How do I add an EncodingType attribute to the Nonce element of a UsernameToken in WSE 3.0 (.NET)

Question

I'm trying to call a Java Web Service from an MVC3 .NET web app using WSE 3.0.

However, the web service requires an "EncodingType" attribute on the Nonce element of the UsernameToken. Following is a sample SOAP envelope that works correctly with this Java web service:

<soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope" xmlns:v1="http://schema.mydomain.org/sms/v1_0">
   <soap:Header>
     <wsse:Security soap:mustUnderstand="true" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
       <wsse:UsernameToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
         <wsse:Username>myUsername</wsse:Username>
         <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">myPassword</wsse:Password>
         <wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">XQkp6oYc3DRv41cxkSTW8w==</wsse:Nonce>
         <wsu:Created>2011-09-13T20:50:08.355Z</wsu:Created>
       </wsse:UsernameToken>  
    </wsse:Security>
  </soap:Header>
   <soap:Body>
      <v1:ping/>
   </soap:Body>
</soap:Envelope>

Following is the SOAP envelope generated from the proxy that VS2010 produced (captured in Fiddler):

<soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
  <env:Header xmlns:env="http://www.w3.org/2003/05/soap-envelope">
    <wsse:Security env:mustUnderstand="true">
      <wsse:UsernameToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="SecurityToken-111f922b-72c1-4057-bce4-f6555552ce6a">
        <wsse:Username>myUsername</wsse:Username>
        <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">myPassword</wsse:Password>
        <wsse:Nonce>qYse3Lor9sAJ9pKPefgkKQ==</wsse:Nonce>
        <wsu:Created>2011-09-13T20:50:38Z</wsu:Created>
      </wsse:UsernameToken>
    </wsse:Security>
  </env:Header>
  <soap:Body>
      <v1:ping/>
  </soap:Body>
</soap:Envelope>

If this attribute is missing, this web service returns, "An invalid security token was provided (An error happened processing a Username Token)"

How do I add an EncodingType attribute?

Answer 1

I have found that setting "isBSPCompliant" as a jaxws property on my endpoint to "false" resolves EncodingType issues. Was this the solution you found as well?

Answer 2

I found an acceptable solution...

The EncodingType flag is according to the WSSE Username and Token Security Spec 1.1, which is the spec required by the version of the Apache CXF framework that this Java Web Service is using. .NET does not meet that spec. Luckily there was a flag in CXF to turn off the requirement. We did that and are now able to communicate.