WCF - Soap header is referencing the namespace, in the security element, twice

1
votes

this is a bit of a tedious question.. I have built a WCF to use WS-Security, which looks like this in my log:

<h:Security xmlns:h="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" 
              xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
  <UsernameToken>
    <Username>
      <!-- Removed-->
    </Username>
    <Password>
      <!-- Removed-->
    </Password>
  </UsernameToken>
</h:Security>

The question is, why do I get the same namespace being referenced twice ("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd")? I know it doesn't really matter if the same namespace is being referenced twice, as long as the elements are referencing the right namespace, but I do wonder why it's doing this.

My code:

[System.Diagnostics.DebuggerStepThroughAttribute()]
[System.CodeDom.Compiler.GeneratedCodeAttribute("System.ServiceModel", "3.0.0.0")]
[System.ServiceModel.MessageContractAttribute(IsWrapped = false)]
public partial class InventoryCountRequest
{

  [System.ServiceModel.MessageHeaderAttribute(Namespace = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd")]
  public Security Security;

  //Other MessageHeader and MessageBody attributes
}

[System.CodeDom.Compiler.GeneratedCodeAttribute("svcutil", "3.0.4506.2152")]
[System.SerializableAttribute()]
[System.Diagnostics.DebuggerStepThroughAttribute()]
[System.ComponentModel.DesignerCategoryAttribute("code")]
[System.Xml.Serialization.XmlTypeAttribute(Namespace = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd")]
public partial class Security
{
  private UsernameToken usernameTokenField;

    [System.Xml.Serialization.XmlElementAttribute(Order = 0)]
    public UsernameToken UsernameToken
    {
       get{return this.usernameTokenField;}
       set{this.usernameTokenField = value;}
    }
}

[System.CodeDom.Compiler.GeneratedCodeAttribute("svcutil", "3.0.4506.2152")]
[System.SerializableAttribute()]
[System.Diagnostics.DebuggerStepThroughAttribute()]
[System.ComponentModel.DesignerCategoryAttribute("code")]
[System.Xml.Serialization.XmlTypeAttribute(Namespace = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd")]
public partial class UsernameToken
{
  private string usernameField;
  private Password passwordField;

  [System.Xml.Serialization.XmlElementAttribute(Order = 0)]
  public string Username
  {
    get{return this.usernameField;}
    set{this.usernameField = value;}
  }

  [System.Xml.Serialization.XmlElementAttribute(Order = 1)]
  public Password Password
  {
    get{return this.passwordField;}
    set{this.passwordField = value;}
  }
}

[System.CodeDom.Compiler.GeneratedCodeAttribute("svcutil", "3.0.4506.2152")]
[System.SerializableAttribute()]
[System.Diagnostics.DebuggerStepThroughAttribute()]
[System.ComponentModel.DesignerCategoryAttribute("code")]
[System.Xml.Serialization.XmlTypeAttribute(Namespace = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd")]
public partial class Password
{
  private string typeField;
  private string valueField;

  [System.Xml.Serialization.XmlAttributeAttribute()]
  public string Type
  {
    get{return this.typeField;}
    set{this.typeField = value;}
  }

  [System.Xml.Serialization.XmlTextAttribute()]
  public string Value
  {
    get{return this.valueField;}
    set{this.valueField = value;}
  }
}

Many thanks for reading

1
c#wcfsoapws-securitysoapheader
I am recently using a wcf program and consuming a webservice but in my application i am creating a customclass and where I am adding the tokennamespace .Antony
may be this will help you . weblog.west-wind.com/posts/2012/Nov/24/…Antony

1 Answers

0
votes

Maybe this is not how the message looks like on the network. Possibly the WCF log viewer adds it (you can see it did some manipulation since it removed the password). Use Fiddler to see how the real message looks like.

Then you are manually (via data contract) adding the security header. In general WCF can be configured to do it by configuration of the binding. So maybe WCF identifies a security header and always attaches some namespace to it.

I wouldn't worry about that.