I have a WSE 3.0 client app in Visual Studio 2005 that DOES work with this
web service. Here is the WORKING SOAP request:
<?xml version="1.0" encoding="utf-8"?>
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<soap:Header>
<wsa:Action>https://www.vis-dhs.com/EmployerWebService/EmpGetCitizenshipStatusCodes</wsa:Action>
<wsa:MessageID>urn:uuid:32355d4f-f5f8-42f8-aede-8b625c28de19</wsa:MessageID>
<wsa:ReplyTo>
<wsa:Address>http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous</wsa:Address>
</wsa:ReplyTo>
<wsa:To>https://stage.e-verify.uscis.gov/WebService/EmployerWebServiceV19.asmx</wsa:To>
<wsse:Security soap:mustUnderstand="1">
<wsu:Timestamp
wsu:Id="Timestamp-6cf8ea3f-6800-43d3-ba31-d886ca8d3aed">
<wsu:Created>2009-11-04T01:37:06Z</wsu:Created>
<wsu:Expires>2009-11-04T01:42:06Z</wsu:Expires>
</wsu:Timestamp>
<wsse:UsernameToken
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="SecurityToken-dc1cc4ef-4f7f-4585-891f-c427d397f636">
<wsse:Username>==removed==</wsse:Username>
<wsse:Password
Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">==removed==</wsse:Password>
<wsse:Nonce>o5I3WVd1Rmcap7Q5JIEw9w==</wsse:Nonce>
<wsu:Created>2009-11-04T01:37:06Z</wsu:Created>
</wsse:UsernameToken>
</wsse:Security>
</soap:Header>
<soap:Body>
<EmpGetCitizenshipStatusCodes
xmlns="https://www.vis-dhs.com/EmployerWebService/" />
</soap:Body>
</soap:Envelope>
I need to get this working in WCF and Visual Studio 2008. For my WCF client
I am using a custom binding as follows:
<customBinding>
<binding name="CustomSoap11">
<security authenticationMode="UserNameOverTransport"
requireDerivedKeys="true"
securityHeaderLayout="Strict" includeTimestamp="true"
keyEntropyMode="ClientEntropy"
messageSecurityVersion="WSSecurity10WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10"
requireSignatureConfirmation="false" >
<localClientSettings detectReplays="true"/>
<localServiceSettings detectReplays="true"/>
</security>
<textMessageEncoding messageVersion="Soap11WSAddressing10" />
<httpsTransport />
</binding>
</customBinding>
This configuration generates the following XML:
<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:a="http://www.w3.org/2005/08/addressing"
xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<s:Header>
<a:Action
s:mustUnderstand="1">https://www.vis-dhs.com/EmployerWebService/EmpGetCitizenshipStatusCodes</a:Action>
<a:MessageID>urn:uuid:3bb7cca8-9eea-4efe-b03f-2fc6e60c8718</a:MessageID>
<a:ReplyTo>
<a:Address>http://www.w3.org/2005/08/addressing/anonymous</a:Address>
</a:ReplyTo>
<a:To
s:mustUnderstand="1">https://stage.e-verify.uscis.gov/WebService/EmployerWebServiceV19.asmx</a:To>
<o:Security s:mustUnderstand="1"
xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<u:Timestamp u:Id="_0">
<u:Created>2009-11-04T03:42:57.879Z</u:Created>
<u:Expires>2009-11-04T03:47:57.879Z</u:Expires>
</u:Timestamp>
<o:UsernameToken
u:Id="uuid-20e6ef2e-be67-4fb7-9ae9-f9ac19a3b0c5-1">
<o:Username>==removed==</o:Username>
<o:Password
o:Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">==removed==</o:Password>
</o:UsernameToken>
</o:Security>
</s:Header>
<s:Body>
<EmpGetCitizenshipStatusCodes
xmlns="https://www.vis-dhs.com/EmployerWebService/"
xmlns:b="http://schemas.datacontract.org/2004/07/WCFTest.EvServiceRef"
xmlns:i="http://www.w3.org/2001/XMLSchema-instance"/>
</s:Body>
</s:Envelope>
This XML is fine except for the missing Nonce and Created lines. The web
service returns the error "WSE567: The incoming Username token must contain
both a nonce and a creation time for the replay detection feature."
Can someone clue me in on how to generate a SOAP header in the required
format using WCF?
Thanks.
Jo-Anne V
I am having the same issue. Were you ever able to get a resolution to this
issue?
Thanks,
Steve
thanks
marc