I need to call some 3rd Web services that require WS-Security. I created a WCF endpoint with the following configuration:
<system.serviceModel>
<bindings>
<wsHttpBinding>
<binding name="TestBinding">
<security mode="TransportWithMessageCredential">
<message clientCredentialType="Certificate" />
</security>
</binding>
</wsHttpBinding>
</bindings>
<behaviors>
<endpointBehaviors>
<behavior name="TestBehavior">
<callbackDebug includeExceptionDetailInFaults="true" />
<clientCredentials>
<clientCertificate findValue="Acme" storeLocation="CurrentUser" storeName="My" x509FindType="FindBySubjectName" />
<serviceCertificate>
<authentication certificateValidationMode="PeerOrChainTrust" />
</serviceCertificate>
</clientCredentials>
</behavior>
</endpointBehaviors>
</behaviors>
<client>
<endpoint address="https://acme.com/webservices" binding="wsHttpBinding" bindingConfiguration="TestBinding" behaviorConfiguration="TestBehavior" contract="AcmeContract" name="AcmeEndpoint"></endpoint>
</client>
</system.serviceModel>
The problem is that the 3rd party servers a throwing the following exception:
Received protocol '_http://schemas.xmlsoap.org/wsdl/soap12/', required protocol '_http://schemas.xmlsoap.org/wsdl/soap/'.
I understand that using the wsHttpBinding will cause WCF to send a SOAP 1.2 request while using the basicHttpBinding will result in a SOAP 1.1 request. Since the WS-Security parts are required, as I understand it, I have to use the wsHttpBinding. My question is how do I force a SOAP 1.1 request? What are my options?
In order to use WS-Addressing (wsHttpBinding
), but with SOAP 1.1 (SOAP 1.2 being the default), you need to define a custom WCF binding (e.g. in config) and use that:
<bindings>
<customBinding>
<binding name="WsHttpSoap11" >
<textMessageEncoding messageVersion="Soap11WSAddressing10" />
<httpTransport/>
</binding>
</customBinding>
</bindings>
and then in your endpoint definition, use:
<endpoint name="WsSoap11"
address="....."
binding="customBinding"
bindingConfiguration="wsHttpSoap11"
contract="....." />
Of course, you can extend the custom binding defined above with additional properties, e.g. <reliableMessaging>
or others.
For more very detailed, very useful info on WCF bindings and how to "compose" your own custom bindings in config, read this excellent MSDN article Service Station: WCF Bindings In Depth by Aaron Skonnard.
You must either use BasicHttpBinding
which also supports TransportWithMessageCredentials
(SOAP 1.1 + HTTPS + WS-Security X.509 Certificate Token profile) or create custom binding based on all your needs.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With