Databases
StackOverflow2013
Postsdbo
POWCF NetMsmq Security
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. POWCF NetMsmq Security
    text
    copied!<p>I am trying to call a WCF service (netmsmq endpoint) which has been secured against ADFS. I need to open a channel with an issued token that resides in the application context.</p> <p>The code below is my atempt to do that, however, I get the following exception:</p> <blockquote> <p>The signing token System.IdentityModel.Tokens.SamlSecurityToken has no keys. The security token is used in a context that requires it to perform cryptographic operations, but the token contains no cryptographic keys. Either the token type does not support cryptographic operations, or the particular token instance does not contain cryptographic keys. Check your configuration to ensure that cryptographically disabled token types (for example, UserNameSecurityToken) are not specified in a context that requires cryptographic operations (for example, an endorsing supporting token).</p> </blockquote> <p>I am aware this error message is to do with <a href="http://travisspencer.com/blog/2012/01/cryptographic-operations-are-r.html" rel="nofollow">BearerKey</a> tokens, however, the netMsmqBinding doesn't expose the property <code>binding.Security.Message.IssuedKeyType = SecurityKeyType.BearerKey;</code></p> <p>What to do? Is it even possible to call a netmsmq service with an issued token? It <a href="http://social.msdn.microsoft.com/Forums/vstudio/en-US/84b1cfa9-6d00-47d6-9418-ca54a19148d0/can-i-use-wif-with-queued-wcf-endpoints?forum=Geneva" rel="nofollow">seems</a> so.</p> <pre><code> public string CallServiceQueue() { try { var binding = new NetMsmqBinding(NetMsmqSecurityMode.Message); binding.Security.Message.ClientCredentialType = MessageCredentialType.IssuedToken; var ep = new EndpointAddress("net.msmq://localhost/private/service/helloqueue.svc"); var factory = new ChannelFactory&lt;IHelloQueue&gt;(binding, ep); factory.Credentials.SupportInteractive = false; factory.Credentials.UseIdentityConfiguration = true; factory.Credentials.ServiceCertificate.SetDefaultCertificate(StoreLocation.LocalMachine, StoreName.My, X509FindType.FindBySerialNumber, "74 0A FE 19 E9 F0 53 9C 46 D9 F2 D6 56 A7 0C E8"); var context = (BootstrapContext)((ClaimsIdentity)Thread.CurrentPrincipal.Identity).BootstrapContext; var channel = factory.CreateChannelWithIssuedToken(context.SecurityToken); channel.SayHello(); ((IServiceChannel)channel).Close(); return "Your message has been sent."; } catch (SecurityException) { return "Access denied."; } catch (Exception ex) { return ex.Message; } } </code></pre>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload