c#调用带有安全认证的java webservice

最近使用c#调用另外一个同事写的java webservice耽误了很多时间，网上资料不太完整，走了很多弯路，希望对大家有帮助。

基本思路是
1.拼装soap使用http post ，主要将验证身份信息放入header中，以下code供参考：8-15行内用户、密码，其他soap信息需要根据自己的service修改，

可以使用soapui获取到body以及xmlns信息

1 public class InvokeServiceWithSoap
2     {
3         public static void InvokeService()
4         {
5             StringBuilder soap = new StringBuilder();
6             soap.Append("<?xml version=\"1.0\" encoding=\"utf-8\"?>");
7             soap.Append("<soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:end=\"http://localhost/service/\">");
8             soap.Append("<soapenv:Header>");
9             soap.Append("<wsse:Security xmlns:wsse=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd\">");
10             soap.Append("<wsse:UsernameToken>");
11             soap.Append("<wsse:Username>username</wsse:Username>");//用户名
12             soap.Append("<wsse:Password Type=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText\">password</wsse:Password>");//口令
13             soap.Append("</wsse:UsernameToken>");
14             soap.Append("</wsse:Security>");
15             soap.Append("</soapenv:Header>");
16             soap.Append("<soapenv:Body>");
17             soap.Append("<end:service1>");
18             soap.Append("<arg0></arg0>");
19             soap.Append("</end:service1>");
20             soap.Append(" </soapenv:Body>");
21             soap.Append(" </soapenv:Envelope>");
22
23             string url = "http://localhost/end:service1";
24             var result = GetSOAPReSource(url, soap.ToString());
25
26         }
27
28         public static string GetSOAPReSource(string url, string datastr)
29         {
30             try
31             {
32                 //request
33                 Uri uri = new Uri(url);
34                 WebRequest webRequest = WebRequest.Create(uri);
35                 webRequest.ContentType = "text/xml; charset=utf-8";
36                 webRequest.Method = "POST";
37                 using (Stream requestStream = webRequest.GetRequestStream())
38                 {
39                     byte[] paramBytes = Encoding.UTF8.GetBytes(datastr.ToString());
40                     requestStream.Write(paramBytes, 0, paramBytes.Length);
41                 }
42                 //response
43                 WebResponse webResponse = webRequest.GetResponse();
44                 using (StreamReader myStreamReader = new StreamReader(webResponse.GetResponseStream(), Encoding.UTF8))
45                 {
46                     string result = "";
47                     return result = myStreamReader.ReadToEnd();
48                 }
49
50             }
51             catch (Exception ex)
52             {
53                 throw ex;
54             }
55
56         }
57
58     }

2.使用wsdl生成代理类，代理类重写HttpRequest ，将安全验证信息增加到request中，也没有测试通过

1  protected override System.Net.WebRequest GetWebRequest(Uri uri)
2         {
3             System.Net.WebRequest request= base.GetWebRequest(uri);
4             System.Net.NetworkCredential nc = new System.Net.NetworkCredential();
5             nc.UserName = "ssotest";//java webservice 用户名
6             nc.Password = "ssotest";//java webservice 密码
7             request.Credentials = nc;
8
9             return request;
10         }

下面说一个比较简单的方法：
直接使用.net中的服务引用，注意是服务引用（类似WCF引用）主要通过servicemodel来设置安全认证信息，framework3.0以上都支持，
引用后将 Config中 servicemodel 的 endpoint 节点增加headers ,安全验证信息增加尽量来即可。
以下是完整的config：

1 <system.serviceModel>
2     <bindings>
3       <basicHttpBinding>
4         <binding name="Service1SoapBinding" maxReceivedMessageSize="99999999"/>
5       </basicHttpBinding>
6     </bindings>
7     <client>
8         <endpoint address="http://local:9090/ Service1"
9           binding="basicHttpBinding" bindingConfiguration="onlineUserServiceSoapBinding"
10           contract="smpwcf.Service1" name="Service1ImplPort" >
11             <headers>
12                 <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
13                     <wsse:UsernameToken>
14                         <wsse:Username>username</wsse:Username>
15                         <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">password</wsse:Password>
16                     </wsse:UsernameToken>
17                 </wsse:Security>
18             </headers>
19         </endpoint>
20     </client> 21   </system.serviceModel>

另外附加一段php soap调用java wsse webservice代码（已经测试通过）

<?php

//Soap Request
class WSSESoapClient extends SoapClient {
    protected $wsseUser;
    protected $wssePassword;

    public function setWSSECredentials($user, $password) {
        $this->wsseUser = $user;
        $this->wssePassword = $password;
    }

    public function __doRequest($request, $location, $action, $version)
           {
        try
        {
        if (!$this->wsseUser or !$this->wssePassword)
          {
                   return parent::__doRequest($request, $location, $action, $version);
              }

        // get SOAP message into DOM
        $dom = new DOMDocument();
        $dom->loadXML($request);
        $xp = new DOMXPath($dom);
        $xp->registerNamespace('soapenv', 'http://schemas.xmlsoap.org/soap/envelope/');

        // search for SOAP header, create one if not found
        $header = $xp->query('/soapenv:Envelope/soapenv:Header')->item(0);
    if (!$header)
           {
            $header = $dom->createElementNS('http://schemas.xmlsoap.org/soap/envelope/', 'soapenv:Header');
            $envelope = $xp->query('/soapenv:Envelope')->item(0);
            $envelope->insertBefore($header, $xp->query('/soapenv:Envelope/soapenv:Body')->item(0));
        }

    // add WSSE header
    $security = $dom->createElementNS('http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd', 'wsse:Security');
        $usernameToken = $dom->createElementNS('http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd', 'wsse:UsernameToken');
        $username = $dom->createElementNS('http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd', 'wsse:Username', $this->wsseUser);
    $password = $dom->createElementNS('http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd', 'wsse:Password', $this->wssePassword);
    $password->setAttribute( "Type", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText" );
    $security->appendChild($usernameToken);
    $usernameToken->appendChild($username);
        $usernameToken->appendChild($password);
        $header->appendChild($security);

        // perform SOAP call
    $request = $dom->saveXML();
//    echo $request;
        return parent::__doRequest($request, $location, $action, $version);
    }
      catch (Exception $e)
      {
           echo "<h2>Post Method Error!</h2>";
            echo $e->getMessage();
      }
    }

}

//build soap
try{
    $clientsoap = new WSSESoapClient("http://localhost/service1?wsdl");
    $clientsoap->setWSSECredentials("username","password");
//    $clientsoap->soap_defencoding = 'utf-8';
//    $clientsoap->decode_utf8 = false;
    //soap xml
    $request="<soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:end=\"http://localhost/service1/\">"."<soapenv:Body>"."<end:service1>"."<arg0>参数</arg0>"."</end:service1>"."</soapenv:Body>"."</soapenv:Envelope>";
    $location="http://172.16.2.31:9090/smp/ws/onlineuserservice";
    $action=null;
           $version=0;
    $result =$clientsoap->__doRequest($request,$location,$action,$version);
    echo $result;
}
catch (Exception $e) {
            echo "<h2>Exception Error!</h2>";
            echo $e->getMessage();
        }
?>

参考资料：http://stackoverflow.com/questions/5836685/correct-way-communicate-wsse-usernametoken-for-soap-webservice

http://php.net/manual/en/soapclient.soapclient.php

posted @ 2012-11-01 10:23 flat_peach 阅读(9595) 评论(2) 编辑收藏举报

刷新页面返回顶部

flat_peach

c#调用带有安全认证的java webservice

公告