WCF Siebel 服务身份验证
WCF Siebel service authentication
我正在开发与 Siebel EAI 网络服务的集成,但我不知道身份验证是如何工作的
下面的请求在 SoapUi 上正常工作:
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:cus="http://siebel.com/CustomUI">
<soapenv:Header>
<UsernameToken xmlns="http://siebel.com/webservices">BRBD</UsernameToken>
<PasswordText xmlns="http://siebel.com/webservices">2015</PasswordText>
</soapenv:Header>
<soapenv:Body>
<cus:GetTransactionForDays_Input>
<cus:Program_spcName>Loyalty Program – Agroservice</cus:Program_spcName>
<cus:Days>10</cus:Days>
</cus:GetTransactionForDays_Input>
</soapenv:Body>
</soapenv:Envelope>
我需要的是将此请求重现为 WCF 客户端。我的代码如下所示:
PartnersWs.BCS_spcLOY_spcPeriod_spcTransactionClient tran =
new BCS_spcLOY_spcPeriod_spcTransactionClient("myCustomBinding",
"http://[server]/start.swe?SWEExtSource=WebService&SWEExtCmd=Execute&WSSOAP=1");
GetTransactionForDays_Input inp = new GetTransactionForDays_Input();
inp.Days = "1";
inp.Program_spcName = "Loyalty Program - Puntos Poderosos";
GetTransactionForDaysRequest req = new GetTransactionForDaysRequest(inp);
tran.ClientCredentials.UserName.UserName = "BRBD";
tran.ClientCredentials.UserName.Password = "2015";
tran.GetTransactionForDays(inp);
我的自定义绑定配置(因为我不想使用https,所以我需要指定allowInsecure):
<customBinding>
<binding name="myCustomBinding">
<transactionFlow />
<security
authenticationMode="SecureConversation"
messageSecurityVersion="WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10"
allowInsecureTransport="true" allowSerializedSigningTokenOnReply="true" >
<secureConversationBootstrap
authenticationMode="UserNameForSslNegotiated"
messageSecurityVersion="WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10" />
</security>
<textMessageEncoding />
<httpTransport decompressionEnabled="true" useDefaultWebProxy="true"/>
</binding>
</customBinding>
服务器的响应是:
The content type text/xml;charset=utf-8 of the response message does not match the content type of the binding (application/soap+xml; charset=utf-8). If using a custom encoder, be sure that the IsContentTypeSupported method is implemented properly. The first 756 bytes of the response were: '<?xml version="1.0" encoding="utf-8"?><SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema"><SOAP-ENV:Body><SOAP-ENV:Fault><faultcode>SOAP-ENV:Client</faultcode>**<faultstring>
Error Code: 10944642 Error Message: Error: Inbound SOAP Message - Session Token is missing or invalid or has expired</faultstring>**<detail><siebelf:errorstack xmlns:siebelf="http://www.siebel.com/ws/fault"><siebelf:error><siebelf:errorsymbol /><siebelf:errormsg>Error: Inbound SOAP Message - Session Token is missing or invalid or has expired</siebelf:errormsg></siebelf:error></siebelf:errorstack></detail></SOAP-ENV:Fault></SOAP-ENV:Body></SOAP-ENV:Envelope>'.
有什么想法吗?
tks
根据 Siebel Bookshelf WS-Security(您在绑定中实现)和 Siebel SOAP web 服务中使用的安全 header 是两个完全不同的东西。
请更正您的绑定以不包含 WS-Security 模型 - 而是像对待任何其他字段一样对待 header 字段(但包含正确的命名空间)。
也有不同的方法来验证 Siebel(您可能也想研究一下):
- 匿名池(完全不需要身份验证)
- Web 服务端点中给出的用户名和密码 URL
我正在开发与 Siebel EAI 网络服务的集成,但我不知道身份验证是如何工作的
下面的请求在 SoapUi 上正常工作:
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:cus="http://siebel.com/CustomUI">
<soapenv:Header>
<UsernameToken xmlns="http://siebel.com/webservices">BRBD</UsernameToken>
<PasswordText xmlns="http://siebel.com/webservices">2015</PasswordText>
</soapenv:Header>
<soapenv:Body>
<cus:GetTransactionForDays_Input>
<cus:Program_spcName>Loyalty Program – Agroservice</cus:Program_spcName>
<cus:Days>10</cus:Days>
</cus:GetTransactionForDays_Input>
</soapenv:Body>
</soapenv:Envelope>
我需要的是将此请求重现为 WCF 客户端。我的代码如下所示:
PartnersWs.BCS_spcLOY_spcPeriod_spcTransactionClient tran =
new BCS_spcLOY_spcPeriod_spcTransactionClient("myCustomBinding",
"http://[server]/start.swe?SWEExtSource=WebService&SWEExtCmd=Execute&WSSOAP=1");
GetTransactionForDays_Input inp = new GetTransactionForDays_Input();
inp.Days = "1";
inp.Program_spcName = "Loyalty Program - Puntos Poderosos";
GetTransactionForDaysRequest req = new GetTransactionForDaysRequest(inp);
tran.ClientCredentials.UserName.UserName = "BRBD";
tran.ClientCredentials.UserName.Password = "2015";
tran.GetTransactionForDays(inp);
我的自定义绑定配置(因为我不想使用https,所以我需要指定allowInsecure):
<customBinding>
<binding name="myCustomBinding">
<transactionFlow />
<security
authenticationMode="SecureConversation"
messageSecurityVersion="WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10"
allowInsecureTransport="true" allowSerializedSigningTokenOnReply="true" >
<secureConversationBootstrap
authenticationMode="UserNameForSslNegotiated"
messageSecurityVersion="WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10" />
</security>
<textMessageEncoding />
<httpTransport decompressionEnabled="true" useDefaultWebProxy="true"/>
</binding>
</customBinding>
服务器的响应是:
The content type text/xml;charset=utf-8 of the response message does not match the content type of the binding (application/soap+xml; charset=utf-8). If using a custom encoder, be sure that the IsContentTypeSupported method is implemented properly. The first 756 bytes of the response were: '<?xml version="1.0" encoding="utf-8"?><SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema"><SOAP-ENV:Body><SOAP-ENV:Fault><faultcode>SOAP-ENV:Client</faultcode>**<faultstring>
Error Code: 10944642 Error Message: Error: Inbound SOAP Message - Session Token is missing or invalid or has expired</faultstring>**<detail><siebelf:errorstack xmlns:siebelf="http://www.siebel.com/ws/fault"><siebelf:error><siebelf:errorsymbol /><siebelf:errormsg>Error: Inbound SOAP Message - Session Token is missing or invalid or has expired</siebelf:errormsg></siebelf:error></siebelf:errorstack></detail></SOAP-ENV:Fault></SOAP-ENV:Body></SOAP-ENV:Envelope>'.
有什么想法吗? tks
根据 Siebel Bookshelf WS-Security(您在绑定中实现)和 Siebel SOAP web 服务中使用的安全 header 是两个完全不同的东西。
请更正您的绑定以不包含 WS-Security 模型 - 而是像对待任何其他字段一样对待 header 字段(但包含正确的命名空间)。
也有不同的方法来验证 Siebel(您可能也想研究一下):
- 匿名池(完全不需要身份验证)
- Web 服务端点中给出的用户名和密码 URL