![]() | |
![]() |
| | Thread Tools | Search this Thread | Display Modes |
#1
| |||
| |||
|
#2
| |||
| |||
|
|
I have been successful consuming a WCF 3.0 service from a 2.0 client. I would like to embed a token (GUID as string) in the header so I can check the token with a session on the server side. We have a requirement to run on Windows 2000 professional so we have to use a .net 2.0 client (WCF basicHttpBinding). Changing the server or the client to make this work is no problem so I do not have the requirement of changing only the client. I have a server side authenticate operation that has username and password params, which returns a token if authenticated, this process starts a very light weight client side session. I do NOT want to have the token on every exposed contract method so a SOAP header is the answer. Now what I want to do is pass this token in the SOAP header with every call from the client to the server, extract it from the header on the server and do a security check to ensure the method they have called is accessible by the client (the client the token belongs to). I have found a way to extract (or add as far as that goes) the header on the server, here's some example code: int index = OperationContext.Current.IncomingMessageHeaders.Fi ndHeader("token", ""); string token = OperationContext.Current.IncomingMessageHeaders.Ge tHeader<string>(index); What I do not know how to do is create a 2.0 client that can see this token. I am familiar with the ASP.Net 1.1 way of creating a soap header. Any examples out there? |
#3
| |||
| |||
|
|
"Curt K" <curt_krueger (AT) hotmail (DOT) com> wrote in message news:%23AmMNO3rHHA.3884 (AT) TK2MSFTNGP04 (DOT) phx.gbl... There hasn't been much change in this area from 1.1 to 2.0, except the whole nonsense of "web sites" in 2.0. Please tell us what you're trying so we can figure out how to help. -- John Saunders [MVP] |
#4
| |||
| |||
|
|
"John Saunders [MVP]" <john.saunders at trizetto.com> wrote in message news:ugFojJ5rHHA.404 (AT) TK2MSFTNGP06 (DOT) phx.gbl... "Curt K" <curt_krueger (AT) hotmail (DOT) com> wrote in message news:%23AmMNO3rHHA.3884 (AT) TK2MSFTNGP04 (DOT) phx.gbl... There hasn't been much change in this area from 1.1 to 2.0, except the whole nonsense of "web sites" in 2.0. Please tell us what you're trying so we can figure out how to help. .... How do I from the WCF perspective add a SOAP header so that it is imported into the proxy object and shows up as a SOAP header object on the 2.0 client side proxy? I basically need to decorate all of my Service Contract/Operation Contract calls with the equivalent 3.0 version of this on the WCF side (or modify the SOAP header before it is sent to the client). [SoapHeader("tokenHeader", Direction = SoapHeaderDirection.In)] So how do I add a SOAP header on the WCF side that can be consumed by a dot net 2.0 web service client? Hopefully that clears it up? |
#5
| |||||
| |||||
|
|
On Friday, June 15, 2007 1:35 PM Curt K wrote: I have been successful consuming a WCF 3.0 service from a 2.0 client. I would like to embed a token (GUID as string) in the header so I can check the token with a session on the server side. We have a requirement to run on Windows 2000 professional so we have to use a .net 2.0 client (WCF basicHttpBinding). Changing the server or the client to make this work is no problem so I do not have the requirement of changing only the client. I have a server side authenticate operation that has username and password params, which returns a token if authenticated, this process starts a very light weight client side session. I do NOT want to have the token on every exposed contract method so a SOAP header is the answer. Now what I want to do is pass this token in the SOAP header with every call from the client to the server, extract it from the header on the server and do a security check to ensure the method they have called is accessible by the client (the client the token belongs to). I have found a way to extract (or add as far as that goes) the header on the server, here's some example code: int index = OperationContext.Current.IncomingMessageHeaders.Fi ndHeader("token", ""); string token = OperationContext.Current.IncomingMessageHeaders.Ge tHeader<string>(index); What I do not know how to do is create a 2.0 client that can see this token. I am familiar with the ASP.Net 1.1 way of creating a soap header. Any examples out there? thanks in advance, Curt |
