Re: soap:Body not encrypted - wse 3.0
- From: Fosco Gamgee <fosco.gamgee@xxxxxxxxx>
- Date: Thu, 12 Jan 2006 14:30:08 +0100
Hi, Pablo
Yes, I have - see attachment in first post.
This is my policy file:
<policies xmlns="http://schemas.microsoft.com/wse/2005/06/policy";>
<extensions>
<extension name="usernameForCertificateSecurity" type="Microsoft.Web.Services3.Design.UsernameForCertificateAssertion, Microsoft.Web.Services3, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
<extension name="x509" type="Microsoft.Web.Services3.Design.X509TokenProvider, Microsoft.Web.Services3, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
<extension name="requireActionHeader" type="Microsoft.Web.Services3.Design.RequireActionHeaderAssertion, Microsoft.Web.Services3, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
</extensions>
<policy name="MyServerPolicy">
<usernameForCertificateSecurity establishSecurityContext="false" renewExpiredSecurityContext="true" requireSignatureConfirmation="false" messageProtectionOrder="SignBeforeEncrypt" requireDerivedKeys="true" ttlInSeconds="300">
<serviceToken>
<x509 storeLocation="LocalMachine" storeName="My" findValue="CN=WSE2QuickStartServer" findType="FindBySubjectDistinguishedName" />
</serviceToken>
<protection>
<request signatureOptions="IncludeAddressing, IncludeTimestamp, IncludeSoapBody" encryptBody="true" />
<response signatureOptions="IncludeAddressing, IncludeTimestamp, IncludeSoapBody" encryptBody="true" />
<fault signatureOptions="IncludeAddressing, IncludeTimestamp, IncludeSoapBody" encryptBody="false" />
</protection>
</usernameForCertificateSecurity>
<requireActionHeader />
</policy>
</policies>
Regards,
Lars
Hi Lars, Have you turned on the attribute "encryptBody" in the policy file ?. For example,
<policy name="usernameTokenSecurity">
<usernameForCertificateSecurity establishSecurityContext="true" renewExpiredSecurityContext="false" requireSignatureConfirmation="false" messageProtectionOrder="SignBeforeEncryptAndEncryptSignature" requireDerivedKeys="true" ttlInSeconds="60">
<serviceToken>
<x509 storeLocation="LocalMachine" storeName="My" findValue="CN=WSE2QuickStartServer" findType="FindBySubjectDistinguishedName" />
</serviceToken>
<protection>
<request signatureOptions="IncludeAddressing, IncludeTimestamp, IncludeSoapBody" encryptBody="true" />
<response signatureOptions="IncludeAddressing, IncludeTimestamp, IncludeSoapBody" encryptBody="true" />
<fault signatureOptions="IncludeAddressing, IncludeTimestamp, IncludeSoapBody" encryptBody="false" />
</protection>
</usernameForCertificateSecurity>
<requireActionHeader />
</policy>
It should not have anything to do with the warning. If the policy file has errors, WSE will throw a configuration error and that is not your problem in this case.
Regards, Pablo Cibraro http://weblogs.asp.net/cibrax http://www.lagash.com
"Fosco Gamgee" <fosco.gamgee@xxxxxxxxx> wrote in message news:OzCyspqFGHA.1424@xxxxxxxxxxxxxxxxxxxxxxx
I really need some help with this problem. Someone with an idea?
Lars
Hi,
I've been implementing the Hands-on Labs for WSE 3.0, it works partly fine but I have a problem encrypting the messages sent from client to server and vise versa. My application returns no errors but when I look at the trace-files I can see that the data in the <soap:body> element does not get encypted, when username and password do.
I wonder if this can have anything to do with the warning I get in my 'wse3policyCache.config' file (see attachment) on both client and server.
This is what the warning says:
The 'signatureOptions' attribute is invalid - The value 'IncludeAddressing, IncludeTimestamp, IncludeSoapBody' is invalid according to its datatype
'http://schemas.microsoft.com/wse/2005/06/policy:SignatureOptionsType' - The Enumeration constraint failed. D:\DotNet2005\WorkingDirectory\WebSites\ChartDataSource\wse3policyCache.config 13 36 http://localhost/ChartDataSource/
I can't figure this out, can you please help me?
Regards,
Lars
------------------------------------------------------------------------
.
- Follow-Ups:
- Re: soap:Body not encrypted - wse 3.0
- From: Fosco Gamgee
- Re: soap:Body not encrypted - wse 3.0
- References:
- soap:Body not encrypted - wse 3.0
- From: Fosco Gamgee
- Re: soap:Body not encrypted - wse 3.0
- From: Fosco Gamgee
- Re: soap:Body not encrypted - wse 3.0
- From: Pablo Cibraro
- soap:Body not encrypted - wse 3.0
- Prev by Date: Re: WSE2 to WSE3, what to do with the pipeline ?
- Next by Date: Re: WSE2 to WSE3, what to do with the pipeline ?
- Previous by thread: Re: soap:Body not encrypted - wse 3.0
- Next by thread: Re: soap:Body not encrypted - wse 3.0
- Index(es):
Relevant Pages
|
