Can't Add Service Reference with SymmetricSecurityBindingElement RRS feed

  • Question

  • I've got a project where I'm trying to have a login method call put some custom values on the soap header for future calls to replace the sample's BindingHelper.CreateCreditCardBinding() method. However, whenever I have the security element added to the custom binding, Add Service Reference stops working ("The request failed with HTTP status 400: Bad Request.
    Metadata contains a reference that cannot be resolved: 'http://localhost:8000/MyService.svc'."). I'm assuming this is because the client doesn't have a key. If this is the case, how do I specify it without any configuration info to add it to? If that's not the problem, is there some way to get ASR to work in this case? BTW: Here is my StandardBindingElement.OnApplyConfiguration override that is replacing CreateCreditCardBinding:

    protected override void OnApplyConfiguration(Binding binding)
        var transport = new HttpTransportBindingElement();
        var security = new SymmetricSecurityBindingElement();
        security.EndpointSupportingTokenParameters.SignedEncrypted.Add(new CredentialTokenParameters());
        var parameters = new X509SecurityTokenParameters() { InclusionMode = SecurityTokenInclusionMode.Never };
        security.ProtectionTokenParameters = parameters;
        var customBinding = (CustomBinding) binding;
        customBinding.Elements.Add(security); // Comment this out, and AddServiceReference works

    Tuesday, February 25, 2014 10:18 PM


  • Hi,

    The code below should be a good starting point for what you require. I've filled in a handful of the properties that I saw in your app.config and set them appropriately.

    CustomBinding endpointBinding = new CustomBinding();
    SymmetricSecurityBindingElement securityElement = SecurityBindingElement.CreateUserNameForSslBindingElement();
    securityElement.MessageSecurityVersion = MessageSecurityVersion.WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10;
    securityElement.LocalClientSettings.MaxClockSkew = new TimeSpan(23, 30, 0);
    endpointBinding.Elements.Add(new BinaryMessageEncodingBindingElement());
    endpointBinding.Elements.Add(new HttpsTransportBindingElement());

    As for the certificate... Once you have a WCF service host object you can add the certificate like so:

     host.Credentials.ServiceCertificate.Certificate = cert;
    Wednesday, February 26, 2014 6:59 AM