Re: Direct authentication with UserrNameToken over certificate

Tech Tip: Click here to run a free scan for Windows Errors and optimize PC performance

Hi YC,

You can find an article about this topic in my blog,

http://weblogs.asp.net/cibrax/archive/2006/02/21/438670.aspx

Regards,
Pablo Cibraro.

"YC" <YC@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:281A3717-49FB-4B8D-B4B1-0ED5B38B4999@xxxxxxxxxxxxxxxx
Hi,
thanks for your reply.
I don't exactly understand this process in full.
I'll look into it.

Thanks

Yoav

"Pablo Cibraro" wrote:

Hi YC,

That depends on the secureConversation setting.
If the secureConversation flag is turned on in your
UsernameForCertificate
assertion, it will work as you said,
the client is authenticated only the first time and then a session key is
used. (As long, you use the same proxy instance).
If you create a new proxy instance each time or secureConversation is
turned
off, then the user client will be authenticated for each message.

Does this anwser your question ?.

Regards,
Pablo Cibraro
http://weblogs.asp.net/cibrax


"YC" <YC@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:83156C3D-9999-4DCD-9F38-BBE64B606D94@xxxxxxxxxxxxxxxx
Hi,

After readfing the Web Security Guide, I tried to implement ditrect
authentication using a UsernameToken by implementing the
usernameForCertificateSecurity policy.
I have a web application client which communicates with a service. I
have
a
login page where the client need to provides it's credentials.

My question is - should I use the usernameForCertificateSecurity policy
all
over my web application when calling the service?
I want to maintain the authetication of the client who's calling the
service, and if I understood correctly, when using
usernameForCertificateSecurity, I authenticate the client using it's
credentials and after I authethenticate the client, a derieved key is
created
and each call to the service is authenticated using this derived key.

Thanks

Yoav





.

Relevant Pages

  • Re: Direct authentication with UserrNameToken over certificate
    ... "Pablo Cibraro" wrote: ... then the user client will be authenticated for each message. ... authentication using a UsernameToken by implementing the ... My question is - should I use the usernameForCertificateSecurity policy ...
    (microsoft.public.dotnet.framework.webservices.enhancements)
  • Re: Direct authentication with UserrNameToken over certificate
    ... If the secureConversation flag is turned on in your UsernameForCertificate ... then the user client will be authenticated for each message. ... authentication using a UsernameToken by implementing the ... My question is - should I use the usernameForCertificateSecurity policy ...
    (microsoft.public.dotnet.framework.webservices.enhancements)
  • Re: Windows Authentication, Single sign on and Active Directory
    ... service proxy client fails to connect due to authentication failure and then ... Co-author of "The .NET Developer's Guide to Directory Services Programming" ... The server is always in the domain. ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: BASIC authentication Issues with IE - Part II - Solved but WHY?
    ... it does not know the difference between a request from IE or from ... some other HTTP client. ... Some other authentication schemes are more ... IIS can sometimes remember the token for a particular set of credentials so ...
    (microsoft.public.inetserver.iis.security)
  • Re: Sporadic IAS Authentication problems
    ... * Some times however, a physical reboot of the client laptop is required, ... *The remote access policy in IAS is set to grant access to the group 'Domain ... Proxy-Policy-Name = Use Windows authentication for all users ...
    (microsoft.public.internet.radius)