none
Consume java web service with WSSE Security Header from .Net Client RRS feed

  • Question

  • I am trying to call java web service with wsse security from .net client. I still can't find a solution how to call from .net

    Vendor gave me the certificate and I imported it into Outgoing WS-Security Configuration and configure as X509 Certificate in SoapUI.

    Here is the soap envelope from SOAP UI

    <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:web="http://webService.service.vim.logistics.teckwah.com/">
       <soapenv:Header><wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"><ds:Signature Id="SIG-3" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"><ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"><ec:InclusiveNamespaces PrefixList="soapenv web" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:CanonicalizationMethod><ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/><ds:Reference URI="#id-1"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"><ec:InclusiveNamespaces PrefixList="web" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transform></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>Py2nf8T3ucIT/H0eZbz6MgakPs8=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>nkeuVdsP7oh9qmz6gv5/At40GVnBhNOQKWVyIeEKW0E9Bx4BEa5tVn4NX9pfW7KTsp1wE0QyDM3G
    OVDpARRc+xhtdST3Ard6f/dAqmPbD5KA9DPgTF61us8UM0jx1rNydr52UN6LMHINSQ/4PU0/7wOT
    NOtrH1F8WK6KVzta0WMtP54Y6BWYZRvrY/ENIzKx5M9DyMEda+w+vlGB7pO4MFihsIZEZ/jLwZim
    tiQH/TRjMa74pS7BhZYBYs74bWO9LXq7d/otxfRPlxZLle8MuH2LXqVKo9Nn0LHGCOX1qnoLdTyZ
    OD9ZKNd2qr7MaedFJi2LW3oz490NjOSas61GDg==</ds:SignatureValue>
    <ds:KeyInfo Id="KI-F64858524385333AD614738394871234">
    <wsse:SecurityTokenReference wsu:Id="STR-F64858524385333AD614738394871234">
    <wsse:KeyIdentifier EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" 
    ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3">MIIDTzCCAjegAwIBAgIEK0XRUjANBgkqhkiG9w0BAQsFADBYMQswCQYDVQQGEwJTRzENMAsGA1UECBMEVGVzdDENMAsGA1UEBxMEVGVzdDENMAsGA1UEChMEVGVzdDENMAsGA1UECxMEVGVzdDENMAsGA1UEAxMEVGVzdDAeFw0xNjA2MTQwMzA2MzlaFw0xNzA2MTQwMzA2MzlaMFgxCzAJBgNVBAYTAlNHMQ0wCwYDVQQIEwRUZXN0MQ0wCwYDVQQHEwRUZXN0MQ0wCwYDVQQKEwRUZXN0MQ0wCwYDVQQLEwRUZXN0MQ0wCwYDVQQDEwRUZXN0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr3u4VlLseeqo+pNu8MWr5cdZ4UQF6UUJbkEToUORcyukZoXEUrsbdZGzktT02HxmOqsvcEdXrUbCy2yP8v+GP7EX0Zv3gdBK2toYdSRkl6TnDbbhd3ToxoO//T85nahWlkUI91JZ33XDX+N+/uiwZy6/mytg9Ilw1njzG9yZqdlpbp5S5P1q2hbEo9nscx5SjqCjIPT/Gy435iaePAEeQyld79AavkrY6+QsasKD2+l5HGgDaPqdE8L0rS9Awuk7bjD/q4JzBz8pVke0oXiXO4ZU7HEElLoHvbdB+Y9Tjo4uCK9JSIlTp1gc6/UxhUKkAXmfXAX5d1XW3kpjHJWsCwIDAQABoyEwHzAdBgNVHQ4EFgQU54pSGp50u5MxYKdrT7sJsriIJi8wDQYJKoZIhvcNAQELBQADggEBAHIjAZS6iEuZ2RLlfHA1TfnWTc2HdTwAcZxZe1F0+zhGuKC5DMd4Zfjij35V5G6QRPTsmaVIBb1fqnGzrg5W22hADJqeCnZdcFW/U2CiCP9Ze92kWUDBze67gD31OGd5CbRLkz1g/mrZBCYf4Fu1pR8BDOI+8L07MDuJC5K1mGD+JiHy5+Rmzm8Kpjiy19gCeo6QlzXkgTPuYoNt0ASSeAfMMU/6QRUUp/RM/FrHoMvH6cK0yWk9Bz7tOhEF6w0pv9TtOudCUg0um8YHo4JemFiZ1T06iKdB4ihpsvXckllAd2UFymMJ7oQ/Q5/30fUrqTE7uRdplvG/QEkMUtyht7c=</wsse:KeyIdentifier></wsse:SecurityTokenReference></ds:KeyInfo></ds:Signature></wsse:Security></soapenv:Header>
       <soapenv:Body wsu:Id="id-1" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
          <web:createUser>
             <!--Optional:-->
              <itemMaster>
               <customerInfo>		
    		<city>Gurgaon</city>
    		<state>Mumbai</state>
    		<companyName>Ralph Lauren Corporation India Liaison Office</companyName>
    		<contactEmail>kumar@ralphlauren.com</contactEmail>
    		<contactName/><contactNo>91 9899969298</contactNo>
    		<country>India</country>
    		<custType>PPR Member</custType>
    		<email>kumar@ralphlauren.com</email>
    		<fullName>Pavan </fullName>
    		<hpacctMgr>a5cceb52-14e0-46f8-90fd-04d9323bf680</hpacctMgr>
    		<lastModifiedBy/>
    		<pickupAddr>N/A</pickupAddr>
    		<salutation>Mr</salutation>
    		<tel>91 9899969298</tel>
    		<timeZone/>
    </customerInfo>		
    		<user>
    		<countryName/>
    		<timeZone/>
    		<userType/>
    			<username>kumar@ralphlauren.com</username>
    		 </user>
             </itemMaster>
          </web:createUser>
       </soapenv:Body>
    </soapenv:Envelope>

    My approach is generate XML document exactly the same as SOAP UI code and without using the WSDL or “Add Service Reference” but my problem is and wsse:SecurityTokenReference wsu:Id="STR-DF1A0181FB665F5F2D14730610455706"> are keeping changing for each request.

    My question is how to generate KeyInfo and SecurityTokenReference in C# clinet. If my approach is wrong what should be the right approach.

    Thanks,

    Si Thu


    Friday, September 16, 2016 8:55 AM

All replies

  • Hi Si,

    >> I am trying to call java web service with wsse security from .net client

    What is your web service type and client? Do you mean you want to consume Java WCF service from .net WCF client? If so, I would suggest you to consume service by “Add Service Reference”, and check the security Header in each request.

    >> My question is how to generate KeyInfo and SecurityTokenReference in C# clinet

    The link below might be useful to you.

    # How to make WCF Client conform to specific WS-Security - sign UsernameToken and SecurityTokenReference

    http://stackoverflow.com/questions/12832213/how-to-make-wcf-client-conform-to-specific-ws-security-sign-usernametoken-and

    Best Regards,

    Edward


    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click HERE to participate the survey.


    Monday, September 19, 2016 1:59 AM