9oxexMIPBaTOzQOQm20sfyiO2c0rGG0z4f8oSiXtD0CqFCoGRj3ewQ/W8Ci1dNAvg4jpPFUFcayTWoQa/WCTjwQVGhwRA+9MTaIUpRGWi1azj0ilOms5G6IPpYUOkvecLUAK8L2nn6JSgdLmuO4AXIdsHKPrmwpLhSpHUK+0lOnotcl8LuhS5aMLfmveAUWUrFRmN+UAIdma/sz9MSkG01dVvCHt1yFhsZG7JFCnawVFpwgvdnhXnFMAsbEoyFbW/</wsse:BinarySecurityToken><xenc:EncryptedKey xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" Id="pfx2f485c7d-f3a3-c0e6-d3f6-9a21fcc64407"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/><dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><wsse:SecurityTokenReference><wsse:KeyIdentifier ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509SubjectKeyIdentifier" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">u6wrbnwkFONrwzOd14aypodyCG8=</wsse:KeyIdentifier></wsse:SecurityTokenReference></dsig:KeyInfo><xenc:CipherData><xenc:CipherValue>bB0sYRxhvPtIyyl6YnMh6e+PJDIS00y51dXQpvko9z1PC9uvh5lnNWTttuXtWIUdnuLoE6Z1zltElJ1JblOOOM/JbPdFlMYrPffQ0lFwCpmWTaO4yalinHZfXMAYUmi0zvVbAJa4OnkvFtuh7kPh2xw6nYhN8WgbmbCFwQSJW+c=</xenc:CipherValue></xenc:CipherData><xenc:ReferenceList><xenc:DataReference URI="#pfx136522fa-4afe-4213-8873-f3cadb47160b"/></xenc:ReferenceList></xenc:EncryptedKey><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">

  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>

    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>

  <ds:Reference URI="#pfx302538f3-37f4-2f7d-aa24-29d4af8eebfd"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>EcdfsT4YSOmiQ16MJXLyoI/DK48=</ds:DigestValue></ds:Reference><ds:Reference URI="#pfx8fbbe8c2-32ae-5655-428e-4eb0c37063be"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>52jUev5juPZ4txScxIRVDbdmUKo=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>ijk75UWOmwozTdHmdWKxGIxpSV/HjxaY3/L9f3RZ3o7Du52MAvvD1gGOxaLp2o8UGS9MC3nSbRSwML0n3vW/kCHmf0Si635DWJFQ6K6d/KCauSmtG3XUBaGMEmS3a6rTIFGgomXKw8QYj/oBeskzYqM752Y767FXzM5Igo0Qocg=</ds:SignatureValue>

<ds:KeyInfo Id="pfx929b4ca4-e389-ef15-a2af-984f503e2afc"><wsse:SecurityTokenReference xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="pfx59774bd1-79b6-cf7f-285c-98e027a8f553"><wsse:Reference URI="#pfx5103b365-8647-6f38-f83a-96b62ed8ba8a" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"/></wsse:SecurityTokenReference></ds:KeyInfo></ds:Signature><wsse:UsernameToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="pfx302538f3-37f4-2f7d-aa24-29d4af8eebfd"><wsse:Username>09255551005</wsse:Username></wsse:UsernameToken></wsse:Security></SOAP-ENV:Header><SOAP-ENV:Body xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="pfx8fbbe8c2-32ae-5655-428e-4eb0c37063be"><xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" Type="http://www.w3.org/2001/04/xmlenc#Content" Id="pfx136522fa-4afe-4213-8873-f3cadb47160b">

   <xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/><ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"><wsse:SecurityTokenReference xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"><wsse:Reference URI="#pfx2f485c7d-f3a3-c0e6-d3f6-9a21fcc64407"/></wsse:SecurityTokenReference></ds:KeyInfo><xenc:CipherData>

