How to add security header to a SOAP message?
I actually managed to achieve that by using WSE. The funny thing is that the provider's Web Services would not work with WSE 3.0, but they did with WSE 2.0. Here are the steps
- Get WSE 2.0
- Add the Web Reference to the project
- In the Web Reference proxy implementation:
Replace
public partial class UserWS : System.Web.Services.Protocols.SoapHttpClientProtocol
by
public partial class UserWS : Microsoft.Web.Services2.WebServicesClientProtocol
- Before calling the Web Service:
Set the authentication info
UsernameToken token = new UsernameToken("user", "pwd", PasswordOption.SendPlainText);
yourProxy.RequestSoapContext.Security.Tokens.Add(token);
And that's it! FYI, the provider is a Blackboard instance.
Try this. No need to webreference and Web.Services2 implementation.
var client = "Your Service Client";
using (var scope = new OperationContextScope(client.InnerChannel))
{
System.Xml.XmlDocument document = new XmlDocument();
XmlElement element = document.CreateElement("wsse", "UsernameToken",
"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd");
XmlElement newChild = null;
newChild = document.CreateElement("wsse", "Username",
"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd");
newChild.InnerText = "finance";
element.AppendChild(newChild);
newChild = document.CreateElement("wsse", "CorporationCode",
"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd");
newChild.InnerText = "387";
element.AppendChild(newChild);
MessageHeader messageHeader = MessageHeader.CreateHeader("UsernameToken",
"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd",
element, false);
// shouldn't MessageHeader be Security?
// MessageHeader messageHeader = MessageHeader.CreateHeader("Security", ...
OperationContext.Current.OutgoingMessageHeaders.Add(messageHeader);
var result = client.GetCorporations(new CorporationType { pageNo = 1 });
}