Wcf WS-Security server -

-

i have created service such binding configuration:

<bindings>   <custombinding>     <binding name="defaultbinding">       <textmessageencoding messageversion="soap12" />       <httptransport />     </binding>   </custombinding> </bindings>

and when service receives message starting this:

<s:envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope">   <s:header>     <security s:mustunderstand="1" xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">       <usernametoken>         <username>         </username>         <password type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#passworddigest">...</password>         <nonce encodingtype="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#base64binary">kwva4abcreemomt55vezkgiaaaaaaa==</nonce>         <created xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">2013-08-28t13:29:05.966z</created>       </usernametoken>     </security>     ...

it produces error:

the header 'security' namespace 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd' not understood ...

i tried:

<wshttpbinding>     <binding name="defaultbinding">       <security  mode="message" />     </binding> </wshttpbinding>

how can process header or ignore ?

update

as understood need username on insecure transport, tried:

<custombinding>     <binding         name="defaultbinding">       <textmessageencoding messageversion="soap12" />       <security authenticationmode="usernameovertransport" allowinsecuretransport="true">       </security>       <httptransport>        </httptransport>     </binding> </custombinding>

i tried cub:

<bindings>   <clearusernamebinding>     <binding name="myclearusernamebinding" messageversion="soap12">     </binding>   </clearusernamebinding> </bindings>

both ends error on client: error occurred when verifying security message. works test cub's client. wrong ?

cub's envelope's header.

test client's header.

solution simple:

  1. create service behavior
  2. create dispatch message inspector
  3. add created service behavior server

and parse or delete unused "mustunderstand" headers.

step 1:

public class wssecuritybehavior : iservicebehavior {     public void validate(servicedescription servicedescription, servicehostbase servicehostbase) {     }      public void addbindingparameters(servicedescription servicedescription, servicehostbase servicehostbase,         collection<serviceendpoint> endpoints,         bindingparametercollection bindingparameters) {     }      public void applydispatchbehavior(servicedescription servicedescription, servicehostbase servicehostbase) {         var endpoints = servicehostbase             .channeldispatchers             .cast<channeldispatcher>()             .selectmany(dispatcher => dispatcher.endpoints);          foreach (var endpoint in endpoints)             endpoint.dispatchruntime.messageinspectors.add(new wssecurityinspector());     } }

step 2:

public class wssecurityinspector : idispatchmessageinspector {     public object afterreceiverequest(ref message request, iclientchannel channel, instancecontext instancecontext) {         var headerposition = request.headers.findheader("security",             "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd");          if (headerposition > -1)             request.headers.removeat(headerposition);          return null;     }      public void beforesendreply(ref message reply, object correlationstate) {     } }

step 3:

host.description.behaviors.add(new wssecuritybehavior());

Comments

Post a Comment

Popular posts from this blog

Unable to remove the www from url on https using .htaccess -

-
i want remove www site url. ie. https://www.domainname.com.au https://domainname.com.au . i have tried various .htacces code nothing work me. here present code remove www http not work https. rewriteengine on rewritebase / rewritecond %{http_host} ^www\.(.*)$ [nc] rewriterule ^/(.*)$ http://%1/$1 [r=301,l] rewritecond %{https} off rewriterule ^(.*)$ https://domainname.com.au/$1 [r=301,l] rewriterule ^code-of-conducts/(.*)/$ code-of-conducts.php?type=$1 rewriterule ^parents/post-a-job/(.*)/edit/$ parents/post-a-job.php?action=edit&id=$1 rewriterule ^parents/post-a-job/(.*)/$ parents/post-a-job.php?job_type=$1 rewriterule ^parents/open-jobs/(.*)/delete/$ parents/open-jobs.php?action=delete&id=$1 rewriterule ^parent-profile/(.*)/$ parent-profile.php?id=$1 rewriterule ^parents/job-details/(.*)$ parents/job-details.php?applied_id=$1 rewriterule ^sitterprofile/(.*)/$ sitterprofile.php?id=$1 rewriterule ^sitter/job-board/state/(.*)/page/(.*)/$ sitter/job-board.ph...
Read more