J'essaie d'obtenir un service WCF configuré avec la sécurité des messages (pas de sécurité de transport) de sorte qu'il puisse communiquer avec les clients Java. J'ai utilisé SoapUI pour tester et j'ai surmonté de nombreux obstacles. Maintenant, WCF semble authentifier le message, mais il l'achemine vers l'opération sans le décrypter. Je reçois l'exception interne suivante:La demande SoapUI au service WCF échoue sans décryptage
System.Runtime.Serialization.SerializationException
OperationFormatter rencontré un corps invalide du message. On s'attend à trouver le type de noeud 'Element' avec le nom 'SaySomething' et l'espace de noms 'http://ecollege.com/securityspike/'. Type de noeud trouvé 'Element' avec le nom 'xenc: EncryptedData' et l'espace de noms 'http://www.w3.org/2001/04/xmlenc#'
J'ai tout essayé et lu tout ce que je peux, et je n'ai rien trouvé de similaire, ni trouvé de solution. J'espère que quelqu'un pourrait savoir ce que l'affaire est et être capable de m'aider. Ci-dessous la configuration de mon service WCF et le message SoapUI:
WCF service de configuration de liaison personnalisée
<customBinding>
<binding name="custom">
<security
defaultAlgorithmSuite="Basic128Rsa15"
authenticationMode="MutualCertificate"
securityHeaderLayout="Lax"
includeTimestamp="false"
keyEntropyMode="ClientEntropy"
messageProtectionOrder="EncryptBeforeSign"
messageSecurityVersion="WSSecurity10WSTrust13WSSecureConversation13WSSecurityPolicy12BasicSecurityProfile10"
requireSignatureConfirmation="false"
requireSecurityContextCancellation="false"
allowSerializedSigningTokenOnReply="true">
<localServiceSettings detectReplays="false" />
</security>
<textMessageEncoding messageVersion="Soap11" writeEncoding="utf-8" />
<httpTransport />
</binding>
</customBinding>
SoapUI Original Message
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:sec="http://ecollege.com/securityspike/">
<soapenv:Header/>
<soapenv:Body>
<sec:SaySomething>
<sec:message>
<sec:Message>Hello from SoapUI!</sec:Message>
</sec:message>
</sec:SaySomething>
</soapenv:Body>
</soapenv:Envelope>
SoapUI message sécurisé
<soapenv:Envelope xmlns:sec="http://ecollege.com/securityspike/" xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
<soapenv:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:BinarySecurityToken EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" wsu:Id="CertId-E4A1994D222819B9E91267220999421261" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">MIIB9DCCAWGgAwIBAgIQCdc8f7wHY5NIPPv+42iHmzAJBgUrDgMCHQUAMBUxEzARBgNVBAMTClJvb3RDQVRlc3QwHhcNMTAwMjI1MTcyMzM1WhcNMzkxMjMxMjM1OTU5WjAYMRYwFAYDVQQDEw13Y2ZDbGllbnRDZXJ0MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCw8RJdTARFL+1bbFptcYkIsuBCiJam9rBR14CBKxlvsAVI70F63aDUctYxGKhJgpTOGZyqtVtgawoFf/oPVGSm7yRDR5XcuhqwoQ7IMHxAVKLyNaiE/ZtYb3RTcIC7y1JS2n/DHKu+KK4T2FVhBEZYVhOYP/u4SOvGK6X6uahy4wIDAQABo0owSDBGBgNVHQEEPzA9gBDhcQFxXO88N5H8wWmVu2LGoRcwFTETMBEGA1UEAxMKUm9vdENBVGVzdIIQSgymJZg5k5xJ3Qs97Rs+fTAJBgUrDgMCHQUAA4GBAFumlUh7/DKBwWHvqgcGUFIMx/VtbvlEfyKMIIrdce1I7dPON4+TRf+kho1nf7zbxrioN0s3RfNapiFPkiBndGbyQjoojfq2PRttcbBXgyyaDg3s6Yg95r4ytMn4G9wDICdiW42RKReCZA1PJA55DWtFqWNrUgnDq/uTttHQdOB+</wsse:BinarySecurityToken>
