none
Possible to manually invoke wcf ws-security classes? RRS feed

  • Question

  • Hi,

    I currently have a wcf service that uses a custom message encoder to interrogate the incoming message. The message is a soap with mime attachment message where the first attachment is your standard SOAP envelope.

     The SOAP envelope will contain all the security sections in the SOAP header.

    My problem is in my custom message encoder, I can get to the SOAP envelope, however how can I get WCF to validate the security like how it would if I was using wsHttpBinding with message security?

    Is it possible to pass the soap envelope to some class to do this?

    Really appreciate any suggestions.

    Wednesday, April 17, 2013 2:49 PM

Answers

  • Hi QS.N,

    As for the WCF message layer security, so far the ws-* related security implementation are all encapsulated internally and we cannot manually invoke those internal classes (such as the ones for encryption and signing or other message protection related features...) directly. We have to configure the certain security binding for the service/endpoint so as to let the runtime handle the security protection related processing. For your case, have you tried configure the WCF service as a normal message security protected service (such as using wsHttpBinding + message security) and use the custom message encoder to change the multi-part message package into a standard SOAP xml message (before WCF message security engine processing it)?

     


    Please remember to mark the replies as answers if they help and unmark them if they provide no help.

    Tuesday, April 23, 2013 5:16 AM
    Moderator