J
JPrata
Guest
Hi,
I am dynamically adding UsernameToken on WS-Security Header SOAP Message with XMLDocument.
The code is the following:
XmlDocument document = new XmlDocument();
XmlElement usernameTokenElement = document.CreateElement("wsse", "UsernameToken", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd");
XmlElement usernameChild;
usernameChild = document.CreateElement("wsse", "Username", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd");
usernameChild.InnerText = "Username";
usernameTokenElement.AppendChild(usernameChild);
XmlElement passwordChild;
passwordChild = document.CreateElement("wsse", "Password", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd");
passwordChild.SetAttribute("Type", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText");
passwordChild.InnerText = "Password";
usernameTokenElement.AppendChild(passwordChild);
string phrase = Guid.NewGuid().ToString();
var nonce = GetSHA1String(phrase);
XmlElement nonceChild;
nonceChild = document.CreateElement("wsse", "Nonce", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd");
nonceChild.SetAttribute("EncodingType", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary");
nonceChild.InnerText = nonce;
usernameTokenElement.AppendChild(nonceChild);
XmlElement createdChild;
createdChild = document.CreateElement("wsu", "Created", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd");
createdChild.InnerText = DateTime.UtcNow.ToString("yyyy-MM-ddTHH:mm:ssZ");
usernameTokenElement.AppendChild(createdChild);
var token = new UsernameToken(usernameTokenElement);
var serviceProxy = new Cuidamos.CargaFicheiroServiceImplService();
SoapContext requestContext = serviceProxy.RequestSoapContext;
requestContext.Security.Timestamp.TtlInSeconds = 300;
requestContext.Security.Tokens.Add(token);
var result = serviceProxy.cargaFicheiro();
The Username, Password and Created childs are created with success, but Nonce child is rewritten on runtime, wich means that Username, Password and Created childs are created exactly as i coded but Nonce continues to be created without EncondingType and the innerText hash string is different from what my code created. This means that when i make the request to server EncodingType its removed from Nonce element and hash is different.
Theres is any configuration or coding i can do to force EncondingType to remain in Nonce element?
Thanks.
Continue reading...
I am dynamically adding UsernameToken on WS-Security Header SOAP Message with XMLDocument.
The code is the following:
XmlDocument document = new XmlDocument();
XmlElement usernameTokenElement = document.CreateElement("wsse", "UsernameToken", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd");
XmlElement usernameChild;
usernameChild = document.CreateElement("wsse", "Username", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd");
usernameChild.InnerText = "Username";
usernameTokenElement.AppendChild(usernameChild);
XmlElement passwordChild;
passwordChild = document.CreateElement("wsse", "Password", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd");
passwordChild.SetAttribute("Type", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText");
passwordChild.InnerText = "Password";
usernameTokenElement.AppendChild(passwordChild);
string phrase = Guid.NewGuid().ToString();
var nonce = GetSHA1String(phrase);
XmlElement nonceChild;
nonceChild = document.CreateElement("wsse", "Nonce", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd");
nonceChild.SetAttribute("EncodingType", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary");
nonceChild.InnerText = nonce;
usernameTokenElement.AppendChild(nonceChild);
XmlElement createdChild;
createdChild = document.CreateElement("wsu", "Created", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd");
createdChild.InnerText = DateTime.UtcNow.ToString("yyyy-MM-ddTHH:mm:ssZ");
usernameTokenElement.AppendChild(createdChild);
var token = new UsernameToken(usernameTokenElement);
var serviceProxy = new Cuidamos.CargaFicheiroServiceImplService();
SoapContext requestContext = serviceProxy.RequestSoapContext;
requestContext.Security.Timestamp.TtlInSeconds = 300;
requestContext.Security.Tokens.Add(token);
var result = serviceProxy.cargaFicheiro();
The Username, Password and Created childs are created with success, but Nonce child is rewritten on runtime, wich means that Username, Password and Created childs are created exactly as i coded but Nonce continues to be created without EncondingType and the innerText hash string is different from what my code created. This means that when i make the request to server EncodingType its removed from Nonce element and hash is different.
Theres is any configuration or coding i can do to force EncondingType to remain in Nonce element?
Thanks.
Continue reading...