|
On Friday, June 15, 2007 5:16 PM John Saunders [MVP] wrote: "Curt K" <curt_krueger (AT) hotmail (DOT) com> wrote in message news:%23AmMNO3rHHA.3884 (AT) TK2MSFTNGP04 (DOT) phx.gbl... Are you having a problem creating such a client? What are you trying, and what result are you seeing? There hasn't been much change in this area from 1.1 to 2.0, except the whole nonsense of "web sites" in 2.0. Please tell us what you're trying so we can figure out how to help. -- John Saunders [MVP] |
|
On Friday, June 15, 2007 5:50 PM Curt K wrote: "John Saunders [MVP]" <john.saunders at trizetto.com> wrote in message news:ugFojJ5rHHA.404 (AT) TK2MSFTNGP06 (DOT) phx.gbl... I need to use a .net 2.0 web service client with a WCF (.net 3.0) Server. I'm using basicHttpbinding. The web service works fine. I want to add a SOAP Header that is a string that will hold a token (GUID as a string). I want to be able to put the token/string in the SOAP header from the client and use it for session management on the Server. The client will call an "Authenticate" method on the WCF service. It'll return a token/guid if successful. That token will be used during all further calls on the web service offered up by the WCF Service. I do not want to put the token on every service contract call, I would like to use the SOAP header to send this token with every request. Because I need to be compatible with Windows 2000 Professional as the client, I need to stick to basicHttpBinding. I can not use Windows Authentication for this application. How do I from the WCF perspective add a SOAP header so that it is imported into the proxy object and shows up as a SOAP header object on the 2.0 client side proxy? I basically need to decorate all of my Service Contract/Operation Contract calls with the equivalent 3.0 version of this on the WCF side (or modify the SOAP header before it is sent to the client). [SoapHeader("tokenHeader", Direction = SoapHeaderDirection.In)] So how do I add a SOAP header on the WCF side that can be consumed by a dot net 2.0 web service client? Hopefully that clears it up? Thanks! Curt |
|
On Friday, June 15, 2007 6:19 PM John Saunders [MVP] wrote: ... Yes, it does. Unfortunately, I have not had a chance to learn WCF yet, so I cannot answer your question. :-( -- John Saunders [MVP] |
|
Submitted via EggHeadCafe SharePoint Tip / Thought of the Day WebPart http://www.eggheadcafe.com/tutorials/aspnet/14280ff8-3c9f-46bd-8214-9267e613c8ec/sharepoint-tip--thought-of-the-day-webpart.aspx |
#6
| ||||||
| ||||||
|
|
On Friday, June 15, 2007 1:35 PM Curt K wrote: I have been successful consuming a WCF 3.0 service from a 2.0 client. I would like to embed a token (GUID as string) in the header so I can check the token with a session on the server side. We have a requirement to run on Windows 2000 professional so we have to use a .net 2.0 client (WCF basicHttpBinding). Changing the server or the client to make this work is no problem so I do not have the requirement of changing only the client. I have a server side authenticate operation that has username and password params, which returns a token if authenticated, this process starts a very light weight client side session. I do NOT want to have the token on every exposed contract method so a SOAP header is the answer. Now what I want to do is pass this token in the SOAP header with every call from the client to the server, extract it from the header on the server and do a security check to ensure the method they have called is accessible by the client (the client the token belongs to). I have found a way to extract (or add as far as that goes) the header on the server, here's some example code: int index = OperationContext.Current.IncomingMessageHeaders.Fi ndHeader("token", ""); string token = OperationContext.Current.IncomingMessageHeaders.Ge tHeader<string>(index); What I do not know how to do is create a 2.0 client that can see this token. I am familiar with the ASP.Net 1.1 way of creating a soap header. Any examples out there? thanks in advance, Curt |
