none
MTOMEncoder and XmlDictionaryWriter.CreateMtomWriter RRS feed

  • Question

  • Hi,

    We have WCF service which accepts MTOM payload and validates the signature and validates the token using Saml2TokenHandler.

     When the incoming SOAP message has \r\n between elements,  It is failing on ReadToken method in the Saml2TokenHandler class with "'Text' is an invalid XmlNodeType.". on the ReadStartElement method. This method assumes the first element after assertion is Issuer, but i see it is whitespace element. that is the reason it is failing. We can't remove the '\r\n' from the xml .R-This will break the signature verification. Note this is not an issue for XML payload with regular message encoder, only for MTOM encoder.

       at System.Xml.XmlReader.ReadStartElement(String localname, String ns)
       at System.IdentityModel.Tokens.Saml2SecurityTokenHandler.ReadIssuer(XmlReader reader)
       at System.IdentityModel.Tokens.Saml2SecurityTokenHandler.ReadAssertion(XmlReader reader)
    Saml2SecurityTokenHandler.ReadToken(XmlReader reader) in Saml2SecurityTokenHandler.cs:line

    Wednesday, November 28, 2018 4:15 PM

All replies

  • Hi ksen,

    Thank you for posting here.

    Since your question is more related to WCF, I will move it to WCF forum for suitable support.

    https://social.msdn.microsoft.com/Forums/en-US/home?forum=wcf&filter=alltypes&sort=lastpostdesc

    The CLR Forum discuss and ask questions about .NET Framework Base Classes (BCL) such as Collections, I/O, Regigistry, Globalization, Reflection. Also discuss all the other Microsoft libraries that are built on or extend the .NET Framework, including Managed Extensibility Framework (MEF), Charting Controls, CardSpace, Windows Identity Foundation (WIF), Point of Sale (POS), Transactions.

    Best Regards,

    Wendy


    MSDN Community Support
    Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.

    Friday, November 30, 2018 6:37 AM
  • Hi Ksen,

    This problem boils down to parsing XML files that contain illegal tags.
    Even XML payload needs to handle this type of payload that contains illegal markup in XML, so I think we should avoid inserting \r\n<p></p>
     into a soap message when creating it. In addition, before dotnetframework2.0, old xmlreader was used for parsing XML. Consider using the new target runtime environment in this case.
    https://docs.microsoft.com/en-us/dotnet/api/system.xml.xmlreader.readelementcontentasstring?view=netframework-4.7.2
    Best Regards
    Abraham

    Monday, December 3, 2018 8:25 AM
    Moderator