Web service: Remove WS-Addressing/WS-Security sections from WSE 3.0 Client request
While invoking web service request using WSE 3.0 client, I was getting null reference exception errors. On investigating code I found bunch of WS-Addressing and WS-Security headers added to my request. The .NET WSE 3.0 package seems to be adding them by default. Is there any way to get rid of these?
The solution I found takes 3 steps:
1.) Create custom ClientOutputFilter
2.) Create a custom Assertion that uses filter from step 1
3.) Bind service to custom Assertion
Step 1: Custom Filter(Called by Custom Assertion)
Class ClientOutputFilter
Inherits SendSecurityFilter
Private parentAssertion As UsernameClientAssertion
Private filterContext As FilterCreationContext
Public Sub New(ByVal parentAssertion As UsernameClientAssertion, ByVal
filterContext As FilterCreationContext)
MyBase.New(parentAssertion.ServiceActor, False,
parentAssertion.ClientActor)
Me.parentAssertion = parentAssertion
Me.filterContext = filterContext
End Sub
Public Overrides Function ProcessMessage(ByVal envelope As
Microsoft.Web.Services3.SoapEnvelope) As
Microsoft.Web.Services3.SoapFilterResult
Dim securityElement As XmlElement = envelope.CreateElement("wsse",
"Security", "http://schemas.xmlsoap.org/ws/2002/07/secext")
Dim mustUnderstandAttribute As XmlAttribute =
envelope.CreateAttribute(envelope.DocumentElement. Prefix, "mustUnderstand",
envelope.DocumentElement.NamespaceURI)
Dim userToken As New UsernameToken(parentAssertion.username,
parentAssertion.password, PasswordOption.SendPlainText)
mustUnderstandAttribute.Value = "true"
securityElement.AppendChild(userToken.GetXml(envel ope))
envelope.CreateHeader.AppendChild(securityElement)
Return SoapFilterResult.Continue
End Function
End Class
Step 2: Custom Assertion
Public Class UsernameClientAssertion
Inherits SecurityPolicyAssertion
Public username As String
Public password As String
Public Sub New(ByVal username As String, ByVal password As String)
Me.username = username
Me.password = password
End Sub
Public Overloads Overrides Function CreateClientOutputFilter(ByVal context
As FilterCreationContext) As SoapFilter
Return New ClientOutputFilter(Me, context)
End Function
Public Overrides Function CreateClientInputFilter(ByVal context As
FilterCreationContext) As SoapFilter
' we don't provide ClientInputFilter
Return Nothing
End Function
Public Overrides Function CreateServiceInputFilter(ByVal context As
FilterCreationContext) As SoapFilter
' we don't provide any processing for web service side
Return Nothing
End Function
Public Overrides Function CreateServiceOutputFilter(ByVal context As
FilterCreationContext) As SoapFilter
' we don't provide any processing for web service side
Return Nothing
End Function
End Class
Step 3: Bind proxy to custom assertion
Private WS As New Service.ServicenameWSE
Private token As UsernameToken = New UsernameToken(USERNAME, PASSWORD,
PasswordOption.SendPlainText)
ProvideUsernameToken.Assertions.Add(New UsernameClientAssertion(USERNAME,
PASSWORD))
WS.SetClientCredential(token)
WS.SetPolicy(ProvideUsernameToken)
Good luck, if anyone has a better way to do this I'm all ears.
0 Response to "Web service: Remove WS-Addressing/WS-Security sections from WSE 3.0 Client request"
Post a Comment