none
Configuration through code - EnableUnsecuredResponse RRS feed

  • Question

  • Hi All, 

    I want to achieve following configuration through code :

    Configuration:

     <bindings>
        <customBinding>
          <binding name="CustomSoapBinding">
            <security includeTimestamp="true"
                      authenticationMode="UserNameForCertificate"
                      defaultAlgorithmSuite="Default"
                      requireDerivedKeys="false"
                      messageSecurityVersion="WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10"
                      requireSecurityContextCancellation="true" messageProtectionOrder="EncryptBeforeSign" requireSignatureConfirmation="false">
            </security >
            <textMessageEncoding messageVersion="Soap11"></textMessageEncoding>
            <httpsTransport maxReceivedMessageSize="2000000000"/>
          </binding>
        </customBinding>
      </bindings>
      <client>
        <endpoint address="https://XXXX.XXXX.XXXX.XXXX/WCFService/Service1.svc/basic"
              binding="customBinding" bindingConfiguration="CustomSoapBinding"
              contract="WCFServiceReference.IService1" name="CustomSoapBinding" behaviorConfiguration ="ClientCredentialsBehavior">
          <identity>
            <dns value="WcfClient"/>
          </identity>
        </endpoint >
      </client>
      <behaviors>
        <endpointBehaviors>
          <behavior name="ClientCredentialsBehavior">
            <clientCredentials>
              <clientCertificate findValue="WcfClient"
                   storeLocation="CurrentUser"
                   storeName="My"
                   x509FindType="FindBySubjectName" />
            </clientCredentials>
          </behavior>
        </endpointBehaviors>
      </behaviors>

    Code:

    BindingElementCollection clientBec = new BindingElementCollection();
                
                SecurityBindingElement clientSbe = SecurityBindingElement.CreateUserNameForCertificateBindingElement();
                clientSbe.IncludeTimestamp = true;
                
                clientSbe.DefaultAlgorithmSuite = SecurityAlgorithmSuite.Default;
                clientSbe.MessageSecurityVersion = MessageSecurityVersion.WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10;
                clientSbe.EnableUnsecuredResponse = true;
                clientBec.Add(clientSbe);
                clientBec.Add(new TextMessageEncodingBindingElement());
                clientBec.Add(new HttpTransportBindingElement());
                Binding clientBinding = new CustomBinding(clientBec);
                
                EndpointAddress eAddress = new EndpointAddress("http://dsindal01ina4.apac.sas.com/WCFService/Service1.svc/basic");
                ConsoleApplication1.WCFServiceReference.Service1Client clientEx = new Service1Client(clientBinding, eAddress);
    
                clientEx.ClientCredentials.UserName.UserName = "adminUser";
                clientEx.ClientCredentials.UserName.Password = "passwordAdmin";
    
                clientEx.ClientCredentials.ServiceCertificate.Authentication.CertificateValidationMode = X509CertificateValidationMode.PeerOrChainTrust;
                clientEx.ClientCredentials.ServiceCertificate.Authentication.TrustedStoreLocation = System.Security.Cryptography.X509Certificates.StoreLocation.LocalMachine;
    
                // Set the certificate
                clientEx.ClientCredentials.ClientCertificate.SetCertificate(StoreLocation.CurrentUser, StoreName.My, X509FindType.FindByThumbprint, "f7 38 1d e8 1f a8 44 82 3e d1 92 7a 6a 13 2c d2 96 84 d3 ae");
                clientEx.ClientCredentials.ServiceCertificate.SetDefaultCertificate(StoreLocation.CurrentUser, StoreName.My, X509FindType.FindByThumbprint, "f7 38 1d e8 1f a8 44 82 3e d1 92 7a 6a 13 2c d2 96 84 d3 ae");
    
                //ConsoleApplication1.WCFServiceReference.IService1 channel = clientEx.ChannelFactory.CreateChannel();
                try
                {
                    clientEx.GetData(12345);
                }
                catch (Exception ex)
                {
                }
                finally
                {
                    clientEx.Close();
                }

    Somehow my code is not working. One of the reason that I can think of is setting the endpoint behavior through code which is not happening. The reason I want to do this configuration through code is my response doesnt have security header in it.

    Can anyone help me with fixing this code? Is there any way I was use EnableUnSecuredResponse through configuration? 

    EnableUnsecuredResponse = false;


    DPA

    Monday, March 18, 2013 7:16 AM

Answers