Re: WSE and SSL
- From: Dilip Krishnan <"dilip.krishnan AT apdiya DOT com">
- Date: Thu, 16 Jun 2005 09:38:18 -0500
Adding ssl support has nothing to do with web service implementation. All you need to do is get a valid certificate and change the settings in IIS to make the web application use ssl.
What is the error you are getting?
RG wrote:
Yes, the web service supports password hashing. The service works fine when the calling application requests using HTTP. But it does not when HTTPS is enabled.
Any suggestions on how to get it working? Are there any examples/sample codes that would implement like a Hello World service in HTTPS?
Thanks
"MAHESH MANDHARE" wrote:
hi RG,
you are calliing web service from client app using sendhashed option does your web service supports password hashing if not set this option to sendPlainText
--
Have A Good Day,
Mahesh,
Maheshmandhare@xxxxxxxxxxx
"RG" wrote:
I have created a Web Service (using WSE 2.0, SP3) that has a method ProcessRequest exposed. A client application calls the webservice using the following code.
======================================== Dim loWebService As New MyWebServiceWse
loWebService.Url = "http://www.testwebservice.com/MyTest/MyTest.asmx";
loWebService.AllowAutoRedirect = True System.Net.ServicePointManager.CertificatePolicy = New CertPolicy
Dim loContext As SoapContext = loWebService.RequestSoapContext loContext.Security.Timestamp.TtlInSeconds = -1
'Instantiate a new UsernameToken object.
Dim loUserNameToken As New UsernameToken(txtUserID.Text, txtPassword.Text, PasswordOption.SendHashed)
'Add the token to the SoapContext. loContext.Security.Tokens.Add(loUserNameToken)
'Generate a signature using the username token, 'and add the signature to the SoapContext.
loContext.Security.Elements.Add(New MessageSignature(loUserNameToken))
'Call the Web method. lsResponse = loWebService.ProcessRequest(rtbRequest.Text)
========================================
This code works fine when the URL is HTTP. But, on a HTTPS call, when the SSL is enabled to this site, It first gives me Security.SecurityFault exception (WSE563) - The computed password digest does not match the incoming username token. Then after that, for the subsequent requests, I get a Destination unreachable WSE816 error - The header must match the value of the incoming message's HTTP request.
How can I get this fixed? Is there anything different that I need to do in the WebService code and/or the Client application code to handle HTTPS request.
Thanks, R
-- HTH Regards, Dilip Krishnan MCAD, MCSD.net dilip.krishnan AT apdiya DOT com .
- References:
- WSE and SSL
- From: RG
- RE: WSE and SSL
- From: MAHESH MANDHARE
- RE: WSE and SSL
- From: RG
- WSE and SSL
- Prev by Date: Re: FailedCheck, SecurityFault, signature or decryption was invalid
- Next by Date: Re: WSE .net client and apache axis server
- Previous by thread: RE: WSE and SSL
- Next by thread: SOAPException not marked as serializable?
- Index(es):
Relevant Pages
|
