none
wse 2.0 support for lax security option RRS feed

  • Question

  •  

    hi

    i am new to .net .

    i am using wse 2.0 technology for web services that accept digitally signd mssages but the web service does not support lax security option i.e the order of elements in the soap header must follow the strict (create before use) option.

    my web.config is following

     

     

    <?xml version="1.0"?>
    <configuration>
     <configSections>
      <section name="microsoft.web.services2" type="Microsoft.Web.Services2.Configuration.WebServicesConfiguration, Microsoft.Web.Services2, Version=2.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35"/>
     </configSections>
     <appSettings>
      <add key="validfolder" value="C:\temp\valid messages"/>
        </appSettings>
     <system.web>
         <compilation defaultLanguage="c#" debug="true">
          <assemblies>
            <add assembly="microsoft.biztalk.interop.transportproxy, version=3.0.1.0, culture=neutral, publickeytoken=31bf3856ad364e35"/>
            <add assembly="microsoft.biztalk.adapter.wse, version=1.0.1.0, culture=neutral, publickeytoken=31bf3856ad364e35"/>
            <add assembly="microsoft.web.services2, version=2.0.3.0, culture=neutral, publickeytoken=31bf3856ad364e35"/>
            <add assembly="microsoft.biztalk.pipeline, version=3.0.1.0, culture=neutral, publickeytoken=31bf3856ad364e35"/>
            <add assembly="microsoft.xlangs.basetypes, version=3.0.1.0, culture=neutral, publickeytoken=31bf3856ad364e35"/>
                 </assemblies>
          <compilers>
            <compiler language="c#" type="Microsoft.CSharp.CSharpCodeProvider, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089" extension=".cs" compilerOptions="/dBig SmileEBUG;TRACE"/>
          </compilers>
        </compilation>
        <customErrors mode="RemoteOnly"/>
      <authentication mode="Windows"/>
        <authorization>
       <allow users="*"/>
         </authorization>
        <trace enabled="false" requestLimit="10" pageOutput="false" traceMode="SortByTime" localOnly="true"/>
       <sessionState mode="InProc" stateConnectionString="tcpip=127.0.0.1:42424" sqlConnectionString="data source=127.0.0.1;Trusted_Connection=yes" cookieless="false" timeout="20"/>
      <globalization requestEncoding="utf-8" responseEncoding="utf-8"/>
      <trust level="Full" originUrl=""/>
      <httpHandlers>
          <add verb="*" path="Esize_HrXml_Orchestrations_HR04ProcessInvoice_HR04SendInvoice.ashx" type="Esize.HrXml.Orchestrations.Esize_HrXml_Orchestrations_HR04ProcessInvoice_HR04SendInvoice"/>
      </httpHandlers>
      <webServices>
       <protocols>
        <remove name="HttpPost"/>
        <remove name="HttpGet"/>
        <remove name="HttpPostLocalhost"/>
       </protocols>
       <soapExtensionTypes>
          </soapExtensionTypes>
       <soapExtensionReflectorTypes>
       
       </soapExtensionReflectorTypes>
      </webServices>
      <xhtmlConformance mode="Legacy"/></system.web>
     <microsoft.web.services2>
       
      <diagnostics>
         <detailedErrors enabled="false"/>
      </diagnostics>
      <security>
          
       <x509 storeLocation="LocalMachine" verifyTrust="true" allowTestRoot="false" allowRevocationUrlRetrieval="true" allowUrlRetrieval="true"/>
      </security>
      <policy>
         <cache name="PolicyCache.xml"/>
      </policy>
     </microsoft.web.services2>
     
    </configuration>

     

     

    and the PolicyCache.xml is following

     

    <?xml version="1.0" encoding="utf-8"?>
    <policyDocument xmlns="
    http://schemas.microsoft.com/wse/2003/06/Policy">
      <mappings>
        <defaultEndpoint>
          <defaultOperation>
            <!--request policy="#policy-8727c8ce-f854-4e1c-9299-eddd01a4b90f" /-->
            <request policy="#policy-8727c8ce-f854-4e1c-9299-eddd01a4b90f" />
            <response policy=""/>
            <fault policy=""/>
          </defaultOperation>
        </defaultEndpoint>
        </mappings>
      <policies xmlns:wsu="
    http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/03/addressing" xmlns:wse="http://schemas.microsoft.com/wse/2003/06/Policy">
       <wspStick out tongueolicy wsu:Id="policy-8727c8ce-f854-4e1c-9299-eddd01a4b90f" xmlns:wsp="
    http://schemas.xmlsoap.org/ws/2002/12/policy">
        <wsp:MessagePredicate wsp:Usage="wsp:Required" Dialect="
    http://schemas.xmlsoap.org/2002/12/wsse#part">wsp:Body()</wsp:MessagePredicate>
        <wssp:Integrity wsp:Usage="wsp:Required" xmlns:wssp="
    http://schemas.xmlsoap.org/ws/2002/12/secext">
         <wssp:TokenInfo>
          <OneOrMore xmlns="
    http://schemas.xmlsoap.org/ws/2002/12/policy">
           <wsspTongue TiedecurityToken wse:IdentityToken="true">
            <wssp:TokenType>http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3</wssp:TokenType>
            <wssp:Claims>
             <wsspTongue TiedubjectName>CN=DEVELOPMENT6, OU=SelfSSL, O={7EF2B15E-6A62-4588-B61E-3CBF416FA155}</wsspTongue TiedubjectName>
            </wssp:Claims>
           </wsspTongue TiedecurityToken>
                <wsspTongue TiedecurityToken wse:IdentityToken="true">
                  <wssp:TokenType>http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3</wssp:TokenType>
                  <wssp:Claims>
                    <wsspTongue TiedubjectName>CN=JITENDRA, OU=SelfSSL, O={7EF2B15E-6A62-4588-B61E-3CBF416FA155}
    </wsspTongue TiedubjectName>
                  </wssp:Claims>
                </wsspTongue TiedecurityToken>
           </OneOrMore>
         </wssp:TokenInfo>
         <wssp:MessageParts Dialect="
    http://schemas.xmlsoap.org/2002/12/wsse#part">wsp:Body() wsp:Header(wsa:Action) wsp:Header(wsa:FaultTo) wsp:Header(wsa:From) wsp:Header(wsa:MessageID) wsp:Header(wsa:RelatesTo) wsp:Header(wsa:ReplyTo) wsp:Header(wsa:To) wse:Timestamp()</wssp:MessageParts>
        </wssp:Integrity>
       </wspStick out tongueolicy>
        </policies>
      </policyDocument>

    when i send soap request which has wsse:binarysecuritytoken element below dsigTongue Tiedignature element web service returns security token reference could not found

     

    does wse support lax option (i.e. order does not matter). if yes what changes should i make to web.confog or policycache.xml

    Saturday, November 1, 2008 8:19 AM