WSE-Security with Windows Service hosted web service

Thread view:

Enable EMail Alerts

Start New Thread

Thread rating:

Matt C - 14 Mar 2006 20:40 GMT

I have WSE3 working well in the samples and in a test project I enabled for
WSE3. But these all used IIS to host the web service.

I am trying to apply a "ServicePolicy" I defined in the WSE3 property pages
and I have some questions:

1) When a web service is hosted in a Windows service, do I apply the policy
to the web service or the windows service or both?

2) I cannot get the web service-side to require security as defined in the
policy.

When I turn off client-side security by not calling the SetPolicy API, all
web method calls succeed, but I expect some SOAP exceptions due to
service-side security requirements (like when the web service is hosted in
IIS and I disable policy for the web service but not for the client project)
but I don't get those.

My current test project is based on the help sample topic "How to: Host an
ASP.NET Web Service Outside of IIS", but it doesn't implement any security.

Reply to this Message

Matt C - 14 Mar 2006 20:58 GMT

Ok, solved my own problem.

Two things:
1) Use the Policy attribute on the class to specify the security policy to
use.
2) Make sure the app.config (former web.config file) and the wse3 config
file are in the directory with the windows service binary.

I now have the equivalent functionality I had when hosting the web service
vis IIS.

> I have WSE3 working well in the samples and in a test project I enabled for
> WSE3. But these all used IIS to host the web service.
[quoted text clipped - 16 lines]
> My current test project is based on the help sample topic "How to: Host an
> ASP.NET Web Service Outside of IIS", but it doesn't implement any security.

Reply to this Message

WSE-Security with Windows Service hosted web service

Free Magazines