locked
Endpoint behaviour Configuration in Silverlight RRS feed

  • Question

  •  

    Hi,

    I have a secured(i.e using a certificate) WCF service, which is being consumed in a Silverlight application. In order to bypass the certificate validation at Silverlight  end, I want to add a endpoint behavior at the config file in Silverlight end as following:

    <behaviors>
            <endpointBehaviors>
              <behavior name="DisableServiceCertificateValidation">
                <clientCredentials>
                  <serviceCertificate>
                    <authentication certificateValidationMode="None"                                     revocationMode="NoCheck" />
                  </serviceCertificate>
                </clientCredentials>
              </behavior>
            </endpointBehaviors>
          </behaviors>

    It seems Silverlight doesn't allow behaviour element at all. What can be done in order to use endpoint bahaviour at Silverlight end?

    Regards

    ronit_rc

    Friday, January 27, 2012 12:02 PM

Answers

All replies

  • Hello, Silverlight doesn't support certificate authentication. You have to change to another authentication mechanism, such as username.
    Lante, shanaolanxing This posting is provided "AS IS" with no warranties, and confers no rights.
    If you have feedback about forum business, please contact msdnmg@microsoft.com. But please do not ask technical questions in the email.
    Sunday, January 29, 2012 1:14 PM
  • Hi,

    I am aware of the fact that Silverlight doesn't support certificate authentication. I am using username authentication mechanism only, for the Client Clientcredential. But, even if you using third party credential like,"username" authentication, you need to use a certificate for the Service. In order to disable the certificate validation in silverlight end, I require to develop a "enpointbehavior" as above. But it seems, Silverlight doesn't allow behaviour element at all. Is there any way by which I can develop a "endpointbehavior" at Silverlight end?

    Regards

    ronit_rc


    • Edited by ronit_rc Sunday, January 29, 2012 2:53 PM
    Sunday, January 29, 2012 2:51 PM
  • Silverlight doesn't support pure message security. You can use TransportWithMessageCredential, but then the only certificate the server needs to provide is an SSL certificate. The service itself doesn't need to provide any certificates. Silverlight doesn't allow you to disable SSL certificate validation due to security considerations. You have to use a purchased certificate, or install your self-signed certificate on all client machines.


    Lante, shanaolanxing This posting is provided "AS IS" with no warranties, and confers no rights.
    If you have feedback about forum business, please contact msdnmg@microsoft.com. But please do not ask technical questions in the email.
    Monday, January 30, 2012 1:59 AM
  •  

    Hi,

    Thanks for your answer! As far as my experience is concerned, we need to use a certificate for the Service, in case of client authentication as "username", even if the security mode is "TransportWithMessageCredentials" (I have tested it not for the Siverlight client but  a for a console applictaion).

    What about my other  query:

    Is there any way by which I can develop a "endpointbehavior" at Silverlight end?

    Thanks in advance.

    Regards

    ronit_rc

    Monday, January 30, 2012 6:02 AM
  • You can create custom endpoint behaviors in Silverlight. But you cannot configure service certificate in a custom endpoint behavior. Refer to http://msdn.microsoft.com/en-us/library/system.servicemodel.description.iendpointbehavior(v=vs.95).aspx for more information.
    Lante, shanaolanxing This posting is provided "AS IS" with no warranties, and confers no rights.
    If you have feedback about forum business, please contact msdnmg@microsoft.com. But please do not ask technical questions in the email.
    • Marked as answer by ronit_rc Wednesday, February 1, 2012 9:29 AM
    Monday, January 30, 2012 6:26 AM