如何从客户端记录完整的原始 WCF 客户端请求?
How to log full raw WCF client request from client side?
我有一个采用 TransportWithMessageCredential 安全模式的 WCF 客户端。当尝试使用 BeforeSendRequest
记录请求时
public object BeforeSendRequest(ref Message request, IClientChannel channel)
{
System.IO.StreamWriter file = new System.IO.StreamWriter("c:\tmp\request_log.xml");
file.WriteLine(request.ToString());
file.Close();
return null;
}
没有安全标签的结果
<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/">
<s:Header>
<Action s:mustUnderstand="1" xmlns="http://schemas.microsoft.com/ws/2005/05/addressing/none">https://(skiped)</Action>
</s:Header>
<s:Body>
...
</s:Body>
</s:Envelope>
如何在客户端记录完整的原始请求?一定是这样
<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<s:Header>
<o:Security s:mustUnderstand="1" xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<u:Timestamp u:Id="_0">
<u:Created>...</u:Created>
<u:Expires>..</u:Expires>
</u:Timestamp>
<o:BinarySecurityToken>
<!-- Removed-->
</o:BinarySecurityToken>
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
<SignedInfo>
...
</SignedInfo>
<SignatureValue>...</SignatureValue>
<KeyInfo>
<o:SecurityTokenReference>
...
</o:SecurityTokenReference>
</KeyInfo>
</Signature>
</o:Security>
<Action s:mustUnderstand="1" xmlns="http://schemas.microsoft.com/ws/2005/05/addressing/none">skiped</Action>
</s:Header>
<s:Body>
...
</s:Body>
</s:Envelope>
更新。绑定的安全选项
<security mode="TransportWithMessageCredential">
<transport clientCredentialType="None" proxyCredentialType="None"
realm="" />
<message clientCredentialType="Certificate" algorithmSuite="Basic256" />
</security>
This 可能有帮助:
public object BeforeSendRequest(ref Message request, IClientChannel channel)
{
MessageBuffer buffer = request.CreateBufferedCopy(Int32.MaxValue);
request = buffer.CreateMessage();
Log("Request:" + Environment.NewLine + buffer.CreateMessage());
return null;
}
我没有找到如何在 C# 中执行此操作,但已使用捕获原始请求
Charles SSL proxying
请求包含所有安全标签。
对我帮助很大的文章Tracing-WCF-Messages
您还可以使用免费的 Fiddler。
如果您的端点是 https,请务必使用此
绕过证书验证
ServicePointManager.ServerCertificateValidationCallback = delegate {return true;};
因为 Fiddler 使用自己的证书,该证书对您的连接无效。
我有一个采用 TransportWithMessageCredential 安全模式的 WCF 客户端。当尝试使用 BeforeSendRequest
记录请求时 public object BeforeSendRequest(ref Message request, IClientChannel channel)
{
System.IO.StreamWriter file = new System.IO.StreamWriter("c:\tmp\request_log.xml");
file.WriteLine(request.ToString());
file.Close();
return null;
}
没有安全标签的结果
<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/">
<s:Header>
<Action s:mustUnderstand="1" xmlns="http://schemas.microsoft.com/ws/2005/05/addressing/none">https://(skiped)</Action>
</s:Header>
<s:Body>
...
</s:Body>
</s:Envelope>
如何在客户端记录完整的原始请求?一定是这样
<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<s:Header>
<o:Security s:mustUnderstand="1" xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<u:Timestamp u:Id="_0">
<u:Created>...</u:Created>
<u:Expires>..</u:Expires>
</u:Timestamp>
<o:BinarySecurityToken>
<!-- Removed-->
</o:BinarySecurityToken>
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
<SignedInfo>
...
</SignedInfo>
<SignatureValue>...</SignatureValue>
<KeyInfo>
<o:SecurityTokenReference>
...
</o:SecurityTokenReference>
</KeyInfo>
</Signature>
</o:Security>
<Action s:mustUnderstand="1" xmlns="http://schemas.microsoft.com/ws/2005/05/addressing/none">skiped</Action>
</s:Header>
<s:Body>
...
</s:Body>
</s:Envelope>
更新。绑定的安全选项
<security mode="TransportWithMessageCredential">
<transport clientCredentialType="None" proxyCredentialType="None"
realm="" />
<message clientCredentialType="Certificate" algorithmSuite="Basic256" />
</security>
This 可能有帮助:
public object BeforeSendRequest(ref Message request, IClientChannel channel)
{
MessageBuffer buffer = request.CreateBufferedCopy(Int32.MaxValue);
request = buffer.CreateMessage();
Log("Request:" + Environment.NewLine + buffer.CreateMessage());
return null;
}
我没有找到如何在 C# 中执行此操作,但已使用捕获原始请求 Charles SSL proxying
请求包含所有安全标签。
对我帮助很大的文章Tracing-WCF-Messages
您还可以使用免费的 Fiddler。 如果您的端点是 https,请务必使用此
绕过证书验证ServicePointManager.ServerCertificateValidationCallback = delegate {return true;};
因为 Fiddler 使用自己的证书,该证书对您的连接无效。