我想为这个网站服务做一个客户,
https://fsettestversion.edd.ca.gov/fsetwcfproxywebservice/fsetservice.svc
根据上面的fset文档,xml就是一个请求示例。我尝试使用WCF.JS、SOAP.JS、.NET、Java JAX WS(WSIMPART)、CFX,但是我没有能够完成一个成功的ping调用。
这里有人能给我一盏灯吗?我得到以下的响应(.NET,节点JS,Java):
<s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:a="http://www.w3.org/2005/08/addressing"><s:Header><a:Action s:mustUnderstand="1">http://www.w3.org/2005/08/addressing/soap/fault</a:Action><a:RelatesTo>urn:uuid:9effd4c4-2ad4-4b13-a5d2-5b387221b3d7</a:RelatesTo></s:Header><s:Body><s:Fault><s:Code><s:Value>s:Sender</s:Value><s:Subcode><s:Value xmlns:a="http://docs.oasis-open.org/ws-sx/ws-secureconversation/200512">a:BadContextToken</s:Value></s:Subcode></s:Code><s:Reason><s:Text xml:lang="en-US">The message could not be processed. This is most likely because the action 'http://edd.ca.gov/IFsetService/Ping' is incorrect or because the message contains an invalid or expired security context token or because there is a mismatch between bindings. The security context token would be invalid if the ser
a:InvaildSecurity
在Java中,错误显示
[main] INFO org.apache.cxf.wsdl.service.factory.ReflectionServiceFactoryBean - Creating Service {http://edd.ca.gov/}IFsetServiceService
from class com.hrx.fset.model.IFsetService
org.apache.cxf.binding.soap.SoapFault: An error occurred when verifying security for the message.
javax.xml.ws.soap.SOAPFaultException: An error occurred when verifying security for the message.
at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:161)
以下是基于文档的soap信封示例:
https://edd.ca.gov/pdf_pub_ctr/de545.pdf
<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" xmlns:a="http://schemas.xmlsoap.org/ws/2004/08/addressing" xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<s:Header>
<a:Action s:mustUnderstand="1">http://edd.ca.gov/IFsetService/Ping</a:Action>
<a:MessageID>urn:uuid:a301683e-e0cc-4afc-95f2-68fa8d7d47b0</a:MessageID>
<a:ReplyTo>
<a:Address>http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous</a:Address>
</a:ReplyTo>
<a:To s:mustUnderstand="1">https://fsettestversion.edd.ca.gov/fsetwcfproxywebservice/fsetservice.svc</a:To>
<o:Security xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis200401-wss-wssecurity-secext-1.0.xsd" s:mustUnderstand="1">
<u:Timestamp u:Id="_0">
<u:Created>2016-07-07T19:53:30.188Z</u:Created>
<u:Expires>2016-07-07T19:58:30.188Z</u:Expires>
</u:Timestamp>
<o:UsernameToken u:Id="uuid-c433d300-8e53-4794-9e79-97bf9946df61-19">
<o:Username>UserName</o:Username>
<o:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-usernametoken-profile-1.0#PasswordText">Password123</o:Password>
</o:UsernameToken>
</o:Security>
</s:Header>
<s:Body xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<Ping xmlns="http://edd.ca.gov/" />
</s:Body>
以下是在.NET项目中作为Web服务引用导入时的输出配置:
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="basicHttpEndPoint" messageEncoding="Mtom">
<security mode="TransportWithMessageCredential" />
</binding>
</basicHttpBinding>
<customBinding>
<binding name="basicHttpCustomLegacyEndPoint">
<security defaultAlgorithmSuite="Default" authenticationMode="UserNameOverTransport" requireDerivedKeys="true" includeTimestamp="true" messageSecurityVersion="WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10">
<localClientSettings detectReplays="false" />
<localServiceSettings detectReplays="false" />
</security>
<mtomMessageEncoding messageVersion="Soap11WSAddressingAugust2004" />
<httpsTransport />
</binding>
</customBinding>
<ws2007HttpBinding>
<binding name="wsHttpBindingEndPoint" messageEncoding="Mtom">
<security mode="TransportWithMessageCredential">
<transport clientCredentialType="None" />
<message clientCredentialType="UserName" />
</security>
</binding>
</ws2007HttpBinding>
</bindings>
<client>
<endpoint address="https://fsettestversion.edd.ca.gov/FSETWCFProxyWebService/FsetService.svc/wsHttp" binding="ws2007HttpBinding" bindingConfiguration="wsHttpBindingEndPoint" contract="ServiceReference1.IFsetService" name="wsHttpBindingEndPoint" />
<endpoint address="https://fsettestversion.edd.ca.gov/FSETWCFProxyWebService/FsetService.svc" binding="customBinding" bindingConfiguration="basicHttpCustomLegacyEndPoint" contract="ServiceReference1.IFsetService" name="basicHttpCustomLegacyEndPoint" />
<endpoint address="https://fsettestversion.edd.ca.gov/FSETWCFProxyWebService/FsetService.svc/basic" binding="basicHttpBinding" bindingConfiguration="basicHttpEndPoint" contract="ServiceReference1.IFsetService" name="basicHttpEndPoint" />
</client>
以下代码适用于.NET(使用BasicHttpBinding)
BasicHttpBinding myBinding = new BasicHttpBinding(BasicHttpSecurityMode.TransportWithMessageCredential);
EndpointAddress ea = new
EndpointAddress("https://fsettestversion.edd.ca.gov/FSETWCFProxyWebService/FsetService.svc/basic");
ServiceReference1.FsetServiceClient client = new ServiceReference1.FsetServiceClient(myBinding, ea);
client.ClientCredentials.UserName.UserName = username;
client.ClientCredentials.UserName.Password = password;
client.Open();
Console.WriteLine(client.Ping());
client.Close();
输出为:
El tipo de contenido multipart/related; type="application/xop+xml";start="http://tempuri.org/0";boundary="uuid:4cdfd7cb-0959-4b6f-9009-1abf534d8253+id=79";start-info="text/xml" del mensaje de respuesta no coincide con el tipo de contenido del enlace (text/xml; charset=utf-8). Si usa un codificador personalizado, asegúrese de que el método IsContentTypeSupported se implemente correctamente. Los primeros 591 bytes de la respuesta fueron: '
--uuid:4cdfd7cb-0959-4b6f-9009-1abf534d8253+id=79
Content-ID: http://tempuri.org/0
Content-Transfer-Encoding: 8bit
Content-Type: application/xop+xml;charset=utf-8;type="text/xml"
a:InvalidSecurityAn error occurred when verifying security for the message.
