locked
signing SecurityToken using X509 certificate RRS feed

  • Question

  • I created custom security token  in code. I would like to sign it using x509 certificate before sending it to client in code? How can we do this

    Thanks

     


    ajit
    Tuesday, January 4, 2011 6:57 PM

Answers

  • create the security binding element from code like this:

     

     SymmetricSecurityBindingElement element = new SymmetricSecurityBindingElement(new X509SecurityTokenParameters(X509KeyIdentifierClauseType.Thumbprint, SecurityTokenInclusionMode.Never));

        element.EndpointSupportingTokenParameters.SignedEncrypted.Add(new UserNameSecurityTokenParameters());

        element.MessageSecurityVersion = MessageSecurityVersion.WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11;

     

    use this element as part of a custom binding. of course change the username token to your one. also you may want to slightly fine tune the other settings depending on your needs.


    http://webservices20.blogspot.com/
    WCF Security, Interoperability And Performance Blog
    Tuesday, January 4, 2011 8:09 PM

All replies

  • create the security binding element from code like this:

     

     SymmetricSecurityBindingElement element = new SymmetricSecurityBindingElement(new X509SecurityTokenParameters(X509KeyIdentifierClauseType.Thumbprint, SecurityTokenInclusionMode.Never));

        element.EndpointSupportingTokenParameters.SignedEncrypted.Add(new UserNameSecurityTokenParameters());

        element.MessageSecurityVersion = MessageSecurityVersion.WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11;

     

    use this element as part of a custom binding. of course change the username token to your one. also you may want to slightly fine tune the other settings depending on your needs.


    http://webservices20.blogspot.com/
    WCF Security, Interoperability And Performance Blog
    Tuesday, January 4, 2011 8:09 PM
  • if you want to sign it directly you can sign it anyway you want and add it to the message.

    if you want wcf to sign it for you then use the code I showed.


    http://webservices20.blogspot.com/
    WCF Security, Interoperability And Performance Blog
    Tuesday, January 4, 2011 9:27 PM