0

I used wsdl.exe to generate a class in C# to call a web service. This works fine as long as this web service does not require a header. Now I need to add a header like this:

<soapenv:Header>
  <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
     <wsse:UsernameToken>
        <wsse:Username>myUsername</wsse:Username>
        <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">myPassword</wsse:Password>
     </wsse:UsernameToken>
  </wsse:Security>

Therefore I added a class Security with the class UsernameToken inside, which carries Username and Password and added it to the calling class. The problem to capture the whole SOAP message, which is sent out could be solved with a SOAP extension. I could achieve:

<Security xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
    <UsernameToken>
       <Username>username</Username>
       <Password>verysecret</Password>
    </UsernameToken>
</Security>

So now I am missing this wsse part and the "Type" attribute in the password tag? How can this be done? Should I be using a [MessageContract] instead? Or can I just "hard code" the string and put it in the header?

Graffl
  • 380
  • 3
  • 9
  • the web service that requires a header, is it a WCF or a normal web service? – BossRoss Jun 17 '14 at 08:10
  • 1
    Is this question really about the header, or about sending a username and password with each request for authentication? – Stefan Over Jun 17 '14 at 08:11
  • Normal web service I would say (EAR running on WebSphere). Of course the problem is in the end sending a username and password, but I take it step by step. Right now I want to see what I am sending. – Graffl Jun 17 '14 at 08:17
  • @Graffl IF you want to see the SOAP-message only for learning purposes, just inspect the raw SOAP-message you receive on the server side. – Stefan Over Jun 17 '14 at 08:22
  • If he has access to the server... – BossRoss Jun 17 '14 at 08:24
  • I have no access to the code in the EAR but I have access to the server on which WebSphere is running. How can I see the incoming message there? – Graffl Jun 17 '14 at 08:28
  • @BossRoss If client-only access is available, the [SOAP extension](http://stackoverflow.com/a/3879433/2132796) might be helpful. – Stefan Over Jun 17 '14 at 08:33
  • I tried the SOAP extension from [CodeProject](https://workspaces.codeproject.com/user-10855259/efficient-tracing-using-soap-extensions-in-net) but so far I don't see the result. While I am trying on this: Would it just be possible to hard code the whole header string and add it as header? – Graffl Jun 17 '14 at 09:15

1 Answers1

0

You have a few questions in your question but to answer "Nevertheless my biggest problem is right now, that I don't see, what was actually send as a header." you can see the SOAP envelope in method private void CallWebSvcCallAsync(model.WebSvcMethod webSvcMethod)

Put a break point on var call = new websvcasync.Operations.CallAsyncOp(webSvcMethod, _cancelToken, State.Instance.ConfigProxy, State.Instance.ConfigTimeout.Timeout); and inspect the webSvcMethod.SampleReqMsg. It will give you an idea of what envelope is being posted.

If you can get the SOAP envelope structure sorted you should be good to go.

BossRoss
  • 869
  • 2
  • 11
  • 31
  • However I would recommend trying to get a SOAP envelope which you know works and then use WsdlUI and compare and modify to get the desired results. – BossRoss Jun 17 '14 at 08:23