使用明文密码正确绑定web服务配置

Question

我正在尝试在.NET中创建web服务客户端。我添加了服务引用，Visual Studio创建了以下绑定：

<bindings>
    <basicHttpBinding>
        <binding name="sample" />
    </basicHttpBinding>
</bindings>

但我得到了q0:FailedAuthentication.

我发现只有当我将WSS_TYPE设置为PasswordText时，我才能在SoapUI中获得结果。

如何在.NET/WCF中设置绑定配置以获取相同的请求？

下面是SoapUI请求：

<soapenv:Envelope xmlns:rnl="sample" xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
  <soapenv:Header>
    <wsse:Security soapenv:mustUnderstand="1" 
                   xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" 
                   xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
      <wsse:UsernameToken wsu:Id="UsernameToken-3">
        <wsse:Username>username</wsse:Username>
        <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">password</wsse:Password>
        <wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">XXXX</wsse:Nonce>
        <wsu:Created>date</wsu:Created>
      </wsse:UsernameToken>
    </wsse:Security>
  </soapenv:Header>
  <soapenv:Body>
    <rnl:GetLastUpdate/>
  </soapenv:Body>
</soapenv:Envelope>

Answer 1

在没有SSL的情况下使用ClearUsernameBinding。如果有SSL，请使用以下命令：

        <basicHttpBinding>
            <binding name="NewBinding0">
                <security mode="TransportWithMessageCredential" />
            </binding>
        </basicHttpBinding>

在这两种情况下，打开服务器上的wcf日志和跟踪，查看您的消息与soapUI的不同之处，以及内部服务器的例外情况。

Answer 2

我在http://benpowell.org/supporting-the-ws-i-basic-profile-password-digest-in-a-wcf-client-proxy/的帮助下找到了答案

我需要在BeforeSendRequest中添加一个标头

public object BeforeSendRequest(ref System.ServiceModel.Channels.Message request, System.ServiceModel.IClientChannel channel)
        {
            UsernameToken token = new UsernameToken(this.Username, this.Password, PasswordOption.SendPlainText);
            XmlElement securityToken = token.GetXml(new XmlDocument());
            MessageHeader securityHeader = MessageHeader.CreateHeader("Security", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", securityToken, false);
            request.Headers.Add(securityHeader);
            return null;
        }