 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
.NET Forum / ASP.NET / Web Services / January 2006UsernameTokenManager.AuthenticateUser
Hi, when I implement UsernameTokerManager.AuthenticateUser it never seems to be called again after successfully authenticating a client. I'm currently using username over certificate with secure session. I can see that there's a 'ttlInSeconds=300' in the policy cache but changing this to a small value has no effect. Also calling SetClientCredential from the client with a new UsernameToken (different username/password) doesn't cause a re-authentication. Even creating a new proxy in the client doesn't seem to cause a re-authentication. Only restarting the client app causes a new authentication. I assume this is by design and that the authentication is being cached. Is there a way to clear the cache? And should I be worried anyway? Regards Phil Lee Hello, Did you say UsernameTokenManager.AuthenticateToken Method in WSE 3.0? Luke Luke, I have managed to sort out my problems - partially a bug on my part, but this is what my understanding is now: Using WSE3 username over certificate and implementing: class MyUsernameTokenManager : UsernameTokenManager { string AuthenticateToken(...) {} } If <usernameForCertificateSecurity establishSecurityContext="false" .. /> then AuthenticateToken is called for every web service method call. The client only has to do proxy.SetClientCredential( new UsernameToken( "new name", "new password" ) ); to change the user credentials. If however <usernameForCertificateSecurity establishSecurityContext="true" ../> then AuthenticateToken is only called once. This is fair enough because a security context is established and cached (I think). However now the client has to invalidate the security context somehow. This works proxy.SetPolicy("ClientPolicy"); proxy.SetClientCredential( new UsernameToken( "new name", "new password" ) ); or this proxy = new Proxy(); proxy.SetPolicy("ClientPolicy"); proxy.SetClientCredential( new UsernameToken( "new name", "new password" ) ); I would have expected SetClientCredential to have been sufficient. Regards Phil Lee > Hello, > > Did you say UsernameTokenManager.AuthenticateToken Method in WSE 3.0? > > Luke Hi Phil, That happens because you are using secure session. When you enable this feature, WSE only authenticates the client the first time and then it creates a SecureContextToken that contains in some way the UsernameToken. This feature improves the performance for successive calls since the authentication and the key interchange is done once. You have two ways to clear the cache but you shouldn't be worried about it: 1. Create a new instance of the proxy class and assign the UsernameToken as client token. The SecureContextToken is only valid per proxy class. 2. Cancel the SecureContextToken: SecureConversationCorrelationState correlationState = serviceProxy.ResponseSoapContext.SessionState.Get<SecureConversationCorrelationState>(""); SecurityContextToken sct = correlationState.Token as SecurityContextToken; sct.Cancel(); Regards, Pablo Cibraro http://weblogs.asp.net/cibrax http://www.lagash.com > Hi, > [quoted text clipped - 15 lines] > Regards > Phil Lee Pablo, thanks for that. Phil > Hi Phil, > That happens because you are using secure session. [quoted text clipped - 40 lines] >> Regards >> Phil Lee Free MagazinesGet these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...
|
Reply to this Message
|
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2008 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.