Java JAX-WS Service with WCF Client_问答_开发者

开发者 https://www.devze.com 2023-01-24 05:58 出处：网络

Is it possible to create a WebService using JAX-WS, that whould then be consumed by a WCF client using such a binding?

<bindings>
        <basicHttpBinding>
            <binding name="CaseObjectServicePortBinding" >
                <readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
                    maxBytesPerRead="4096" maxNameTableCharCount="16384" />
                <security mode="TransportWithMessageCredential">
                    <transport clientCredentialType="Certificate"/>
                    <message clientCredentialType="Certificate" />
                </security>
            </binding>

        </basicHttpBinding>
    </bindings>

I created such a service without WSIT for now, just a plain service and wanted to just ignore the "Security" header in incoming SOAP message. But it fails with:

"Could not establish secure channel for SSL/TLS with authority 'xxxxxxxxxx'."

If I change:

<security mode="TransportWithMessageCredential">
                    <transport clientCredentialType="Certificate"/>
                    <message clientCredentialType="Certificate" />
                </security>

to:

<security mode="Transport">
                    <transport clientCredentialType="Certificate"/>
                开发者_高级运维    <message clientCredentialType="Certificate" />
                </security>

everything works flawlessly. Any ideas what am I doing wrong?

The answer is yes. You can use BasicHttpBinding or WsHttpBinding

The error was occurred because when you use TransportWithMessageCredential, the WCF client will impose additional security to your message sent through the wire, which is interoperable only to WCF service.

Once you changed it to Transport, only transport security( SSL using certificate) is applied , so that why both client and service can understand how to communicate with each other.

Cheers.

When defining security as TransportWithMessageCredential you say: I want a service which will communicate over secured transport channel (HTTPS) and I want to pass client credentials in SOAP header.

If you define Certificate credential type in message element you say: The SOAP header will transport client credentials as x.509 Certificate token profile. It is interoperable format which requires WS-Security on the service.

If you define Certifiate credential type in transport element you say: I want mutual SSL authentication. I'm actually not sure if this is used if you define TransportWithMessageCredential

This happened on the step of initiating the request; the TLS exception pops out to you because the certificate set on the client is not trusted. Use a certificate with the common destination name, if you are using the service on public use the domain name else use the destination IP address as a common name and it will work just fine .

PS: Use the 'basichttps' binding in case you want to proceed with the https content type 'text/xml' soap 11 the the default from jaxws