none
how to add Ws addressing and ws security to Soap Header In WCF

    Question

  • Hi,

    i want to call java web service so i used WCF

    the soap header request should contain

     <soapenv:Header>

                    <a:MessageID soapenv:mustUnderstand="1">caaabbbb-cccc-dddd-eeee-ffffffffffff</a:MessageID>

                    <a:Action soapenv:mustUnderstand="1">http://xx.yy.com</a:Action>

                    <a:To soapenv:mustUnderstand="1"> http://xx.yy.com </a:To>

                            <wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://.xsd">

                                    <wsse:UsernameToken>

                                                    <wsse:Username>x1</wsse:Username>

                                                    <wsse:Password>x2</wsse:Password>

                                    </wsse:UsernameToken>

                    </wsse:Security>

    </soapenv:Header>

     

     

    I add custom binding to my web.config because I am forced to use soap version 1,1

    Because the java web service deals with this version

      

     

    <system.serviceModel>

        <bindings>

     

          <customBinding>

              <binding name="myBinding">

                <textMessageEncoding messageVersion="Soap11" />

                <httpsTransport requireClientCertificate="True" />           

             </binding>

          </customBinding>

         

          <wsHttpBinding>

            <binding name="WSHttpBinding_IService1"  closeTimeout="00:01:00"

                openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00"

                bypassProxyOnLocal="false" transactionFlow="false" hostNameComparisonMode="StrongWildcard"

                maxBufferPoolSize="524288" maxReceivedMessageSize="65536" messageEncoding="Text"

                textEncoding="utf-8"  useDefaultWebProxy="true" allowCookies="false">

              <readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"

                    maxBytesPerRead="4096" maxNameTableCharCount="16384" />

              <reliableSession ordered="true" inactivityTimeout="00:10:00"

                    enabled="false" />

              <security mode="Transport">

                <transport clientCredentialType="Certificate" proxyCredentialType="None"

                  realm="" />

                <message clientCredentialType="UserName" negotiateServiceCredential="true"

                  algorithmSuite="Default" establishSecurityContext="true" />

              </security>

            

            </binding>

          </wsHttpBinding>

        </bindings>

     

     

        <client>

          <endpoint address="binding="wsHttpBinding"   bindingConfiguration="WSHttpBinding_IService1"  contract="33" />

     

          <endpoint

            address="http://localhost:4970/Service1.svc"

            binding="customBinding"

            bindingConfiguration="myBinding"

            contract="CitizenProfile.PersonProfileService" >

           

          </endpoint>

         

               

        

        </client>

      </system.serviceModel>

     

     

    So I want a way to add the ws addressing (to,action ) and the ws security (username, password)

    To soap header

     

     

    Tuesday, September 15, 2009 12:32 PM

Answers

All replies

  • WCF does not natively support sending a username over non ssl.
    But you can use the WCF extension clearUsernameBinding for this:


    http://webservices20.blogspot.com/
    WCF Security, Performance And Testing Blog
    Tuesday, September 15, 2009 2:00 PM
  • dose the soap1.1 support clearusernamebinding and
    but how to set ws addressing

        <a:Action soapenv:mustUnderstand="1">
    http://xx.yy.com</a:Action>

        <a:To soapenv:mustUnderstand="1"> http://xx.yy.com </a:To>

    Tuesday, September 15, 2009 5:13 PM
  • See in the comments to the post I published how to change the soap version. This also changes the WS-Addressing version.
    http://webservices20.blogspot.com/
    WCF Security, Performance And Testing Blog
    Tuesday, September 15, 2009 9:08 PM
  • Hi ALH,

    As Yaron, mentioned, the WsAddressing and soapVersion can be configured via teh "MessageVersion" of WCF message, and the setting is exposed on binding. If you want to get more about the WCF messaging, here is a good reference:

    #WcF Messaging Fundamentals
    http://msdn.microsoft.com/en-us/magazine/cc163447.aspx
    Please remember to mark the replies as answers if they help and unmark them if they provide no help.
    Monday, September 21, 2009 3:27 AM
  • i am succeed in setting the ws addressing by using

