 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
.NET Forum / ASP.NET / Web Services / December 2005Accessing a WSE 2 Web Service from WSE 3
Hi, I have a collection of WSE 2 Web Services which I would like to access in ASP.NET 2.0 using WSE 3. I've built I Windows Form application to test the user authentication and I the WSE 2 Service throws: Microsoft.Web.Services2.Security.SecurityFault: An unsupported signature or encryption algorithm was used at Microsoft.Web.Services2.Security.EncryptedData.ResolveDecryptionKey(String algorithmUri, KeyInfo keyInfo) Any ideas on what could be going wrong and how to fix it? Code I'm trying (which is virtually copy and pasted from my WSE 2 application) below: SSOAuthentication.SSOAuthentication auth = new SSOTest.SSOAuthentication.SSOAuthentication(); UsernameToken objToken = new UsernameToken("Application" + ":" + "User", "Password", PasswordOption.SendHashed); auth.RequestSoapContext.Security.Tokens.Add(objToken); SecurityToken stToken = objToken; auth.RequestSoapContext.Security.Elements.Add(new MessageSignature(stToken)); auth.RequestSoapContext.Security.Elements.Add(new EncryptedData(stToken)); string[] a_strRoles; SSOAuthentication.ErrorData objErrorData; bool bolIsUserValidated = false; string strValue = null; try { bolIsUserValidated = auth.ValidateUser(out a_strRoles, out objErrorData); if (bolIsUserValidated) { strValue = "User is validated and has the following roles:\n"; foreach (string role in a_strRoles) { strValue += role + "\n"; } } else { strValue = "User is NOT valid: " + objErrorData.ErrorDescr; } this.txtTextBox.Text = strValue; } catch (Exception ex) { this.txtTextBox.Text = ex.Message; } Thank you, Jason Lind Hi Jason, WSE 2.0 and 3.0 are not compatible since they use different WS-x protocols. However, there are some tricks to make them work together. I wrote a small post about this topic in my weblog http://weblogs.asp.net/cibrax/archive/2005/11/25/431528.aspx Regards, Pablo Cibraro http://weblogs.asp.net/cibrax http://www.lagash.com > Hi, I have a collection of WSE 2 Web Services which I would like to access > in [quoted text clipped - 57 lines] > > Jason Lind Thank you for the article. We are only implementing WS-Security so it looks like as long as I stick to the 1.0 spec in my client calls and modify the encryption it should work. I have tried modifying it as your post suggested, still getting the same error, any idea on what I might have done wrong? <?xml version="1.0" encoding="utf-8"?> <configuration> <configSections> <sectionGroup name="applicationSettings" type="System.Configuration.ApplicationSettingsGroup, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"> <section name="SSOTest.Properties.Settings" type="System.Configuration.ClientSettingsSection, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" requirePermission="false" /> </sectionGroup> <section name="microsoft.web.services3" type="Microsoft.Web.Services3.Configuration.WebServicesConfiguration, Microsoft.Web.Services3, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" /> </configSections> <applicationSettings> <SSOTest.Properties.Settings> <setting name="SSOTest_SSOAdministration_SSOAdministration" serializeAs="String"> <value>http://localhost/RBNA/SSO/SSOWebServices/SSOAdministration.asmx</value> </setting> <setting name="SSOTest_SSOAuthentication_SSOAuthentication" serializeAs="String"> <value>http://localhost/RBNA/SSO/SSOWebServices/SSOAuthentication.asmx</value> </setting> <setting name="SSOTest_SSOAuthorization_SSOAuthorization" serializeAs="String"> <value>http://localhost/RBNA/SSO/SSOWebServices/SSOAuthorization.asmx</value> </setting> </SSOTest.Properties.Settings> </applicationSettings> <microsoft.web.services3> <security> <binarySecurityTokenManager> <add type="Microsoft.Web.Services3.Security.Tokens.X509SecurityTokenManager, Microsoft.Web.Services3, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" valueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"> <keyAlgorithm name="AES128"/> </add> </binarySecurityTokenManager> <securityTokenManager> <add localName="EncryptedKey" type="Microsoft.Web.Services3.Security.Tokens.EncryptedKeyTokenManager, Microsoft.Web.Services3, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" namespace="http://www.w3.org/2001/04/xmlenc#"> <keyAlgorithm name="RSA15"/> </add> <add localName="DerivedKeyToken" type="Microsoft.Web.Services3.Security.Tokens.DerivedKeyTokenManager, Microsoft.Web.Services3, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" namespace="http://schemas.xmlsoap.org/ws/2005/02/sc"> <keyAlgorithm name="RSA15"/> </add> <add localName="SecurityContextToken" type="Microsoft.Web.Services3.Security.Tokens.SecurityContextTokenManager, Microsoft.Web.Services3, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" namespace="http://schemas.xmlsoap.org/ws/2005/02/sc"> <keyAlgorithm name="RSA15"/> </add> </securityTokenManager> </security> </microsoft.web.services3> </configuration> > Hi Jason, > WSE 2.0 and 3.0 are not compatible since they use different WS-x protocols. [quoted text clipped - 68 lines] > > > > Jason Lind Hi Jason, Try doing the following change: <binarySecurityTokenManager> <add valueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"> <keyAlgorithm name="RSA15" /> </add> </binarySecurityTokenManager> Regards, Pablo Cibraro http://weblogs.asp.net/cibrax http://www.lagash.com > Thank you for the article. We are only implementing WS-Security so it > looks [quoted text clipped - 160 lines] >> > >> > Jason Lind I am no longer getting a WSE3 exception, but I'm getting the same WSE2 exception again. When I look at stToken (SecurityToken class) and objToker (UsernameToken) in debugger, Key.EncyptionFormatter is still AES256. Do I need to add another key/value in my config? Thank you, Jason > Hi Jason, > Try doing the following change: [quoted text clipped - 179 lines] > >> > > >> > Jason Lind I think I got the encryption working now, I am now getting this error when I try to call the method: InnerException = {"WSE562: The incoming username token contains a password hash. The built-in UsernameTokenManager does not support this type of UsernameToken. Please see the documentation for more details on the UsernameTokenManager.AuthenticateToken method."} Any ideas on how to get around this? Thank you, Jason > Hi Jason, > Try doing the following change: [quoted text clipped - 179 lines] > >> > > >> > Jason Lind Yes, the default UsernameToken manager only supports Username tokens with plain text passwords. You have two solutions to this problem: 1. Send the password as plain text 2. Configure a custom UsernameToken manager Check this GDN workspace for more information about developing a Custom UsernameToken manager. http://www.gotdotnet.com/codegallery/codegallery.aspx?id=67f659f6-9457-4860-80ff -0535dffed5e6 (Web Service Security: Scenarios, Patterns, and Implementation Guidance) Regards, Pablo Cibraro http://weblogs.asp.net/cibrax http://www.lagash.com >I think I got the encryption working now, I am now getting this error when >I [quoted text clipped - 199 lines] >> >> > >> >> > Jason Lind Free MagazinesGet these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...
|
Reply to this Message
|
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2008 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.