3
고객이 제공 한 웹 서비스를 사용하는 클라이언트를 만들고 있습니다. 이제 Fiddler가 예상 응답을 보여주기 때문에 요청이 올바르게 처리된다는 사실을 알고 있습니다. 그러나이 응답이 Visual Studio에 도달하면 파싱 할 수 없습니다. 다음과 같은 오류가 발생합니다.WCF에서 BinarySecurityToken을 수락하는 방법?
Cannot find a token authenticator for the 'System.IdentityModel.Tokens.X509SecurityToken' token type. Tokens of that type cannot be accepted according to current security settings.
이 가 세부 사항은 다음과 같습니다
- 웹 서비스는 서비스 바인딩 ClientCredentials
var service = new ThatService.Config1Client(); service.ClientCredentials.UserName.UserName = SSO_USERNAME; service.ClientCredentials.UserName.Password = SSO_PASSWORD; - 에 적용되는 사용자 이름과 암호로 클라이언트를 인증입니다 :
<basicHttpBinding> <binding name="Config1Binding" maxReceivedMessageSize="20000000" maxBufferSize="20000000" maxBufferPoolSize="20000000"> <security mode="TransportWithMessageCredential"> <transport clientCredentialType="None" proxyCredentialType="None" realm=""/> <message clientCredentialType="UserName"/> </security> </binding> </basicHttpBinding> - 웹 서비스 응답 , 이것은 성공적입니다.
<SOAP-ENV:Envelope xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <SOAP-ENV:Header> <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"> <wsse:BinarySecurityToken wsu:Id="bst9162663ec77b11e68fe1000002849f3e" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">MIIBwzCCASygAwIBAgIBADANBgkqhkiG9w0BAQUFADAOMQwwCgYDVQQDEwNRQ1AwHhcNMTQwNDAyMTYwMDU4WhcNMTkwNDAyMTYwMDU4WjAOMQwwCgYDVQQDEwNRQ1AwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANnDHqYQu8l14RTghFgGtSoVQIdeN8gKp4PtJwzO2cuck4fpRXa/7u9O7zRgAq5tvJIv4icKc/nux07F1pKRv76BDdbkTU8Ee979wBGUp3E2MMUiGd85GY/2YXnB4EhcypLR5eXSUD21ETeUGnNowL60uU7x/oTSUhrONaryIUk9AgMBAAGjMTAvMA4GA1UdDwEB/wQEAwIEsDAdBgNVHQ4EFgQUND5e3R+3YvyRyFO7lkHCxVnuS9EwDQYJKoZIhvcNAQEFBQADgYEAezmjggQmSnyHBEjfBCnY+g7i52hyowVm3zqQCtxPsUpoh94/uG+p2IjnKOsv2W4iFpvLLvx7Ibxeo73Xl8izZtV56WbgYuOQtBSA0fByhth21twkTo4BsxOBx3MY54t4XNW3krDHQWH9AeOVm5BDjm/DSczsiZSMayjcIaWSZrg=</wsse:BinarySecurityToken> <wsu:Timestamp wsu:Id="ts91626640c77b11e6aaf4000002849f3e" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"> <wsu:Created>2016-12-21T12:47:01Z</wsu:Created> <wsu:Expires>2016-12-21T12:47:31Z</wsu:Expires> </wsu:Timestamp> <dsig:Signature xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"> <dsig:SignedInfo> <dsig:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> <dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> <dsig:Reference URI="#ts91626640c77b11e6aaf4000002849f3e"> <dsig:Transforms> <dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> </dsig:Transforms> <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> <dsig:DigestValue>8Nzthh4Iq5CQ84Vkqf3m8JUW6dY=</dsig:DigestValue> </dsig:Reference> <dsig:Reference URI="#DSIG-9162663fc77b11e69538000002849f3e"> <dsig:Transforms> <dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> </dsig:Transforms> <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> <dsig:DigestValue>schVLt5XWejFzwLVExDAS09WiVE=</dsig:DigestValue> </dsig:Reference> </dsig:SignedInfo> <dsig:SignatureValue>tM0rKAA7c72BDMjt9H/4qLS4pqnFnQeyBzUYK0SPOAkMKumFTHSszPlRDkPOAh7sTMyzPgBWVxrKJd6IVbSNDpHAD9OZ/v5ZbqCG/xJLWQdUtgH9TqJ1EKCjBAOFsicnXylHxyGZqzpR506lmbTu0k8CL7e+DAv7cHXgRyGIMPo=</dsig:SignatureValue> <dsig:KeyInfo> <wsse:SecurityTokenReference> <wsse:Reference URI="#bst9162663ec77b11e68fe1000002849f3e" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"/> </wsse:SecurityTokenReference> </dsig:KeyInfo> </dsig:Signature> </wsse:Security> </SOAP-ENV:Header> <SOAP-ENV:Body wsu:Id="DSIG-9162663fc77b11e69538000002849f3e" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:wst-05-02="http://schemas.xmlsoap.org/ws/2005/02/trust" xmlns:wsc="http://docs.oasis-open.org/ws-sx/ws-secureconversation/200512" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:sapsp="http://www.sap.com/NW05/soap/features/security/SecurityPolicy" xmlns:wssp="http://schemas.xmlsoap.org/ws/2002/12/secext" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsse11="http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" xmlns:wssc="http://schemas.xmlsoap.org/ws/2005/02/sc"> <ns2:GetLoginSessionCustomerResponse xmlns:ns2="http://confidential.url/example"> <return>CUSTOMERSPECIFICDETAILS</return> </ns2:GetLoginSessionCustomerResponse> </SOAP-ENV:Body> </SOAP-ENV:Envelope>
코드를 공유 할 수 있습니까? – Aqdas
[여기] (http://stackoverflow.com/a/38459294/2871356), [여기] (http://stackoverflow.com/a/12641950/2871356) 또는 [여기] (http : /stackoverflow.com/a/21987510/2871356) – Aqdas
@Aqdas, 코드는 이미 공유되어 있습니다. 어떤 코드에 대해 이야기하고 있습니까? 귀하가 언급 한 답변은 저의 필요와 다릅니다. 사용자 이름과 암호를 제출하고 인증서를받는 중입니다. – meedz