Home | Contact Us | FAQ | Search & Site Map | Link to Us
Sign In | Join | Other 45 Sites in Network
HomeAnnouncementsFree MagazinesWhite PapersSubmit Content
Discussion GroupsASP.NETWindows FormsLanguages.NET FrameworkVisual Studio.NET
Articles.NET FrameworkASP.NETToolsWindows Forms
.NET DirectoryOpen Source ProjectsUser GroupsWeb Resources
Related Topics
Visual Basic 6SQL ServerMS AccessOther DB ProductsMS Server ProductsMore Topics ...
.NET Forum / ASP.NET / Web Services / April 2006

Tip: Looking for answers? Try searching our database.

Saving encrypted an signed information from incomming Messages in

Thread view: 
Enable EMail Alerts  Start New Thread
Thread rating: 
Peter Schuhmann - 05 Apr 2006 12:05 GMT
Saving encrypted and signed information from incomming Soap-Messages in a
directory or database

(C#-WebService)

The Client sends his username/password and some other information to the
WebService. Those information are encrypted and signed. In the web.config
it’s possible to enable diagnostics. All incomming and outgoing messages are
save in those files.

<diagnostics>
     <trace enabled="true" input="InputTrace.webinfo"
output="OutputTrace.webinfo"/>
   </diagnostics>

In those files it is possible to see the encrypted data and the signature.
Now I want to save some of those information (some content of those files) in
a directory or database without saving them first in other files like
“InputTrace.webinfo”. I want to save the Header with information about the
signature and the encrpyted data and its signature (= all data bevore
processing steps).

If i try to use the actually context (RequestSoapContext.Current) i don’t
have access to sensible informations (private members).

Is there any method or event how I can get the encrypted data and its
signature of incomming messages?

(Perhaps using
Microsoft.Web.Services3.Diagnostics.Configuration.TraceConfiguration or
Microsoft.Web.Services3.Diagnostics.Configuration.DiagnosticsConfiguration ?)

Are there any Events on incomming messages?
Reply to this Message
Pablo Cibraro - 05 Apr 2006 16:09 GMT
Hi Peter,

Did you try with the property RequestSoapContext.Current.Envelope ?.
That property is a Xml document with the entire soap envelope. Of course,
you will have to use xpath to get the security header of the message.

Note: The security assertion removes the security header from the envelope
after processing it,
so you will have to develop a custom assertion and configure it before the
security assertion in the policy.

Let me know if you need more details about this solution.

Regards,
Pablo Cibraro
http://weblogs.asp.net/cibrax

> Saving encrypted and signed information from incomming Soap-Messages in a
> directory or database
[quoted text clipped - 32 lines]
>
> Are there any Events on incomming messages?
Reply to this Message
Peter Schuhmann - 07 Apr 2006 18:29 GMT
> Note: The security assertion removes the security header from the envelope
> after processing it,

Yes, thats why i can't use the header (RequestSoapContext.Current.Envelope)

>so you will have to develop a custom assertion and configure it before the
> security assertion in the policy.

You're right. i developed a custom assertion. (after some problems i noticed
that 'before' is a important word, now i can save the encrypted and signed
data)

Fine, thanks!
Reply to this Message

 Rate this thread:







Free Magazines

Get these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...

Oracle MagazineNetwork ComputingComputer WorldBio-IT WorldeWeekInformation WeekInfosecurity
 
Sign In
Join
My Latest Posts
My Monitored Threads
My Blog
My Photo Gallery
My Profile
My Homepage
Start New Thread
Enable EMail Alerts
Rate this Thread



©2008 Advenet LLC   Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.