--uuid:4cdfd7cb-0959-4b6f-9009-1abf534d8253+id=79--
'.
对于wshttpbinding,请执行以下代码:
static void wsHttpTest1() {
mSecurty.InitiateSSLTrust();
WSHttpBinding binding = new WSHttpBinding();
EndpointAddress ea = new EndpointAddress(new Uri("https://fsettestversion.edd.ca.gov/FSETWCFProxyWebService/FsetService.svc/wsHttp"));
binding.Name = "wsHttpBindingEndPoint";
binding.MessageEncoding = WSMessageEncoding.Text; //FaultException when using Mtom as should be based on binding.
binding.Security = new WSHttpSecurity();
binding.Security.Mode = SecurityMode.TransportWithMessageCredential;
binding.Security.Transport = new HttpTransportSecurity();
binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.None;
binding.Security.Message = new NonDualMessageSecurityOverHttp();
binding.Security.Message.ClientCredentialType = MessageCredentialType.UserName;
binding.Security.Message.EstablishSecurityContext = false;
FsetServiceClient proxy = new FsetServiceClient(binding, ea);
proxy.ClientCredentials.UserName.UserName = username;
proxy.ClientCredentials.UserName.Password = password;
proxy.Open();
String response = proxy.Ping();
Console.WriteLine(response);
proxy.Close();
}
回复显示:
El tipo de contenido multipart/related; type="application/xop+xml";start="http://tempuri.org/0";boundary="uuid:c6214f11-8f31-49ed-9108-ff0572d7a532+id=8";start-info="application/soap+xml" del mensaje de respuesta no coincide con el tipo de contenido del enlace (application/soap+xml; charset=utf-8). Si usa un codificador personalizado, asegúrese de que el método IsContentTypeSupported se implemente correctamente. Los primeros 1024 bytes de la respuesta fueron: '
--uuid:c6214f11-8f31-49ed-9108-ff0572d7a532+id=8
Content-ID: http://tempuri.org/0
Content-Transfer-Encoding: 8bit
Content-Type: application/xop+xml;charset=utf-8;type="application/soap+xml"
http://www.w3.org/2005/08/addressing/soap/faulturn:uuid:c60805c6-579a-4333-9dec-035200e20fe2s:Sendera:BadContextTokenThe message could not be processed. This is most likely because the action 'http://edd.ca.gov/IFsetService/Ping' is incorrect or because the message contains an invalid or expired security context token or because there is a mismatch between bindings. The security context token would be invalid if the ser'.
编辑1。
根据@popo的建议,我添加了一个证书。如果im错误,请更正我,但假定app.config cert中的绑定输出不是必需的。又一次失败了。我用>makecert.exe-sr oscarrico ss my-a sha1-n cn=wcfclient-sky exchange-pe创建了一个证书。并添加了u个可信存储。
static void basingBindingTest03() {
BasicHttpBinding binding = new BasicHttpBinding();
EndpointAddress ea = new EndpointAddress(new Uri("https://fsettestversion.edd.ca.gov/FSETWCFProxyWebService/FsetService.svc/basic"));
binding.Name = "basicHttpEndPoint";
binding.MessageEncoding = WSMessageEncoding.Text; //FaultException when using Mtom.
binding.Security.Mode = BasicHttpSecurityMode.TransportWithMessageCredential;
binding.Security.Transport = new HttpTransportSecurity();
binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.None;
binding.Security.Message.ClientCredentialType = BasicHttpMessageCredentialType.UserName;
FsetServiceClient proxy = new FsetServiceClient(binding, ea);
proxy.ClientCredentials.UserName.UserName = username;
proxy.ClientCredentials.UserName.Password = password;
proxy.ClientCredentials.ClientCertificate.SetCertificate(
StoreLocation.CurrentUser,
StoreName.TrustedPeople,
X509FindType.FindBySubjectName,
"WcfClient");
proxy.Open();
String response = proxy.Ping();
Console.WriteLine(response);
proxy.Close();
}
上一个BasicBindingTest03的输出:
Excepción no controlada del tipo 'System.ServiceModel.ProtocolException' en mscorlib.dll
The content type multipart/related; type="application/xop+xml";start="";boundary="uuid:b47a3223-de29-49f8-b101-708c1ccac45c+id=95";start-info="text/xml" of the response message does not match the content type of the binding (text/xml; charset=utf-8). If using a custom encoder, be sure that the IsContentTypeSupported method is implemented properly. The first 591 bytes of the response were: '
--uuid:b47a3223-de29-49f8-b101-708c1ccac45c+id=95
Content-ID:
Content-Transfer-Encoding: 8bit
Content-Type: application/xop+xml;charset=utf-8;type="text/xml"
a:InvalidSecurityAn error occurred when verifying security for the message.
--uuid:b47a3223-de29-49f8-b101-708c1ccac45c+id=95--
'.
