Home | Contact Us | FAQ | Search & Site Map | Link to Us
Sign In | Join | Other 45 Sites in Network
HomeAnnouncementsFree MagazinesWhite PapersSubmit Content
Discussion GroupsASP.NETWindows FormsLanguages.NET FrameworkVisual Studio.NET
Articles.NET FrameworkASP.NETToolsWindows Forms
.NET DirectoryOpen Source ProjectsUser GroupsWeb Resources
Related Topics
Visual Basic 6SQL ServerMS AccessOther DB ProductsMS Server ProductsMore Topics ...
.NET Forum / ASP.NET / Web Services / February 2006

Tip: Looking for answers? Try searching our database.

user name and pasword encryption WSE2.0

Thread view: 
Enable EMail Alerts  Start New Thread
Thread rating: 
MSDN - 24 Feb 2006 02:17 GMT
Hello,

I am using WSE2.0 and windows authentication user token
I would like to encrypt the user name and password as in

Dim oToken as new
Microsoft.Web.Services2.Security.Tokens.UsernameToken("myusername","myPassword",
PasswordOption.SendPlainText)

I am NOT talking about the PasswordOption enum

I would like to send an encrypted "myusername" and "mypassword" and not have
them visible in code at all

Also How on the server side it is decrypted?

If I encrypt "myusername" how does the server side decrypt it and still work

if PasswordOption is Hashed it does not work for me with Windows
Authentication

Any help is appreciated.

SA
Reply to this Message
Pablo Cibraro - 24 Feb 2006 13:36 GMT
Hi,

You will have to use a X509 certificate to encrypt the message.
You can specify that certificate by means of code or a security policy. (It
will be easier if you use the Configuration tool provided by WSE)

Regards,
Pablo Cibraro
http://weblogs.asp.net/cibrax

> Hello,
>
[quoted text clipped - 21 lines]
>
> SA
Reply to this Message
KevinR - 24 Feb 2006 17:18 GMT
I am also trying to get started with this stuff.
"You will have to use a X509 certificate to encrypt the message. "
Where would I get one of these?  Do I make one up?  I happen to have an
SSL cert from a different project - will that do?  Pardon my ignorance;
the security stuff is a bit confusing at the outset.

Thanks,
kevin
Reply to this Message
Pablo Cibraro - 27 Feb 2006 14:10 GMT
Hi Kevin,

That depends on what your are looking for.
If you are insterested on some test certificates for your development
environment, a set of certificates created with the tool "Makecert" are just
fine.
Otherwise, you will have to consider buying some certificates from some
authority like VerySign.

Thanks
Pablo.

>I am also trying to get started with this stuff.
> "You will have to use a X509 certificate to encrypt the message. "
[quoted text clipped - 4 lines]
> Thanks,
> kevin
Reply to this Message

 Rate this thread:







Free Magazines

Get these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...

Oracle MagazineNetwork ComputingComputer WorldBio-IT WorldeWeekInformation WeekInfosecurity
 
Sign In
Join
My Latest Posts
My Monitored Threads
My Blog
My Photo Gallery
My Profile
My Homepage
Start New Thread
Enable EMail Alerts
Rate this Thread



©2008 Advenet LLC   Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.