0

I'm trying to build a client in Visual Studio 2019 that will consume a SOAP Service that is protected using an id/pass and cert.

I created a SoapUI project by importing the WSDL and then configured the ws-security settings on the project to have an outgoing signature and imported the keystore that has the cert I want to use. Finally, I set the auth on the request to use Basic, set the id/pass and selected my outgoing signature in the Outgoing WSS drop down. After doing all of this I can call the service perfectly using Soap UI.

In Visual Studio I created a new console project, added a connected service reference using the same WSDL and now I'm trying to write the code. I tried setting the credentials by doing

System.ServiceModel.BasicHttpsBinding myBinding = new System.ServiceModel.BasicHttpsBinding();
System.ServiceModel.EndpointAddress myAddress = new System.ServiceModel.EndpointAddress("url");
ServiceReference1.CaseTypeClient myClient = new ServiceReference1.CaseTypeClient(myBinding, myAddress);
myClient.ClientCredentials.UserName.UserName = "ID";
myClient.ClientCredentials.UserName.Password = "Pass";
System.Security.Cryptography.X509Certificates.X509Certificate2 myCert = new System.Security.Cryptography.X509Certificates.X509Certificate2("CertFileName", "CertPass");
myClient.ClientCredentials.ClientCertificate.Certificate = myCert;

However, when I invoke the method I get a soapfault back from the service saying "XmlException: Unbound prefix used in qualified name 'wsse:FailedAuthentication'".

What is the correct way to do what I'm trying to accomplish?

user263097
  • 294
  • 1
  • 4
  • 15

1 Answers1

0

If you are calling a service based on a client proxy, you can provide the corresponding credentials based on the automatically generated binding configuration and authentication mode in the configuration file.
I would like to know what is the authentication mode. why do we need to provide an id/pass credential after we have set up the certificate? Is there a web proxy during the communication?
Besides, in order to ensure that the certificate can be accessed by the WCF service, we usually install the client certificate in the local certificate store and add the private key management group of the Everyone account certificate, and then provide the certificate with the following statement.

    ServiceReference1.Service1Client client = new ServiceReference1.Service1Client();
                client.ClientCredentials.Windows.ClientCredential.UserName = "administrator";
                client.ClientCredentials.Windows.ClientCredential.Password = "123456";
client.ClientCredentials.ClientCertificate.SetCertificate(StoreLocation.LocalMachine, StoreName.My, X509FindType.FindByThumbprint, "9b8db0dfe615458ace0ae9e89fcb983c5d16f633");

If the project is based on Basic authentication, we only need to set the http header, using the Base64 encoded username and password.

Authorization: Basic YWRtaW5pc3RyYXRvcjphYmNkMTIzNCE=

Feel free to let me know if there is anything I can help with

Abraham Qian
  • 7,117
  • 1
  • 8
  • 22
  • Thanks for the reply. There is no web proxy and the cert is used to add a signature in the soap security header. I actually got it to do this yesterday however, I'm getting a Number of Targets in the message dont match number of Targets in receiver requirements exception now. Any idea what this could mean? – user263097 Oct 30 '19 at 11:08