<ds:Signature Id="Signature-125" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<ds:Reference URI="#id-126">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<ds:DigestValue>TY3WWW+3MjAXCj70Ao8g4owVfwc=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>sJS23J31T+EiH9ZcpOBWm9VZDgINsBLWncC9q+Qzhqab/KIY3/hs+Xn2oD6JKPo3/mOIqZ/ZMDMj
KSUKRghYbsGYrUl4Z/37hbmg5ZLaA/XxLMy8cmfXi2FhgebTwFX2Zm3nptCELFaMqcufEV9KBDtv
98/2H4K63ZJa39YW9Tk=</ds:SignatureValue>
<ds:KeyInfo Id="KeyId-E4A1994D222819B9E91267220999421262">
<wsse:SecurityTokenReference wsu:Id="STRId-E4A1994D222819B9E91267220999422263" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsse:Reference URI="#CertId-E4A1994D222819B9E91267220999421261" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"/>
</wsse:SecurityTokenReference>
</ds:KeyInfo>
</ds:Signature>
<xenc:EncryptedKey Id="EncKeyId-E4A1994D222819B9E91267220999410260">
<xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/>
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<wsse:SecurityTokenReference>
<ds:X509Data>
<ds:X509IssuerSerial>
<ds:X509IssuerName>CN=RootCATest</ds:X509IssuerName>
<ds:X509SerialNumber>-146698624100943020459804947660733868602</ds:X509SerialNumber>
</ds:X509IssuerSerial>
</ds:X509Data>
</wsse:SecurityTokenReference>
</ds:KeyInfo>
<xenc:CipherData>
<xenc:CipherValue>og/+4qWGOAZ8jlk2VZeTGP5++lF0aAyaqFSeuIGrGyblklIWf+lkmHydFK2j4ade7tpeiBKHxtcxPR87OpK3pCyStpN36pdqHOdDsy/pozrc7b6zn9IrwXC/WjhIXVQiPZZfpHk0B75ByJq+2laIVbqpeYmGQLaj3ocl/AooGdQ=</xenc:CipherValue>
</xenc:CipherData>
<xenc:ReferenceList>
<xenc:DataReference URI="#EncDataId-124"/>
</xenc:ReferenceList>
</xenc:EncryptedKey>
</wsse:Security>
</soapenv:Header>
<soapenv:Body wsu:Id="id-126" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<xenc:EncryptedData Id="EncDataId-124" Type="http://www.w3.org/2001/04/xmlenc#Content">
<xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<wsse:SecurityTokenReference xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:Reference URI="#EncKeyId-E4A1994D222819B9E91267220999410260"/>
</wsse:SecurityTokenReference>
</ds:KeyInfo>
<xenc:CipherData>
<xenc:CipherValue>2v9lbteE7Vh5zbw0yZHxX9srTRh6N/uOxsCnjY1/ShDQvExCDcuVCfgfpXxdbCWRHcH1QTIJ9Wv1
vG17WA1c7AdnVZfyAmGsXYNn2ZhIq3dQeUKbgDnhfT16NOPeXUtdd+EUb5p+Iw1JrktXmKK+jpX6
7Kp/Wv1vaxN9xfZfygqBrdgrjJYyihlQoKI0UEpc3QoKW6Zwp3hJcf52gLJwBb2Sxcc8Nnnr83GM
15SGv9rEIpYzJKvebwiha1/bby+mULEvlNrtsER7GyjG94Eu+0BjsPPYMwt4E6iV0umMuZF8Su8o
MWYXby+aaUs4QOGsWJSAJWrICIWfZDM/VjOj76OAzc3vKL/lLNJskQ5XYdOWzjYz5v6qZ5C4mTV7
ZNWM3cnLe40CtguuzYHooPyjpcE9MEsP5oVm4ns2dVZvsaF/lYxQZHsRDRNxkEC19pkK</xenc:CipherValue>
</xenc:CipherData>
</xenc:EncryptedData>
</soapenv:Body>
</soapenv:Envelope>
WCF message sécurisé
<s:Envelope
xmlns:s="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<s:Header>
<o:Security
s:mustUnderstand="1"
xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<o:BinarySecurityToken
u:Id="uuid-1aa5b3d3-f82a-4de3-a8cf-3c36d2042a9a-5"
ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"
EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"
>MIIB9DCCAWGgAwIBAgIQCdc8f7wHY5NIPPv+42iHmzAJBgUrDgMCHQUAMBUxEzARBgNVBAMTClJv
b3RDQVRlc3QwHhcNMTAwMjI1MTcyMzM1WhcNMzkxMjMxMjM1OTU5WjAYMRYwFAYDVQQDEw13Y2ZD