      <xenc:CipherValue>e+gB1tGSPudYjMO2xaYnok9q84v85wI/fv9++oaYtvoprimOSaTxoMg0CRjbEgfA2ajLMgJt6fqOuBQtZ0+0OYfCqLj0qBnw5pR8QrPhxpuKDiptdPlu9LB/IfEqFpQ0TvDmYKLP7QocyTiq39F89stGcIzB6JXdq4f3CeZXB3gLseTNTk52ELBQkIsxKdBzOb7mdEWQmiuJT2r1cGoYdixYuZ05fx7DyVGYme9pGwhoQNgBooHGMN0bunB9QsI9rdAwCUWRgT4lbmIo6nkTLmXijvZEdmEQg9iMY6WyHi1+g+qsJvDlNO4G7C96BmsFEuNsQSxJF67F7mN0ztnHvJfYhoRAmrvsijY390X1gqEBRm6aNHWG7TdFbn5GA59vh54SdDX/Q1/0+VUL+vmg2HKkQnM4l9UraP0bfCEJxWWf0fg5AzdO4pR2EOJhLIJVLNDmPpJkQn3zzNRKmb08rRRWmkadXsBj5yYLGd+OOLOSip7cwnh/OI/7dJF9x/7Nsu0+M60Kh/CMznrqxmuPt1KriaFiUJT+kb6fa6CMypLCtlcNBzxisVGCeF9cdqxdbskpay5GdsXqeyCrsDoI8cO8tH+vmRSWZkmam8/J4hXJ8APd/imEBmMYH3TXiEYPUj227q+/6aMBvIF/PclZPhPWr3p6I1jx4LOgMm2UIh3z3+qoO1P0471luzbwygw5Y7WDZ9TQPHeWXPkkYTFkpiaAhLHXEGFazDjt15BkZc3VZlfC+RlaIlaoUcLBE35rdKgTENkZvGDv2OgctL2ThjGDmIdecbEafaEzpmZ8AXo4jvULhUE83AqYnwLgiH8odcYAIftVPPonaXhBxvbYjUrG1zPwjKM2ZP5eCba+fLscw/OOM5lUt6wUpkXbb0O0ejGud0Gslm2UObloLIamOXOV4eBqFxJHCGRSEz2/tSLlrO7rTF9sl6y9JWMQ/qSq0CrtCUfBmNcXcf5h+h+xtuOlcgJ7Z2lXP5tzyRoIi0hhs4++FFXKaHVJCn5jBp+m78rFVzFzjp5evHT8+/x5jDutooZvkoWXrvtzyNfdVMG8INv9XxPJM9wExaB6BwPcdhr1r816WiFD3Mhisv2kWVs6T0ztgu+z2LHATk4CHfSXXD9Fpog9WRh3o6/a8t5bmmrtOPh6yyGj0eeTNBGgHLIEIf/vNxo8uhuwukD2u+kF8bOsUcMWKs7XhIfLKMa1SyTlyhCliDpOYu1RduQ4G5MzIqdI9d/4mZZAPKAb63D4X2eKO+LcOMQSQKkaieA6dwH9PAk4U/CWnctCUC0MtFK5grpOTa7gd02utLifPchwFrF/8CflqgL758eJ9+bkSNJWipUeWgfgsyRalpXyg78sRQfG1noBiV5OLH5JsU1zvEfeTxkRLwf4p7iY+HLP3AnHGgbsL4aD5jdxP/BIG4qWrCEXrirW34GHbgieqwWdM/R5Pgiiw4Hl/LmnBMN5GplMKoJGmnbijU+G9OPouwznfTNpDVIauhGJ3du/i/99GfnTlWSLj1OwPv/VQdE/8VkIVNeTVbvmYhda1e/T1GEDxYkLE67GGxDF75kofmwRjmwE3URf+NEhp5GsEbU3R80+uhGHbruNIQ8EZjwnmGfIIeF0fiKWnezMAoM+t6e95QPgdDSM4CkVQkLl+TqAAesYsVNXJdCro/eKN9U/d05zLpA4LPhnK8V4CYxpsK2LtQt5CDCl+Sm9z8/8rxNRd+TO4W2SOa7ewedI7pQJlw==</xenc:CipherValue>

   </xenc:CipherData>

</xenc:EncryptedData></SOAP-ENV:Body></SOAP-ENV:Envelope>
Posted
Add a Solution

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

  Print Answers RSS
Top Experts
Last 24hrsThis month

Advertise
Privacy
Cookies
Terms of Use
Last Updated 31 Aug 2012
Layout: fixed | fluid
Copyright © CodeProject, 1999-2024
All Rights Reserved.

Web04 2.8:2024-04-02:1

CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900