none
Question regarding SignedElement policy Assertion RRS feed

  • Question

  • Hello

    I am trying to implement a webservice form a provided wsdl containing the below policy, using svcutil.exe. The results is an 'unsupported policy assertion'. If i take out the <sp:SignedElements> part, everything works fine. Why is this occuring, and is there a way to implement the signed elements in WCF? Help is much appreciated.

    <wsp:Policy wsu:Id="MyPolicy">
      <wsp:ExactlyOne>
       <wsp:All>
        <sp:SignedParts>
         <sp:Body/>
         <sp:Header Name="To" Namespace="http://www.w3.org/2005/08/addressing"/>
         <sp:Header Name="From" Namespace="http://www.w3.org/2005/08/addressing"/>
         <sp:Header Name="FaultTo" Namespace="http://www.w3.org/2005/08/addressing"/>
         <sp:Header Name="ReplyTo" Namespace="http://www.w3.org/2005/08/addressing"/>
         <sp:Header Name="MessageID" Namespace="http://www.w3.org/2005/08/addressing"/>
         <sp:Header Name="RelatesTo" Namespace="http://www.w3.org/2005/08/addressing"/>
         <sp:Header Name="Action" Namespace="http://www.w3.org/2005/08/addressing"/>
        </sp:SignedParts>
        <sp:SignedElements>
         <sp:XPath>/*[namespace-uri()='http://schemas.xmlsoap.org/soap/envelope/' and local-name()='Envelope']/*[namespace-uri()='http://schemas.xmlsoap.org/soap/envelope/' and local-name()='Header']/*[namespace-uri()='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd' and local-name()='Security']/*[namespace-uri()='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd' and local-name()='Timestamp']</sp:XPath>
         <sp:XPath>/*[namespace-uri()='http://www.w3.org/2003/05/soap-envelope' and local-name()='Envelope']/*[namespace-uri()='http://www.w3.org/2003/05/soap-envelope' and local-name()='Header']/*[namespace-uri()='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd' and local-name()='Security']/*[namespace-uri()='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd' and local-name()='Timestamp']</sp:XPath>
        </sp:SignedElements>
       </wsp:All>
      </wsp:ExactlyOne>
     </wsp:Policy>

    Sunday, May 13, 2012 9:15 AM

Answers

  • There are two parts here - the wcf engine that in runtime known to generate sginatures, and the wcf code that takes this policy and compiles it into the proxy. The latter part seems not to support the xpath policy in the wsdl. But it should not really matter to you - as long as everything works when you remove it from the policy.

    http://webservices20.blogspot.com/
    WCF Security, Interoperability And Performance Blog

    Sunday, May 13, 2012 9:54 AM

All replies

  • There are two parts here - the wcf engine that in runtime known to generate sginatures, and the wcf code that takes this policy and compiles it into the proxy. The latter part seems not to support the xpath policy in the wsdl. But it should not really matter to you - as long as everything works when you remove it from the policy.

    http://webservices20.blogspot.com/
    WCF Security, Interoperability And Performance Blog

    Sunday, May 13, 2012 9:54 AM
  • Yaron,

    Thank you for your answer. I suppose it shouldn't really matter as long as everyhting works. But by that, I meant the proxy generation works. I am wondering whether the proxy contains all the information it needs.

    Regards

    Sunday, May 13, 2012 10:03 AM
  • yes, the policy does not affect the proxy but the binding, which you have already figured out yourself

    http://webservices20.blogspot.com/
    WCF Security, Interoperability And Performance Blog

    Sunday, May 13, 2012 11:52 AM