bGllbnRDZXJ0MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCw8RJdTARFL+1bbFptcYkIsuBC
iJam9rBR14CBKxlvsAVI70F63aDUctYxGKhJgpTOGZyqtVtgawoFf/oPVGSm7yRDR5XcuhqwoQ7I
MHxAVKLyNaiE/ZtYb3RTcIC7y1JS2n/DHKu+KK4T2FVhBEZYVhOYP/u4SOvGK6X6uahy4wIDAQAB
o0owSDBGBgNVHQEEPzA9gBDhcQFxXO88N5H8wWmVu2LGoRcwFTETMBEGA1UEAxMKUm9vdENBVGVz
dIIQSgymJZg5k5xJ3Qs97Rs+fTAJBgUrDgMCHQUAA4GBAFumlUh7/DKBwWHvqgcGUFIMx/VtbvlE
fyKMIIrdce1I7dPON4+TRf+kho1nf7zbxrioN0s3RfNapiFPkiBndGbyQjoojfq2PRttcbBXgyya
Dg3s6Yg95r4ytMn4G9wDICdiW42RKReCZA1PJA55DWtFqWNrUgnDq/uTttHQdOB+</o:BinarySecurityToken>
<e:EncryptedKey Id="_0" xmlns:e="http://www.w3.org/2001/04/xmlenc#">
<e:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/>
<KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
<o:SecurityTokenReference>
<X509Data>
<X509IssuerSerial>
<X509IssuerName>CN=RootCATest</X509IssuerName>
<X509SerialNumber>-146698624100943020459804947660733868602</X509SerialNumber>
</X509IssuerSerial>
</X509Data>
</o:SecurityTokenReference>
</KeyInfo>
<e:CipherData>
<e:CipherValue>EX2mPLI7VpedG2WVzmBiYje+z/WppWsYO6Pg4/WwlQRv2rLaFmgF4cg8yn55dVyFStr9Me6jjq4s
+VS5s0t+IGVjCm17gCREC4r07FUTPFKtB5JR8lfcRFKriCMCkwnr4DLxzVKa/h9Mw+4DK4+mMkX+
lAO985cluGKhbmuWYhM=</e:CipherValue>
</e:CipherData>
<e:ReferenceList>
<e:DataReference URI="#_2"/>
</e:ReferenceList>
</e:EncryptedKey>
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
<SignedInfo>
<CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<Reference URI="#_1">
<Transforms>
<Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<DigestValue>r01NIZbDYv/a/od4dKmN2VF54NY=</DigestValue>
</Reference>
</SignedInfo>
<SignatureValue>h/uzND4eoH5WOguIzwO9YurD2fEF0NBH9Bl5ipFjZaffyi+z2m2fYngujtcoxh8a6YPyMW3Us0Q0
//i79GEnkxCq0mBPbLJvLvtXFAuJpFZ9oOEKRqJ5Uqh8je6um0KJCiSFn74xy23OEG6fRbUJZkJP
IH8KnGhzqR1UGXkI49E=</SignatureValue>
<KeyInfo>
<o:SecurityTokenReference>
<o:Reference
ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"
URI="#uuid-1aa5b3d3-f82a-4de3-a8cf-3c36d2042a9a-5"/>
</o:SecurityTokenReference>
</KeyInfo>
</Signature>
</o:Security>
</s:Header>
<s:Body u:Id="_1">
<e:EncryptedData Id="_2"
Type="http://www.w3.org/2001/04/xmlenc#Content"
xmlns:e="http://www.w3.org/2001/04/xmlenc#">
<e:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
<e:CipherData>
<e:CipherValue>2VwP5Qcdyff6awcskzwtLktVQOB2UKFOFmFExNUJa0kJbT1gH1MzoIthuNx7bUHmAqGpnmrs6b2t
f4zpkZv8mZ8L41WBkrg2LGLCeBpXtmudpOdQ9KaEIXqXlRHUI6OutrsCKRWDTRlMD+Y2m0fM8sxF
5mp7lsGJUVzbpLcb4hduKI2RVkylxRMpqIgcDR4vj72ew52QMtrNdH5QZsouyBDeE2fc+imGKK9K
UcLlQbZRzLkv9oYzHicewaWnOeGr4dhkdn6eBropbK0gqxoxng==</e:CipherValue>
</e:CipherData>
</e:EncryptedData>
</s:Body>
</s:Envelope>
Salut, je sais que ça fait un certain temps que vous avez ce problème, mais j'essaie de faire fonctionner soapUI 3.6 avec WCF en utilisant ** tout ** type de sécurité des messages avec des certificats mutuels. Il semble que vous étiez capable de le faire. Ce qui manque à votre explication, ce sont les paramètres que vous avez définis dans l'interface soapUI. J'ai passé des jours à essayer différentes combinaisons, sans succès. Pouvez-vous définir quels sont les paramètres que vous avez choisis dans soapUI pour que cela fonctionne? Merci, Milen – Milen