Re: secure a WS called via GPRS
- From: "Pablo Cibraro [MVP]" <pcibraro@xxxxxxxxxxx>
- Date: Fri, 11 Aug 2006 10:42:00 -0400
Hi Trapulo,
To complement what Steven said,
3. You can use the WSE 2.0 implementation for the Compact Framework here.
You can find more information about that in this article,
http://www.mperfect.net/cfWse2/
In this case, you have to develop the services with WSE 2.0, since WSE
2.0 and WSE 3.0 do not interoperate well.
Regards,
Pablo Cibraro
http://weblogs.asp.net/cibrax
"Steven Cheng[MSFT]" <stcheng@xxxxxxxxxxxxxxxxxxxx> wrote in message
news:v4XK0dRvGHA.3920@xxxxxxxxxxxxxxxxxxxxxxxx
Hello Trapulo,
From your description, I understand you're consider a security mechanism
to
secure your ASP.NET webservice which will be consumed by many smart
devices(mobile .... ) using CF 2.0, correct?
Based on my experience, you may consider the following options:
1. I'm afraid using WSE 3.0 is not doable here, the bottleneck is your
client consumers(smart devices), since WSE 3.0 only support .net framework
2.0 (not compact framework ).
2. Is it possible to use transport protocol security? Since webservice
currently most rely on HTTP, a very common and sophisticated security
approach is using https/ssl to secure our webservice.
3. If using https/ssl is not possible for your scenario, I think you need
to consider implementing a custom security component which will help
encrypt and sign your webservice request/response SOAP messages. And for
ASP.NET webservice, the SoapExtension is such a plugable component, which
can intercept the request/response SOAP message of ASP.NET webservice
webmethod(at both server-side and client proxy side). Thus, we can define
a
custom security SoapExtension which encrypt and sign the soap message.
Here is a tech article whch has demonstrate a simple securing soap
extension:
#Encrypting SOAP Messages
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnaspnet/ht
ml/asp09272001.asp
In addition, .net framework(also compact framework 2.0) has provided
enchanced cryptographics support, you can leverage them in your custom
webservice security extension:
#Cryptographic Services
http://msdn2.microsoft.com/en-us/library/93bskf9z.aspx
#Cryptographic Tasks
http://msdn2.microsoft.com/en-us/library/7yx4d854.aspx
Hope this helps. If there is any other information you're interested,
please feel free to let me know.
Sincerely,
Steven Cheng
Microsoft MSDN Online Support Lead
==================================================
Get notification to my posts through email? Please refer to
http://msdn.microsoft.com/subscriptions/managednewsgroups/default.aspx#notif
ications.
Note: The MSDN Managed Newsgroup support offering is for non-urgent issues
where an initial response from the community or a Microsoft Support
Engineer within 1 business day is acceptable. Please note that each follow
up response may take approximately 2 business days as the support
professional working with you may need further investigation to reach the
most efficient resolution. The offering is not appropriate for situations
that require urgent, real-time or phone-based interactions or complex
project analysis and dump analysis issues. Issues of this nature are best
handled working with a dedicated Microsoft Support Engineer by contacting
Microsoft Customer Support Services (CSS) at
http://msdn.microsoft.com/subscriptions/support/default.aspx.
==================================================
This posting is provided "AS IS" with no warranties, and confers no
rights.
.
- References:
- secure a WS called via GPRS
- From: Trapulo
- RE: secure a WS called via GPRS
- From: Steven Cheng[MSFT]
- secure a WS called via GPRS
- Prev by Date: Re: Anonymous Access WSE Service
- Next by Date: Re: establishing a security context using usernameForCertificateSecurity
- Previous by thread: RE: secure a WS called via GPRS
- Next by thread: Re: secure a WS called via GPRS
- Index(es):
Relevant Pages
|
