Help needed in Authentication

Question

User1489758560 posted

Hello Guys,

I am working in .net core 2.2 and i have a requirement that i will need to consume 3rd arty SOAP service and they have certificate based authentication. This is pretty  standard in .net framework by creating the soap service as proxy and in the webconfig we have this .

<system.serviceModel>
    <behaviors>
      <endpointBehaviors>
        <behavior name="MC.behavior.rdy">
          <clientCredentials>
            <clientCertificate findValue="MycompanyDomain.com" storeLocation="LocalMachine" storeName="My" x509FindType="FindBySubjectName" />
            <serviceCertificate>
              <defaultCertificate findValue="clientDomain.com" storeLocation="LocalMachine" storeName="My" x509FindType="FindBySubjectName" />
            </serviceCertificate>
          </clientCredentials>
        </behavior>
      </endpointBehaviors>

    </behaviors>
    <bindings>
      <customBinding>
        <binding name="UserServiceSoapBinding">
          <textMessageEncoding messageVersion="Soap12" />

          <security defaultAlgorithmSuite="Basic128Rsa15" allowSerializedSigningTokenOnReply="true" authenticationMode="MutualCertificate" securityHeaderLayout="Lax" messageProtectionOrder="SignBeforeEncrypt" messageSecurityVersion="WSSecurity10WSTrust2005WSSecurityPolicy11BasicSecurityProfile50" requireSecurityContextCancellation="false">
          </security>
          <httpsTransport manualAddressing="false" maxBufferPoolSize="524288" maxReceivedMessageSize="65536" allowCookies="false" authenticationScheme="Anonymous" bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard" keepAliveEnabled="true" maxBufferSize="65536" proxyAuthenticationScheme="Anonymous" realm="" transferMode="Buffered" unsafeConnectionNtlmAuthentication="false" useDefaultWebProxy="true" />
        </binding>
      </customBinding>
       <basicHttpBinding>
                <binding name="ITransactionProcessor">
                    <security mode="Message" />
					
                </binding>
				
            </basicHttpBinding>
    </bindings>
    <client>
      
     <endpoint address="https://clientDomain.com/services/UserService2009" binding="customBinding" bindingConfiguration="UserServiceSoapBinding" contract="UserService" name="UserServicePort" behaviorConfiguration="MC.behavior.rdy" >
	  <identity>

         <userPrincipalName value="IIS APPPOOL\NETWORK SERVICE" />
		 

       </identity>
	  </endpoint> 
	  
    </client>
  </system.serviceModel>

how do i achieve this in .net core 2.2. is there a way?  i can add the connected service to create proxy. but no idea about this certificate based authentication implementation while consuming the soap service in .net core.  Please help me in this and in case if there is any sample please do share it here. it wold be much helpful to me. 

Answer 1

User475983607 posted

how do i achieve this in .net core 2.2. is there a way? 

You'll need to write it in code rather than configuration.  I would just modify the proxy code that configures SOAP 2.1.  The WCF docs show the syntax.

https://docs.microsoft.com/en-us/dotnet/framework/wcf/feature-details/message-security-with-mutual-certificates

Answer 2

User1489758560 posted

Hi Mgebhard,

Thank you for the reply and on the link provided, i can see the xml code s below

<?xml version="1.0" encoding="utf-8"?>  
<configuration>  
  <system.serviceModel>  
    <behaviors>  
      <endpointBehaviors>  
        <behavior name="ClientCredentialsBehavior">  
          <clientCredentials>  
            <clientCertificate findValue="Cohowinery.com"
                 storeLocation="CurrentUser"  
                 storeName="My"  
                 x509FindType="FindBySubjectName" />  
            <serviceCertificate>  
              <defaultCertificate findValue="Contoso.com"
                                  storeLocation="CurrentUser"  
                                  storeName="TrustedPeople"  
                                  x509FindType="FindBySubjectName" />  
            </serviceCertificate>  
          </clientCredentials>  
        </behavior>  
      </endpointBehaviors>  
    </behaviors>  
    <bindings>  
      <wsHttpBinding>  
        <binding name="WSHttpBinding_ICalculator" >  
          <security mode="Message">  
            <message clientCredentialType="Certificate"
                     negotiateServiceCredential="false"  
                     establishSecurityContext="false" />  
          </security>  
        </binding>  
      </wsHttpBinding>  
    </bindings>  
    <client>  
      <endpoint address="http://machineName/Calculator"
                behaviorConfiguration="ClientCredentialsBehavior"  
                binding="wsHttpBinding"
                bindingConfiguration="WSHttpBinding_ICalculator"  
                contract="ICalculator"  
                name="WSHttpBinding_ICalculator">  
        <identity>  
          <certificate encodedValue="Encoded_Value_Not_Shown" />  
        </identity>  
      </endpoint>  
    </client>  
  </system.serviceModel>  
</configuration>

you mean to say wring this in c#?  really i am not sure how to write this whole code in c#. any sample code to start with would be helpful

Answer 3

User475983607 posted

really i am not sure how to write this whole code in c#. any sample code to start with would be helpful

Please re-read the link.  There is sample code and configuration.   You need the code bits.

Answer 4

User1489758560 posted

Hi mgebhard,

I am keeping trying and having an issue . here is what i tried.

1. Added a connected Service with the help of WSDL URL
2. the sample MSDN link you gave, the first portion of code am referring to try. In that  code, i  am not sure what namespace (ServiceHost )should i for the below code 

   // Create the service host.
   ServiceHost myServiceHost =
       new ServiceHost(typeof(Calculator), httpUri);

   Please let me know.

Answer 5

User1489758560 posted

Any help will be highly appreciated. got struck in this.