none
How to create a custom wsse header (UserNameToken,Nonce) for webservice using NON-WCF code RRS feed

  • Question

  • I have added the reference of an wsse enabled SOAP web service using add web reference in my 4.0 solution.

    Now when i am trying to call the method it says Security header is missing.

    <soapenv:Header>
          <wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
             <wsse:UsernameToken wsu:Id="UsernameToken-1" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
                <wsse:Username>1234\user</wsse:Username>
                <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">Password</wsse:Password>
                <wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">rqgwyErTk7l5l7t1DqhdK</wsse:Nonce>
                <wsu:Created>2013-05-31T17:49:07.888Z</wsu:Created>
             </wsse:UsernameToken>
          </wsse:Security>
       </soapenv:Header>

    Can anyone provide me the code to add security header to the webservice call?

    Do i need to implement WSE for doing this?

    Thanks


    Friday, November 22, 2013 7:55 AM

Answers

  •  

    <soapenv:Header>
          <wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
             <wsse:UsernameToken wsu:Id="UsernameToken-1" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
                <wsse:Username>1234\user</wsse:Username>
                <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">Password</wsse:Password>
                <wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">rqgwyErTk7l5l7t1DqhdK</wsse:Nonce>
                <wsu:Created>2013-05-31T17:49:07.888Z</wsu:Created>
             </wsse:UsernameToken>
          </wsse:Security>
       </soapenv:Header>

     

    Hi,

    From your code I think it is not natively supported in the wcf, specifically, the Nonce and Created keys are what WCF doesn't create or have a built in formatting for.

    For more information, please try to refer to:

    #WCF WS-Security and WSE Nonce Authentication:
    http://weblog.west-wind.com/posts/2012/Nov/24/WCF-WSSecurity-and-WSE-Nonce-Authentication .

    #WCF: Adding Nonce to UsernameToken:
    http://stackoverflow.com/questions/896901/wcf-adding-nonce-to-usernametoken .

    Best Regards,
    Amy Peng


    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click HERE to participate the survey.


    Wednesday, November 27, 2013 10:25 AM
    Moderator