|
On Friday, June 15, 2007 5:16 PM John Saunders [MVP] wrote: "Curt K" <curt_krueger (AT) hotmail (DOT) com> wrote in message news:%23AmMNO3rHHA.3884 (AT) TK2MSFTNGP04 (DOT) phx.gbl... Are you having a problem creating such a client? What are you trying, and what result are you seeing? There hasn't been much change in this area from 1.1 to 2.0, except the whole nonsense of "web sites" in 2.0. Please tell us what you're trying so we can figure out how to help. -- John Saunders [MVP] |
|
On Friday, June 15, 2007 5:50 PM Curt K wrote: "John Saunders [MVP]" <john.saunders at trizetto.com> wrote in message news:ugFojJ5rHHA.404 (AT) TK2MSFTNGP06 (DOT) phx.gbl... I need to use a .net 2.0 web service client with a WCF (.net 3.0) Server. I'm using basicHttpbinding. The web service works fine. I want to add a SOAP Header that is a string that will hold a token (GUID as a string). I want to be able to put the token/string in the SOAP header from the client and use it for session management on the Server. The client will call an "Authenticate" method on the WCF service. It'll return a token/guid if successful. That token will be used during all further calls on the web service offered up by the WCF Service. I do not want to put the token on every service contract call, I would like to use the SOAP header to send this token with every request. Because I need to be compatible with Windows 2000 Professional as the client, I need to stick to basicHttpBinding. I can not use Windows Authentication for this application. How do I from the WCF perspective add a SOAP header so that it is imported into the proxy object and shows up as a SOAP header object on the 2.0 client side proxy? I basically need to decorate all of my Service Contract/Operation Contract calls with the equivalent 3.0 version of this on the WCF side (or modify the SOAP header before it is sent to the client). [SoapHeader("tokenHeader", Direction = SoapHeaderDirection.In)] So how do I add a SOAP header on the WCF side that can be consumed by a dot net 2.0 web service client? Hopefully that clears it up? Thanks! Curt |
|
On Friday, June 15, 2007 6:19 PM John Saunders [MVP] wrote: ... Yes, it does. Unfortunately, I have not had a chance to learn WCF yet, so I cannot answer your question. :-( -- John Saunders [MVP] |
|
On Wednesday, February 02, 2011 2:11 PM Ram Reddy wrote: I have a ASP.NET web client developed in c# which consumes a Java web service. I want to append the below security tags to SOAP header before sending the soap request to web service. How can I append the security tag to soap header in c#? pls provide some sample code. wsse:Security xenc:EncryptedKey xmlns:xenc="XXXX" xenc:EncryptionMethod Algorithm="XXXX"/ dsig:KeyInfo xmlns:dsig="XXX" wsse:SecurityTokenReference wsse:KeyIdentifier </wsse:KeyIdentifier /wsse:SecurityTokenReference /dsig:KeyInfo xenc:CipherData xmlns:dsig="XXXX" <xenc:CipherValue> /xenc:CipherValue /xenc:CipherData xenc:ReferenceList xenc ataReference URI="XXX"//xenc:ReferenceList /xenc:EncryptedKey wsse:UsernameToken wsse:Username>dpclient</wsse:Username xenc:EncryptedData Id="XXX" Type="XXXXX" xenc:EncryptionMethod Algorithm="XXXX"/ xenc:CipherData xenc:CipherValue> </xenc:CipherValue /xenc:CipherData /xenc:EncryptedData /wsse:UsernameToken /wsse:Security |
|
Submitted via EggHeadCafe ASP.NET Drawing a chart using OWC11 - Office Web Components http://www.eggheadcafe.com/tutorials/aspnet/601e9bc2-40ed-405e-b1b0-f416046b6698/aspnet-drawing-a-chart-using-owc11--office-web-components.aspx |
![]() |
| Thread Tools | Search this Thread |
| Display Modes | |
| |