8

I'm trying to consume a WebService written in Java by our provider from our C# App. When it's time to communicate, I get this:

WSDoAllReceiver: Incoming message does not contain required Security header

Since yesterday I'm trying to find out how to add security header to a SOAP message.

Yes, I read this ( Clueless about how to create SOAP <wsse:Security> header ) but it did not work.

I looked around and this seems to be a rather asked question. I wonder if I can get some help here, some pointers, some code, to get me started.

Community
  • 1
  • 1
Adriano Carneiro
  • 57,693
  • 12
  • 90
  • 123

2 Answers2

15

I actually managed to achieve that by using WSE. The funny thing is that the provider's Web Services would not work with WSE 3.0, but they did with WSE 2.0. Here are the steps

  • Get WSE 2.0
  • Add the Web Reference to the project
  • In the Web Reference proxy implementation:

Replace

public partial class UserWS : System.Web.Services.Protocols.SoapHttpClientProtocol

by 

public partial class UserWS : Microsoft.Web.Services2.WebServicesClientProtocol
  • Before calling the Web Service:

Set the authentication info

UsernameToken token = new UsernameToken("user", "pwd", PasswordOption.SendPlainText);
yourProxy.RequestSoapContext.Security.Tokens.Add(token);

And that's it! FYI, the provider is a Blackboard instance.

Adriano Carneiro
  • 57,693
  • 12
  • 90
  • 123
  • So isn't it possible to consume a Blackboard web services using WCF? – Anthony Serdyukov Nov 22 '11 at 05:01
  • @AdrianCarneiro - Sooper awesome ! – Gurucharan Balakuntla Maheshku Nov 26 '12 at 06:56
  • 1
    Everytime somebody updates the web regference, the reference gets wiped out (I need to wet it to microsoft.web.services2 again). is there anyway to stop that from happening or no? – n00b Jun 09 '14 at 19:38
  • @AdrianCarneiro which class is the web service proxy implementation? I do not have any class inheriting from SoapHttpClientProtocol – Laggel Nov 12 '15 at 15:51
  • 2
    WSE 2.0 can be added to your project via Nuget. https://www.nuget.org/packages/Microsoft.Web.Services2/ – Mark Dornian Jan 21 '18 at 22:12
  • @Laggel Are you sure that you used WSE to generate your code? If you used WCF then the signature of the client will look different and will include binding as a parameter, which can be used instead, as described at https://stackoverflow.com/questions/5836685/correct-way-communicate-wsse-usernametoken-for-soap-webservice. It was not immediately obvious to me in VS2020, how you generate code using WSE or WCF but, both are still possible. – B5A7 Apr 29 '21 at 03:29
4

Try this. No need to webreference and Web.Services2 implementation.

var client = "Your Service Client"; 
using (var scope = new OperationContextScope(client.InnerChannel))
{
    System.Xml.XmlDocument document = new XmlDocument();
    XmlElement element = document.CreateElement("wsse", "UsernameToken", 
       "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd");

    XmlElement newChild = null;
    newChild = document.CreateElement("wsse", "Username", 
       "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd");
    newChild.InnerText = "finance";
    element.AppendChild(newChild);

    newChild = document.CreateElement("wsse", "CorporationCode", 
       "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd");
    newChild.InnerText = "387";
    element.AppendChild(newChild);

    MessageHeader messageHeader = MessageHeader.CreateHeader("UsernameToken", 
       "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", 
        element, false);

// shouldn't MessageHeader be Security?
//  MessageHeader messageHeader = MessageHeader.CreateHeader("Security", ...

    OperationContext.Current.OutgoingMessageHeaders.Add(messageHeader);

    var result = client.GetCorporations(new CorporationType { pageNo = 1 });
}
SteveC
  • 15,808
  • 23
  • 102
  • 173
B.Tekkan
  • 570
  • 4
  • 7
  • 1
    Think this is missing the top level Security in the wsse portion – SteveC Oct 02 '19 at 15:02
  • I've used the solution mentioned here, which is basically doing the same thing but might be easier to follow. https://stackoverflow.com/a/8747583/1486973 – Plater May 27 '22 at 16:59