Search code examples
winformswcf.net-4.0jax-ws

consume ws-security java service from .net 4 WCF

I am trying to consume a JAX-WS web service with basic username/password token in the Soap header. I've tested that JAX-WS service is working with SoapUI. Now I've moved onto the .net client. The .net client will be a windows forms application. I've added the service reference and set the username and password values. When I execute the web method, there is no security header in the soap xml. From what I gather in my research I need to set the service client to use message level security. This is where I'm stuck and can't figure out.

Here is my code

MyServiceProxy serverService = new MyServiceProxy.MyServiceProxyClient();
MyServiceProxy inputVO = new MyServiceProxy.getAddressFormatInput();
MyServiceProxy outputVO = new MyServiceProxy.getAddressFormatOutput();
//set username and passwrd
serverService.ClientCredentials.UserName.UserName = "username";
serverService.ClientCredentials.UserName.Password = "PASSWORD";
inputVO.addressNumber = 13602;
inputVO.addressNumberSpecified = true;
outputVO = serverService.GetAddressFormat(inputVO);

It's posting this

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"     xmlns:orac="http://oracle.e1.bssv.JP550010/">   
<soapenv:Body>
    <orac:GetAddressFormat>         
         <addressNumber>13602</addressNumber>
   </orac:GetAddressFormat>
</soapenv:Body>

When I need it to post this (notice the security header)

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:orac="http://oracle.e1.bssv.JP550010/">
<soapenv:Header>
    <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:env="http://schemas.xmlsoap.org/soap/envelope/" soapenv:mustUnderstand=">
    <wsse:UsernameToken>
        <wsse:Username>username</wsse:Username>   
        <wsse:Password>password</wsse:Password>  
    </wsse:UsernameToken>
    </wsse:Security>
</soapenv:Header>
<soapenv:Body>
    <orac:GetAddressFormat>
        <addressNumber>13602</addressNumber>
    </orac:GetAddressFormat>
</soapenv:Body>
</soapenv:Envelope>

How do I get .net to put the security info into the soap header?

Here is the closest I can find to a solution, but I can't find a way to set the security mode.

http://weblog.west-wind.com/posts/2012/Nov/24/WCF-WSSecurity-and-WSE-Nonce-Authentication

Please help. I appreciate any help in advance.

As requested here is the binding section of my app.conf there is no service section

<system.serviceModel>
    <bindings>
        <basicHttpBinding>
            <binding name="MyWebServiceProxyPortBinding" />
        </basicHttpBinding>
    </bindings>
    <client>
        <endpoint address="http://MyWebServiceProxy"
            binding="basicHttpBinding" bindingConfiguration="MyWebServiceProxyPortBinding"
            contract="MyWebServiceProxyService.MyWebServiceProxy"
            name="MyWebServiceProxyPort" />
    </client>
</system.serviceModel>

SOLVED USING THIS LINK

With C#, WCF SOAP consumer that uses WSSE plain text authentication?

in code I did the following

var securityElement = SecurityBindingElement.CreateUserNameOverTransportBindingElement();
securityElement.AllowInsecureTransport = true;
securityElement.EnableUnsecuredResponse = true;
var encodingElement = new TextMessageEncodingBindingElement(MessageVersion.Soap11,   Encoding.UTF8);
var transportElement = new HttpTransportBindingElement();            
var binding = new CustomBinding(securityElement, encodingElement, transportElement);

ServiceReference1.MyWebServiceProxyClient client = new     ServiceReference1.MyWebServiceProxyClient();
ServiceReference1.getAddressFormatInput inputVO = new ServiceReference1.getAddressFormatInput();
ServiceReference1.getAddressFormatOutput outputVO = new     ServiceReference1.getAddressFormatOutput();

client.Endpoint.Binding = binding;
client.ClientCredentials.UserName.UserName = "username";
client.ClientCredentials.UserName.Password = "password";            
inputVO.addressNumber = 13602;
inputVO.addressNumberSpecified = true;
outputVO = client.GetAddressFormat(inputVO);
Solution

  • SOLVED USING THIS LINK

    With C#, WCF SOAP consumer that uses WSSE plain text authentication?

    in code I did the following

    var securityElement = SecurityBindingElement.CreateUserNameOverTransportBindingElement();
securityElement.AllowInsecureTransport = true;
securityElement.EnableUnsecuredResponse = true;
var encodingElement = new TextMessageEncodingBindingElement(MessageVersion.Soap11,   Encoding.UTF8);
var transportElement = new HttpTransportBindingElement();            
var binding = new CustomBinding(securityElement, encodingElement, transportElement);

ServiceReference1.MyWebServiceProxyClient client = new     ServiceReference1.MyWebServiceProxyClient();
ServiceReference1.getAddressFormatInput inputVO = new ServiceReference1.getAddressFormatInput();
ServiceReference1.getAddressFormatOutput outputVO = new     ServiceReference1.getAddressFormatOutput();

client.Endpoint.Binding = binding;
client.ClientCredentials.UserName.UserName = "username";
client.ClientCredentials.UserName.Password = "password";            
inputVO.addressNumber = 13602;
inputVO.addressNumberSpecified = true;
outputVO = client.GetAddressFormat(inputVO);