    <customBinding>
    <
    binding name="myBinding">

    <

     

    textMessageEncoding messageVersion="Soap11WSAddressing10" />

    <

     

    httpsTransport requireClientCertificate="True" /> </binding>

    </

     

    customBinding>
    but i want to send security token as below and tried to use ClearUserNameBinding but i failed 
    <wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://.xsd">
                                   <wsse:UsernameToken>
                                          <wsse:Username>x1</wsse:Username>
                                          <wsse:Password>x2</wsse:Password>
                                    </wsse:UsernameToken>

     

     

     

     

     

                    </wsse:Security>
    An error occurred creating the configuration section handler for system.serviceModel/bindings: Could not load file or assembly 'customBinding' or one of its dependencies. The system cannot find the file specified. (C:\Inetpub\wwwroot\x\web.config line 152)

     

    this my web config

    <

     

    system.serviceModel>

    <

     

    extensions>

    <

     

    bindingExtensions>

    <

     

    add name="myBinding" type="WebServices20.BindingExtenions.ClearUsernameCollectionElement,customBinding" />

    </

     

    bindingExtensions>

    </

     

    extensions>

     

     

     

    <

     

    bindings>

    <

     

    customBinding>

    <

     

    binding name="myBinding">

    <

     

    textMessageEncoding messageVersion="Soap11WSAddressing10" />

    <

     

    httpsTransport requireClientCertificate="True" />

     

     

    </

     

    binding>

    </

     

    customBinding>

     

    <

     

    wsHttpBinding>

     

     

     

    <

     

    binding name="WSHttpBinding_IService1" closeTimeout="00:01:00"

     

     

    openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00"

     

     

    bypassProxyOnLocal="false" transactionFlow="false" hostNameComparisonMode="StrongWildcard"

     

     

    maxBufferPoolSize="524288" maxReceivedMessageSize="65536" messageEncoding="Text"

     

     

    textEncoding="utf-8" useDefaultWebProxy="true" allowCookies="false">

    <

     

    readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"

     

     

    maxBytesPerRead="4096" maxNameTableCharCount="16384" />

    <

     

    reliableSession ordered="true" inactivityTimeout="00:10:00"

     

     

    enabled="false" />

    <

     

    security mode="Transport">

    <

     

    transport clientCredentialType="Certificate" proxyCredentialType="None"

     

     

    realm="" />

    <

     

    message clientCredentialType="UserName" negotiateServiceCredential="true"

     

     

    algorithmSuite="Default" establishSecurityContext="true" />

    </

     

    security>

     

    </

     

    binding>

    </

     

    wsHttpBinding>

    </

     

    bindings>

     

     

    <

     

    client>

    <

     

    endpoint address="http://localhost:4970/Service1.svc" binding="wsHttpBinding" bindingConfiguration="WSHttpBinding_IService1" contract="33" />

    <

     

    endpoint

     

     

    address="http://localhost:4970/Service1.svc"

     

     

    binding="customBinding"

     

     

    bindingConfiguration="myBinding"

     

     

    contract="x" >

     

    </

     

    endpoint>

     

     

    </

     

    client>

     

     

     

     

    </

     

    system.serviceModel>

     

     

     

     

     

     

    Saturday, September 26, 2009 6:15 AM
  • ALH

    your web.config does not look like the one supplies with the clearUsernameBinding sample.

    In particular you have:

    type="WebServices20.BindingExtenions.ClearUsernameCollectionElement,customBinding" />

    where the sample has:

    type="WebServices20.BindingExtenions.ClearUsernameCollectionElement, ClearUsernameBinding" />

    first make sure you can run the sample on your machine. Then add the dll references and change the config for your server.

    http://webservices20.blogspot.com/
    WCF Security, Performance And Testing Blog
    Monday, September 28, 2009 2:23 PM
  • WCF does support username over non ssl.

    http://msdn.microsoft.com/en-us/library/ms731058.aspx

    What is required:

    1. "When .NET Framework version 3.5 or later is used, you can use a custom username and password validator with message and transport security. With .NET Framework 3.0, a custom username and password validator can only be used with message security."  --msdn

    2. svc must reference a service certificate that contains a private key.

     


    Sunday, August 01, 2010 11:38 AM