The solution takes 3 steps:
1.) Create custom ClientOutputFil ter
2.) Create a custom Assertion that uses filter from step 1
3.) Bind service to custom Assertion
Step 1
Custom Filter(Called by Custom Assertion)
Class ClientOutputFil ter
Inherits SendSecurityFil ter
Private parentAssertion As UsernameClientA ssertion
Private filterContext As FilterCreationC ontext
Public Sub New(ByVal parentAssertion As UsernameClientA ssertion, ByVal
filterContext As FilterCreationC ontext)
MyBase.New(pare ntAssertion.Ser viceActor, False,
parentAssertion .ClientActor)
Me.parentAssert ion = parentAssertion
Me.filterContex t = filterContext
End Sub
Public Overrides Function ProcessMessage( ByVal envelope As
Microsoft.Web.S ervices3.SoapEn velope) As
Microsoft.Web.S ervices3.SoapFi lterResult
Dim securityElement As XmlElement = envelope.Create Element("wsse",
"Security", "http://schemas.xmlsoap .org/ws/2002/07/secext")
Dim mustUnderstandA ttribute As XmlAttribute =
envelope.Create Attribute(envel ope.DocumentEle ment.Prefix, "mustUnderstand ",
envelope.Docume ntElement.Names paceURI)
Dim userToken As New UsernameToken(p arentAssertion. username,
parentAssertion .password, PasswordOption. SendPlainText)
mustUnderstandA ttribute.Value = "true"
securityElement .AppendChild(us erToken.GetXml( envelope))
envelope.Create Header.AppendCh ild(securityEle ment)
Return SoapFilterResul t.Continue
End Function
End Class
Step 2 Custom Assertion
Public Class UsernameClientA ssertion
Inherits SecurityPolicyA ssertion
Public username As String
Public password As String
Public Sub New(ByVal username As String, ByVal password As String)
Me.username = username
Me.password = password
End Sub
Public Overloads Overrides Function CreateClientOut putFilter(ByVal context
As FilterCreationC ontext) As SoapFilter
Return New ClientOutputFil ter(Me, context)
End Function
Public Overrides Function CreateClientInp utFilter(ByVal context As
FilterCreationC ontext) As SoapFilter
' we don't provide ClientInputFilt er
Return Nothing
End Function
Public Overrides Function CreateServiceIn putFilter(ByVal context As
FilterCreationC ontext) As SoapFilter
' we don't provide any processing for web service side
Return Nothing
End Function
Public Overrides Function CreateServiceOu tputFilter(ByVa l context As
FilterCreationC ontext) As SoapFilter
' we don't provide any processing for web service side
Return Nothing
End Function
End Class
Step 3: Bind proxy to custom assertion
Private WS As New Service.Service nameWSE
Private token As UsernameToken = New UsernameToken(U SERNAME, PASSWORD,
PasswordOption. SendPlainText)
ProvideUsername Token.Assertion s.Add(New UsernameClientA ssertion(USERNA ME,
PASSWORD))
WS.SetClientCre dential(token)
WS.SetPolicy(Pr ovideUsernameTo ken)
Good luck, if anyone has a better way to do this I'm all ears
- Ed
"Sònia" wrote:
Hi,
I'm developping an WSE client application that calls a webservice with
WS-Security.
I'm sending a SOAP message like
************
<soap:Envelop e xmlns:soap="htt p://schemas.xmlsoap .org/soap/envelope/"
xmlns:soapenc=" http://schemas.xmlsoap .org/soap/encoding/"
xmlns:tns="http ://www.meteocatser veis.com/axis/services/ConsultaEstacio ns"
xmlns:types="ht tp://www.meteocatser veis.com/axis/services/ConsultaEstacio ns/encodedTypes"
xmlns:xsi="http ://www.w3.org/2001/XMLSchema-instance"
xmlns:xsd="http ://www.w3.org/2001/XMLSchema"
xmlns:wsa="http ://schemas.xmlsoap .org/ws/2004/08/addressing"
xmlns:wsse="htt p://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
xmlns:wsu="http ://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<soap:Header>
<wsa:Action>
</wsa:Action>
<wsa:MessageID> urn:uuid:65f4b3 95-f208-4286-9656-6239f096e26c</wsa:MessageID>
<wsa:ReplyTo>
<wsa:Address>ht tp://schemas.xmlsoap .org/ws/2004/08/addressing/role/anonymous</wsa:Address>
</wsa:ReplyTo>
<wsa:To>http://www.meteocatser veis.com/axis/services/ConsultaEstacio ns</wsa:To>
<wsse:Securit y>
<wsu:Timestam p
wsu:Id="Timesta mp-36736541-67a9-44fb-9779-9a422bc94c50">
<wsu:Created>20 08-03-13T16:07:12Z</wsu:Created>
<wsu:Expires>20 08-03-13T16:12:12Z</wsu:Expires>
</wsu:Timestamp>
<wsse:UsernameT oken
xmlns:wsu="http ://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="Securit yToken-364b2ace-9b69-41cf-be74-a814910008fe">
<wsse:Username> tvc</wsse:Username>
<wsse:Passwor d
Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDig est">cTPEB2dduq v9xOiuhOAAoKVfV tI=</wsse:Password>
<wsse:Nonce>cWk O9B6G3wY/AND1BRSUAg==</wsse:Nonce>
<wsu:Created>20 08-03-13T16:07:12Z</wsu:Created>
</wsse:UsernameTo ken>
</wsse:Security>
</soap:Header>
<soap:Body
soap:encodingSt yle="http://schemas.xmlsoap .org/soap/encoding/">
<q1:dades_ultim es xmlns:q1="http://consultaEstacio ns" />
</soap:Body>
</soap:Envelope>
*************** *************** ***********
But the webservice receiving that message don't undersand the "Timestamp" tag.
How can I remove it?