FSETSERVICE.无法实现 Web 服务,soap 客户端

2022-09-04 04:54:42

我正在尝试为此Web服务创建一个客户端,https://fsettestversion.edd.ca.gov/fsetwcfproxywebservice/fsetservice.svc

根据fset文档,上面的xml是请求的一个例子。我尝试过使用wcf.js,soap.js,.NET,JAVA JAX WS(wsimport),CFX,但是我无法成功进行PING调用。

有没有人能在这里给我一盏灯?我得到以下响应(.NET,node js,JAVA):

<s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:a="http://www.w3.org/2005/08/addressing"><s:Header><a:Action s:mustUnderstand="1">http://www.w3.org/2005/08/addressing/soap/fault</a:Action><a:RelatesTo>urn:uuid:9effd4c4-2ad4-4b13-a5d2-5b387221b3d7</a:RelatesTo></s:Header><s:Body><s:Fault><s:Code><s:Value>s:Sender</s:Value><s:Subcode><s:Value xmlns:a="http://docs.oasis-open.org/ws-sx/ws-secureconversation/200512">a:BadContextToken</s:Value></s:Subcode></s:Code><s:Reason><s:Text xml:lang="en-US">The message could not be processed. This is most likely because the action 'http://edd.ca.gov/IFsetService/Ping' is incorrect or because the message contains an invalid or expired security context token or because there is a mismatch between bindings. The security context token would be invalid if the ser

a:InvaildSecurity

在java中,错误显示

[main] INFO org.apache.cxf.wsdl.service.factory.ReflectionServiceFactoryBean - Creating Service {http://edd.ca.gov/}IFsetServiceService
from class com.hrx.fset.model.IFsetService
org.apache.cxf.binding.soap.SoapFault: An error occurred when verifying security for the message.
javax.xml.ws.soap.SOAPFaultException: An error occurred when verifying security for the message.
    at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:161)

以下是基于文档的示例肥皂信封:https://edd.ca.gov/pdf_pub_ctr/de545.pdf

<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" xmlns:a="http://schemas.xmlsoap.org/ws/2004/08/addressing" xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<s:Header>
    <a:Action s:mustUnderstand="1">http://edd.ca.gov/IFsetService/Ping</a:Action>
    <a:MessageID>urn:uuid:a301683e-e0cc-4afc-95f2-68fa8d7d47b0</a:MessageID>
    <a:ReplyTo>
        <a:Address>http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous</a:Address>
    </a:ReplyTo>
    <a:To s:mustUnderstand="1">https://fsettestversion.edd.ca.gov/fsetwcfproxywebservice/fsetservice.svc</a:To>
    <o:Security xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis200401-wss-wssecurity-secext-1.0.xsd" s:mustUnderstand="1">
        <u:Timestamp u:Id="_0">
            <u:Created>2016-07-07T19:53:30.188Z</u:Created>
            <u:Expires>2016-07-07T19:58:30.188Z</u:Expires>
        </u:Timestamp>
        <o:UsernameToken u:Id="uuid-c433d300-8e53-4794-9e79-97bf9946df61-19">
            <o:Username>UserName</o:Username>
            <o:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-usernametoken-profile-1.0#PasswordText">Password123</o:Password>
        </o:UsernameToken>
    </o:Security>
</s:Header>
<s:Body xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
    <Ping xmlns="http://edd.ca.gov/" />
</s:Body>

以下是在 .net 项目中作为 Web 服务引用导入时的输出配置:

<system.serviceModel>
<bindings>
    <basicHttpBinding>
        <binding name="basicHttpEndPoint" messageEncoding="Mtom">
            <security mode="TransportWithMessageCredential" />
        </binding>
    </basicHttpBinding>
    <customBinding>
        <binding name="basicHttpCustomLegacyEndPoint">
            <security defaultAlgorithmSuite="Default" authenticationMode="UserNameOverTransport" requireDerivedKeys="true" includeTimestamp="true" messageSecurityVersion="WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10">
                <localClientSettings detectReplays="false" />
                <localServiceSettings detectReplays="false" />
            </security>
            <mtomMessageEncoding messageVersion="Soap11WSAddressingAugust2004" />
            <httpsTransport />
        </binding>
    </customBinding>
    <ws2007HttpBinding>
        <binding name="wsHttpBindingEndPoint" messageEncoding="Mtom">
            <security mode="TransportWithMessageCredential">
                <transport clientCredentialType="None" />
                <message clientCredentialType="UserName" />
            </security>
        </binding>
    </ws2007HttpBinding>
</bindings>
<client>
    <endpoint address="https://fsettestversion.edd.ca.gov/FSETWCFProxyWebService/FsetService.svc/wsHttp" binding="ws2007HttpBinding" bindingConfiguration="wsHttpBindingEndPoint" contract="ServiceReference1.IFsetService" name="wsHttpBindingEndPoint" />
    <endpoint address="https://fsettestversion.edd.ca.gov/FSETWCFProxyWebService/FsetService.svc" binding="customBinding" bindingConfiguration="basicHttpCustomLegacyEndPoint" contract="ServiceReference1.IFsetService" name="basicHttpCustomLegacyEndPoint" />
    <endpoint address="https://fsettestversion.edd.ca.gov/FSETWCFProxyWebService/FsetService.svc/basic" binding="basicHttpBinding" bindingConfiguration="basicHttpEndPoint" contract="ServiceReference1.IFsetService" name="basicHttpEndPoint" />
</client>

以下代码适用于 .net(使用 basicHttpBinding)

BasicHttpBinding myBinding = new BasicHttpBinding(BasicHttpSecurityMode.TransportWithMessageCredential);
        EndpointAddress ea = new
            EndpointAddress("https://fsettestversion.edd.ca.gov/FSETWCFProxyWebService/FsetService.svc/basic");


        ServiceReference1.FsetServiceClient client = new ServiceReference1.FsetServiceClient(myBinding, ea);
        client.ClientCredentials.UserName.UserName = username;
        client.ClientCredentials.UserName.Password = password;

        client.Open();

        Console.WriteLine(client.Ping());

        client.Close();

输出为:


El tipo de contenido multipart/related; type="application/xop+xml";start="http://tempuri.org/0";boundary="uuid:4cdfd7cb-0959-4b6f-9009-1abf534d8253+id=79";start-info="text/xml" del mensaje de respuesta no coincide con el tipo de contenido del enlace (text/xml; charset=utf-8). Si usa un codificador personalizado, asegúrese de que el método IsContentTypeSupported se implemente correctamente. Los primeros 591 bytes de la respuesta fueron: '
--uuid:4cdfd7cb-0959-4b6f-9009-1abf534d8253+id=79
Content-ID: http://tempuri.org/0
Content-Transfer-Encoding: 8bit
Content-Type: application/xop+xml;charset=utf-8;type="text/xml"

a:InvalidSecurityAn error occurred when verifying security for the message. --uuid:4cdfd7cb-0959-4b6f-9009-1abf534d8253+id=79-- '.

对于 wshttpbinding,请提供以下代码:


static void wsHttpTest1() {

    mSecurty.InitiateSSLTrust();
    WSHttpBinding binding = new WSHttpBinding();
    EndpointAddress ea = new EndpointAddress(new Uri("https://fsettestversion.edd.ca.gov/FSETWCFProxyWebService/FsetService.svc/wsHttp"));

    binding.Name = "wsHttpBindingEndPoint";
    binding.MessageEncoding = WSMessageEncoding.Text; //FaultException  when using Mtom as should be based on binding.
    binding.Security = new WSHttpSecurity();
    binding.Security.Mode = SecurityMode.TransportWithMessageCredential;
    binding.Security.Transport = new HttpTransportSecurity();
    binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.None;
    binding.Security.Message = new NonDualMessageSecurityOverHttp();
    binding.Security.Message.ClientCredentialType = MessageCredentialType.UserName;
    binding.Security.Message.EstablishSecurityContext = false;

    FsetServiceClient proxy = new FsetServiceClient(binding, ea);
    proxy.ClientCredentials.UserName.UserName = username;
    proxy.ClientCredentials.UserName.Password = password;

    proxy.Open();
    String response = proxy.Ping();
    Console.WriteLine(response);
    proxy.Close();

}

响应显示:


El tipo de contenido multipart/related; type="application/xop+xml";start="http://tempuri.org/0";boundary="uuid:c6214f11-8f31-49ed-9108-ff0572d7a532+id=8";start-info="application/soap+xml" del mensaje de respuesta no coincide con el tipo de contenido del enlace (application/soap+xml; charset=utf-8). Si usa un codificador personalizado, asegúrese de que el método IsContentTypeSupported se implemente correctamente. Los primeros 1024 bytes de la respuesta fueron: '
--uuid:c6214f11-8f31-49ed-9108-ff0572d7a532+id=8
Content-ID: http://tempuri.org/0
Content-Transfer-Encoding: 8bit
Content-Type: application/xop+xml;charset=utf-8;type="application/soap+xml"

http://www.w3.org/2005/08/addressing/soap/faulturn:uuid:c60805c6-579a-4333-9dec-035200e20fe2s:Sendera:BadContextTokenThe message could not be processed. This is most likely because the action 'http://edd.ca.gov/IFsetService/Ping' is incorrect or because the message contains an invalid or expired security context token or because there is a mismatch between bindings. The security context token would be invalid if the ser'.

