Databases
StackOverflow2013
Postsdbo
POHow can I configure WCF to only sign the TimeStamp header
 

Note that there are some explanatory texts on larger screens.

plurals
  1. POHow can I configure WCF to only sign the TimeStamp header
    primarykey
    data
    text
    <p>I am trying to configure my WCF client to create a SOAP 1.1 request that includes WS-Addressing, WS-Security and TLS.</p> <p>The security requirements are that the message includes a Username Token, TimeStamp and that the TimeStamp is signed using an included BinarySecurityToken.</p> <p>I have used the example from the following <a href="http://msdn.microsoft.com/en-us/library/ms751480.aspx" rel="nofollow">link</a> to create my WCF client binding. I have slightly modified the the example (see below) so that HTTPS is used as the transport mechanism and the MessageSecurity is based on UsernameOverTransport.</p> <pre><code> HttpsTransportBindingElement httpsTransport = new HttpsTransportBindingElement(); // the message security binding element will be configured to require 2 tokens: // 1) A username-password encrypted with the service token // 2) A client certificate used to sign the message // Instantiate a binding element that will require the username/password token in the message (encrypted with the server cert) TransportSecurityBindingElement messageSecurity = SecurityBindingElement.CreateUserNameOverTransportBindingElement(); // Create supporting token parameters for the client X509 certificate. X509SecurityTokenParameters clientX509SupportingTokenParameters = new X509SecurityTokenParameters(); // Specify that the supporting token is passed in message send by the client to the service clientX509SupportingTokenParameters.InclusionMode = SecurityTokenInclusionMode.AlwaysToRecipient; // Turn off derived keys clientX509SupportingTokenParameters.RequireDerivedKeys = false; // Augment the binding element to require the client's X509 certificate as an endorsing token in the message messageSecurity.EndpointSupportingTokenParameters.Endorsing.Add(clientX509SupportingTokenParameters); // Create a CustomBinding based on the constructed security binding element. return new CustomBinding(messageSecurity, httpsTransport); </code></pre> <p>The SOAP messages that are generated by this client are very close to meeting the requirements of the service I am calling, the only issue is that the wsa:To address is being signed as well as the TimeStamp address.</p> <p>Is there a way to specify exactly which WCF headers are signed? As I need to restrict the client only sign the TimeStamp header.</p>
    singulars
    1. This table or related slice is empty.
    1. This table or related slice is empty.
    1. PTQuestion
    1. USEdward
    1. USEdward
    plurals
    1. This table or related slice is empty.
    1. This table or related slice is empty.
    1. This table or related slice is empty.
    1. PO
      singulars
      1. PTAnswer
    1. VO
      singulars
      1. POHow can I configure WCF to only sign the TimeStamp header
      1. This table or related slice is empty.
      1. VTUpMod
    2. VO
      singulars
      1. POHow can I configure WCF to only sign the TimeStamp header
      1. This table or related slice is empty.
      1. VTUpMod
    1. This table or related slice is empty.
 

Querying!

 
Guidance
A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload