 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
.NET Forum / ASP.NET / Web Services / April 2006Sign, Encrypt, secure session
If I use the usernameForCertificateAssertion and I use a certificate to sign and encrypt the soap message do I also need to Establish a secure session to get the username and password encrypted? Thanks in advance. Hi Mark, As for the usernameForCertificate Assertion, it will be responsible for securing the username/password credential of the authentication service, there is not need to add additional transport layer security(like https/ssl). You need to use a secure transport layer when you are using usernameOverTransport policy assertion, in such case, WSE (the assertion) do nothing on the SOAP message's securing. HOpe this helps. Regards, Steven Cheng Microsoft Online Community Support ================================================== When responding to posts, please "Reply to Group" via your newsreader so that others may learn and benefit from your issue. ================================================== This posting is provided "AS IS" with no warranties, and confers no rights.
Free MagazinesGet these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...
|
Reply to this Message
|
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2008 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.