我正在尝试修改安全标头的默认过期时间,即 5 分钟到 1 分钟。
服务器的安全策略之一是时间戳(请求的日期),生存时间为一分钟。
任何想法?
我尝试创建自定义绑定但没有成功。
<s:Envelope xmlns:u=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd\" xmlns:s=\"http://schemas.xmlsoap.org/soap/envelope/\">
<s:Header>
<o:Security s:mustUnderstand=\"1\" xmlns:o=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd\">
<u:Timestamp u:Id=\"uuid-6f772493-4b86-4695-b415-316a916119ec-2\">
<u:Created>2019-05-23T12:14:26.920Z</u:Created>
**<u:Expires>2019-05-23T12:19:26.920Z</u:Expires>**
</u:Timestamp>
这就是我们需要的:
<s:Envelope xmlns:u=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd\" xmlns:s=\"http://schemas.xmlsoap.org/soap/envelope/\">
<s:Header>
<o:Security s:mustUnderstand=\"1\" xmlns:o=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd\">
<u:Timestamp u:Id=\"uuid-6f772493-4b86-4695-b415-316a916119ec-2\">
<u:Created>2019-05-23T12:14:26.920Z</u:Created>
**<u:Expires>2019-05-23T12:15:26.920Z</u:Expires>**
</u:Timestamp>
解决方案是创建自定义绑定:
protected override SecurityBindingElement CreateMessageSecurity()
{
SecurityBindingElement security;
security.EnableUnsecuredResponse = true;
security.IncludeTimestamp = true;
security.LocalClientSettings.TimestampValidityDuration = TimeSpan.FromMinutes(1);
security.SecurityHeaderLayout = SecurityHeaderLayout.Lax;
security.DefaultAlgorithmSuite = SecurityAlgorithmSuite.Basic256;
return security;
}
本文内容由网友自发贡献,版权归原作者所有,本站不承担相应法律责任。如您发现有涉嫌抄袭侵权的内容,请联系:hwhale#tublm.com(使用前将#替换为@)