Re: UsernameOverTransportSecurity+SSL Confusion, please help
- From: "Pablo Cibraro [MVP]" <pcibraro@xxxxxxxxxxx>
- Date: Tue, 19 Sep 2006 10:18:24 -0400
Hi Mike,
If you are using transport security, the following section is not necessary
(It is only used by message security),
<security>
<x509 verifyTrust="true" allowTestRoot="true"
revocationMode="Offline" verificationMode="TrustedPeopleOrChain"/>
<binarySecurityTokenManager>
<add
type="Microsoft.Web.Services3.Security.Tokens.X509SecurityTokenManager,
Microsoft.Web.Services3, Version=3.0.0.0, Culture=neutral,
PublicKeyToken=31BF3856AD364E35"
valueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3";>
<keyAlgorithm name="RSA15" />
</add>
</binarySecurityTokenManager>
</security>
I am not sure to understand what your problem is. Have you configure the
service to use SSL in the IIS ?.
If the service is running with https, it is automatically signed and
encrypted by the transport, you do not need to worry about that.
The code for the client application looks fine.
Regards,
Pablo Cibraro
http://weblogs.asp.net/cibrax
"mike" <michal.tesar@xxxxxxxxx> wrote in message
news:1158594278.807718.65720@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Hi,
I am confused. I have a web service, and a client. Both are connected
over VPN. I want to use direct authentication from WSE 3.0. To secure
the transport of the messages, I just want to use SSL.
I have this set up working, but I am confused. I installed a test
certificate on my web server, so I need to access my web service over
SSL. However, in my policy config file on the client I have:
<policy name="usernameTokenSecurity">
<usernameOverTransportSecurity />
<requireActionHeader />
</policy>
in app.config on the client I have:
<microsoft.web.services3>
<diagnostics>
<trace enabled="false" input="InputTrace.webinfo"
output="OutputTrace.webinfo" />
<detailedErrors enabled="false" />
</diagnostics>
<policy fileName="Configuration\wse3policyCache.config" />
<security>
<x509 verifyTrust="true" allowTestRoot="true"
revocationMode="Offline" verificationMode="TrustedPeopleOrChain"/>
<binarySecurityTokenManager>
<add
type="Microsoft.Web.Services3.Security.Tokens.X509SecurityTokenManager,
Microsoft.Web.Services3, Version=3.0.0.0, Culture=neutral,
PublicKeyToken=31BF3856AD364E35"
valueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3";>
<keyAlgorithm name="RSA15" />
</add>
</binarySecurityTokenManager>
</security>
</microsoft.web.services3>
in my client winform I have:
Service1.ServiceWse proxy = new Service1.ServiceWse();
UsernameToken token;
token = GetUsernameToken(txtUsername.Text,
txtPassword.Text, PasswordOption.SendPlainText);
proxy.SetClientCredential(token);
proxy.SetPolicy("usernameTokenSecurity");
Service1.Product product =
proxy.GetProductInformationWithSendPlainText(txtProduct.Text);
lblResults.Text =
String.Format(CultureInfo.InvariantCulture,
"Product: {0}, Quantity {1}, Unit price {2}",
product.Name, product.Quantity,
product.UnitPrice);
lblResults.Text += proxy.ValidateLogin();
I am just confused if this is what I want this to be? Is my app.config
file correct? The direct authentication works. My concern is if the SSL
is set up ok. Where do I sign the message with the public key?
Please help!!!
Thanks,
Mike
.
- Follow-Ups:
- References:
- Prev by Date: Re: WSE 3.0 UsernameToken exception
- Next by Date: Re: WSE 3.0 UsernameOverTransport Problem
- Previous by thread: UsernameOverTransportSecurity+SSL Confusion, please help
- Next by thread: Re: UsernameOverTransportSecurity+SSL Confusion, please help
- Index(es):
Relevant Pages
|
