Search code examples
c#soapservice-reference

How to set WSS-Type in SOAP Service Reference C#

I'm trying to implement SOAP service integration into a WPF - C# project. I've consumed the .wsdl file as a Service Reference into the project. I've used SoapUI to test and was able to get a response after setting:

  1. Endpoint
  2. Username
  3. Password
  4. WSS-Type

I need to set the WSS-Type to: PasswordText. If I leave WSS-Type blank in SoapUI I get back:

No WS-Security header found

I'm now trying to get a response through C#, but I don't know where / how to set the WSS-Type in C#.

Here's my C# code so far:

MyClient mainClient = new MyClient();
object myRequestObject = ...

// Client Credentials
mainClient.ClientCredentials.UserName.UserName = "Username";
mainClient.ClientCredentials.UserName.Password = "Password";

using (new OperationContextScope(mainClient.InnerChannel))
{    
    SoapAuthenticationHeader.Create(mainClient.ClientCredentials.UserName.UserName, mainClient.ClientCredentials.UserName.Password);
    object mainResponse = mainClient.GetResponse(myRequestObject);
}

public static class SoapAuthenticationHeader
{
    public static void Create(string theUsername, string thePassword)
    {
        try
        {
            // Add a HTTP Soap Header to an outgoing request
            string authorization = "Basic " + Convert.ToBase64String(Encoding.Default.GetBytes(theUsername + ":" + thePassword));
            HttpRequestMessageProperty requestMessage = new HttpRequestMessageProperty();
            requestMessage.Headers.Add("Authorization", authorization);
            OperationContext.Current.OutgoingMessageProperties[HttpRequestMessageProperty.Name] = requestMessage;
        }
        catch (Exception ex)
        {
            MessageBox.Show("Error at 'Create'" + Environment.NewLine + Environment.NewLine + ex.Message, "Error", MessageBoxButton.OK, MessageBoxImage.Error);
        }
    }
}

The error I'm getting currently is:

The HTTP request is unauthorized with client authentication scheme 'Anonymous'. The authentication header received from the server was 'Basic realm="Spring Security Application".

The remote server returned an error: (401) Unauthorized.

I've also tried consuming the .wsdl as a Web Reference, but had no luck setting up the credentials in there either.

Any help / advice will be appreciated.

Solution

  • Editing the App.config endpoint tag to look something like this does the trick:

      <endpoint address="{URL}" binding="basicHttpBinding" bindingConfiguration="{ClassMethodName}" contract="{ServiceReferenc}.{ClassName}" name="{ClassMethodName}">
    <headers>
      <wsse:Security mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
        <wsse:UsernameToken wsu:Id="UsernameToken-{UsernameToken}">
          <wsse:Username>{Username}</wsse:Username>
          <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">{Password}</wsse:Password>
          <wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">{EncodingType}</wsse:Nonce>
        </wsse:UsernameToken>
      </wsse:Security>
    </headers>
  </endpoint>