编辑 1.正如@Popo所建议的那样,我添加了一个证书。如果 im 有误,请纠正我,但给定 App.config 证书中的绑定输出不是必需的。Bellow又一次失败的预言。我创建了一个证书> makecert.exe -sr Oscarrico-ss My -a sha1 -n CN=WcfClient -sky exchange -pe.并添加了 u 受信任的存储。


static void basingBindingTest03() {

    BasicHttpBinding binding = new BasicHttpBinding();
    EndpointAddress ea = new EndpointAddress(new Uri("https://fsettestversion.edd.ca.gov/FSETWCFProxyWebService/FsetService.svc/basic"));

    binding.Name = "basicHttpEndPoint";
    binding.MessageEncoding = WSMessageEncoding.Text; //FaultException when using Mtom.
    binding.Security.Mode = BasicHttpSecurityMode.TransportWithMessageCredential;
    binding.Security.Transport = new HttpTransportSecurity();
    binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.None;
    binding.Security.Message.ClientCredentialType = BasicHttpMessageCredentialType.UserName;


    FsetServiceClient proxy = new FsetServiceClient(binding, ea);
    proxy.ClientCredentials.UserName.UserName = username;
    proxy.ClientCredentials.UserName.Password = password;
    proxy.ClientCredentials.ClientCertificate.SetCertificate(
        StoreLocation.CurrentUser,
        StoreName.TrustedPeople,
        X509FindType.FindBySubjectName,
        "WcfClient");

    proxy.Open();
    String response = proxy.Ping();
    Console.WriteLine(response);
    proxy.Close();

}

上一个基本绑定测试03的输出:


Excepción no controlada del tipo 'System.ServiceModel.ProtocolException' en mscorlib.dll
The content type multipart/related; type="application/xop+xml";start="";boundary="uuid:b47a3223-de29-49f8-b101-708c1ccac45c+id=95";start-info="text/xml" of the response message does not match the content type of the binding (text/xml; charset=utf-8). If using a custom encoder, be sure that the IsContentTypeSupported method is implemented properly. The first 591 bytes of the response were: '
--uuid:b47a3223-de29-49f8-b101-708c1ccac45c+id=95
Content-ID: 
Content-Transfer-Encoding: 8bit
Content-Type: application/xop+xml;charset=utf-8;type="text/xml"

a:InvalidSecurityAn error occurred when verifying security for the message.
--uuid:b47a3223-de29-49f8-b101-708c1ccac45c+id=95--
'.


答案 1

如果您将基本HttpBinding从以下位置更改:

<basicHttpBinding>
    <binding name="basicHttpEndPoint" messageEncoding="Mtom">
        <security mode="TransportWithMessageCredential" />
    </binding>
</basicHttpBinding>

自:

  <basicHttpBinding>
    <binding name="basicHttpEndPoint" messageEncoding="Mtom">
      <security mode="TransportWithMessageCredential">
        <transport clientCredentialType="None" />
        <message clientCredentialType="UserName"/>
      </security>          
    </binding>
  </basicHttpBinding>

并在代码后面调用Web方法,如下所示:

public void test2()
{
    string resp;
    FsetServiceClient client = new FsetServiceClient("basicHttpEndPoint");

    client.ClientCredentials.UserName.UserName = "UserName";
    client.ClientCredentials.UserName.Password = "Password123";
    // client.ClientCredentials.ClientCertificate.Certificate = GetCertificateFromStore("3db96ac58545346382d0e6d1456bfcd7145d3514")

    try
    {
        resp = client.Ping();
    }
    catch (Exception ex)
    {
        Debug.WriteLine(ex.ToString());
    }
}

你得到不同的结果吗?我假设您的示例中的用户名和密码无效。您可能还需要传递证书。


答案 2

推荐