TKS

TKS

  • NA
  • 2
  • 2.1k

Consuming Java build SOAP services using Dotnet Console App

Feb 3 2015 11:44 PM
Hi, I want to consume a SOAP service developed in JAVA. I don't have any control on Service side. I have to just consume the SOAP service using my client Application which is in DotNet Console Application using C#. Here is the detail about the service:
1. The service has SSL configured.
2. End point looks like: https://xyz.com:443
3. I am able to connect the service using SOAP UI Tool by configuring the Tool with the certs given by Java developer.
4. Basically there are two certs used, one for "client authentication" purpose and the second cert is for "WS security" purpose.
5. When i add the WSDL to my client app as a service Reference, the generated App.config file looks as shown below:
<configuration>
system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="Hello_HTTPBinding">
</binding>
</basicHttpBinding>
</bindings>
<client>
<endpoint address="http://localhost:8080/" binding="basicHttpBinding"
bindingConfiguration="Hello_HTTPBinding"
contract="Proxy_Hello" name="Hello_HTTPPort" />
</client>
</system.serviceModel>
</configuration>
6. Basically I need to pass two certs, one cert used for "client authentication" purpose and the second cert is used for "WS security purpose".
7. I have changed the above client configuration as below marked in RED color text:
<configuration>
system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="Hello_HTTPBinding">
<security mode="TransportWithMessageCredential" >
<transport clientCredentialType="Certificate" proxyCredentialType="Basic" realm="" />
<message clientCredentialType="Certificate" algorithmSuite="Basic128" />
</security>
</binding>
</basicHttpBinding>
</bindings>
<client>
<endpoint address="https://xyz.com:443" binding="basicHttpBinding"
bindingConfiguration="Hello_HTTPBinding"
contract="Proxy_Hello" name="Hello_HTTPPort" behaviorConfiguration="NewBehavior" />
</client>
<behaviors>
<endpointBehaviors>
<behavior name="NewBehavior">
<clientCredentials >
<clientCertificate findValue="clientxyz.com" storeLocation="CurrentUser" storeName="My" x509FindType="FindBySubjectName" />
<serviceCertificate>
<defaultCertificate findValue="helloabc.com" storeLocation="CurrentUser" storeName="My" x509FindType="FindBySubjectName"/>
</serviceCertificate>
</clientCredentials>
</behavior>
</endpointBehaviors>
</behaviors>
</system.serviceModel>
</configuration>
8. The am assuming the cert used for WS security purpose will be passed with in <serviceCertificate> element, but not fully sure....
9. By creating proxy object of the service when I am trying to call the required method I am getting this Error: "Could not establish secure channel for SSL/TLS with authority "******xyz.com."
10. Its working perfect in SOAP UI Tool, generating the Raw XML as shown below in ORANGE color Text:
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:urn="urn:gw-headers-100" xmlns:urn1="urn:gw-util-100">
<soapenv:Header><wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsse:BinarySecurityToken EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" wsu:Id="X509-35309F239B754D9BA414230227616161">
aaaaaaaaaaaaaaaaabbbbbbbbbbbbbbbbbccccccccccccccccccccc********dddddddddddd*****eeeeeeeeee
</wsse:BinarySecurityToken>
<ds:Signature Id="SIG-2" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<ec:InclusiveNamespaces PrefixList="soapenv urn urn1" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:CanonicalizationMethod>
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<ds:Reference URI="#id-1">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<ec:InclusiveNamespaces PrefixList="urn urn1" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<ds:DigestValue>
abcabcabcabc******gggggg
</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>gggggg888******8sdsdsdss</ds:SignatureValue>
<ds:KeyInfo Id="KI-38488AAAA222">
<wsse:SecurityTokenReference wsu:Id="STR-ggggjj57557575">
<wsse:Reference URI="#X509-74747477" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"/>
</wsse:SecurityTokenReference>
</ds:KeyInfo>
</ds:Signature>
</wsse:Security>
</soapenv:Header>
<soapenv:Body wsu:Id="id-1" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<urn1:xxxxxxx>
</urn1:xxxxxx>
</soapenv:Body>
</soapenv:Envelope>
11. Using Dotnet Tracing I am able to see the Request XML generated from the console Application as shown below in BLUE color text: But getting the SSL error as: Could not establish secure channel for SSL/TLS with authority "******xyz.com.
<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/">
<s:Header>
<o:Security s:mustUnderstand="1" xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<u:Timestamp u:Id="_0" xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<u:Created>2015-02-04T04:19:29.825Z</u:Created>
<u:Expires>2015-02-04T04:24:29.825Z</u:Expires>
</u:Timestamp>
<o:BinarySecurityToken>
<!-- Removed-->
</o:BinarySecurityToken>
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
<SignedInfo>
<CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></CanonicalizationMethod>
<SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"></SignatureMethod>
<Reference URI="#_0">
<Transforms>
<Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></Transform>
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></DigestMethod>
<DigestValue>aaaaaa****dddddd=</DigestValue>
</Reference>
</SignedInfo>
<SignatureValue>ssssddddd888fffff****=</SignatureValue>
<KeyInfo>
<o:SecurityTokenReference>
<o:Reference ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" URI="#uuid-93e09c54-aee8-4f45-a8a4-d63d8a2d63fb-1"></o:Reference>
</o:SecurityTokenReference>
</KeyInfo>
</Signature>
</o:Security>
</s:Header>
</s:Envelope>
12. I want to Generate the Request XML from my Dotnet console Application simialar to the SOAP UI generated XML.. Also want to get rid of SSL error....Appreciate your Suggestion..