 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
.NET Forum / ASP.NET / Web Services / January 2007Help with Setting Policy Programmatically in WSE 3.0
The service is setting the policy with the config file. The Client used to work when set with the config file. Now I am trying to implement it with code. ///////////////////////////////// //Test Set By Config THIS WORKED // Set the ClientPolicy onto the proxy //serviceProxy.SetPolicy("ClientPolicy"); ///////////////////////////////// //Test Set By Code DOES NOT WORK first error is that signature cannot be nul X509SecurityToken oX509CT = RetrieveTokenFromStore2("My", StoreLocation.CurrentUser, "CN=WSE2QuickStartClient"); MessageSignature oSignature = new MessageSignature(oX509CT); serviceProxy.RequestSoapContext.Security.Elements.Add(oSignature); serviceProxy.SetClientCredential(oX509CT); X509SecurityToken oX509CTS = RetrieveTokenFromStore2("AddressBook", StoreLocation.CurrentUser, "CN=WSE2QuickStartServer"); EncryptedData oEncryptedData = new EncryptedData(oX509CTS); serviceProxy.RequestSoapContext.Security.Elements.Add(oEncryptedData); serviceProxy.SetServiceCredential(oX509CTS); // Create a new policy. Policy oWebServiceClientPolicy = new Policy(); // Specify that the policy uses the MutualCertificate11 turnkey security assertion. MutualCertificate11Assertion oMCA = new MutualCertificate11Assertion(); oMCA.EstablishSecurityContext = false; oMCA.RenewExpiredSecurityContext = true; oMCA.RequireSignatureConfirmation = true; oMCA.MessageProtectionOrder = MessageProtectionOrder.SignBeforeEncrypt; oMCA.RequireDerivedKeys = false; oMCA.TtlInSeconds = 300; oMCA.Protection.Request.SignatureOptions = SignatureOptions.IncludeAddressing | SignatureOptions.IncludeTimestamp | SignatureOptions.IncludeSoapBody; oMCA.Protection.Request.EncryptBody = true; oMCA.Protection.Response.SignatureOptions = SignatureOptions.IncludeAddressing | SignatureOptions.IncludeTimestamp | SignatureOptions.IncludeSoapBody; oMCA.Protection.Response.EncryptBody = true; oWebServiceClientPolicy.Assertions.Add(oMCA); // Apply the policy to the SOAP message exchange. serviceProxy.SetPolicy(oWebServiceClientPolicy); //End Test Set By Code ///////////////////////////////// String[] symbols = {"FABRIKAM", "CONTOSO"}; StockQuote[] quotes = serviceProxy.StockQuoteRequest(symbols); I would appreciate any help! Gary This might help // A policy is simply a collection of assertions, // in this case there's only one. Policy pPolicy = new Policy(); AuthorizationAssertion aaAuthAssertion = new AuthorizationAssertion(); MutualCertificate11Assertion mc11aCertAssertion = new MutualCertificate11Assertion(); RequireActionHeaderAssertion rahaActionHeaderAssertion = new RequireActionHeaderAssertion(); //mc11aCertAssertion.ClientX509TokenProvider = new X509TokenProvider(StoreLocation.CurrentUser, StoreName.My, "<Base64 String here>", X509FindType.FindBySubjectKeyIdentifier); //mc11aCertAssertion.ServiceX509TokenProvider = new X509TokenProvider(StoreLocation.CurrentUser, StoreName.AddressBook, "<Base64 String here>", X509FindType.FindBySubjectKeyIdentifier); mc11aCertAssertion.ClientX509TokenProvider = RetrieveTokenFromStore2("AddressBook", StoreLocation.CurrentUser, "CN=WSE2QuickStartServer"); mc11aCertAssertion.ServiceX509TokenProvider = RetrieveTokenFromStore2("My", StoreLocation.CurrentUser, "CN=WSE2QuickStartClient"); EndpointProtectionRequirements epr = mc11aCertAssertion.Protection; // require signature and encryption for outgoing requests epr.Request.SignatureOptions = SignatureOptions.IncludeAddressing | SignatureOptions.IncludeTimestamp | SignatureOptions.IncludeSoapBody; epr.Request.EncryptBody = true; // require signature and encryption for incoming response epr.Response.SignatureOptions = SignatureOptions.IncludeAddressing | SignatureOptions.IncludeTimestamp | SignatureOptions.IncludeSoapBody; epr.Response.EncryptBody = true; // require signature only for incoming faults epr.Fault.SignatureOptions = SignatureOptions.IncludeAddressing | SignatureOptions.IncludeTimestamp | SignatureOptions.IncludeSoapBody; epr.Fault.EncryptBody = false; mc11aCertAssertion.EstablishSecurityContext = true; mc11aCertAssertion.RenewExpiredSecurityContext = true; mc11aCertAssertion.RequireSignatureConfirmation = true; mc11aCertAssertion.MessageProtectionOrder = MessageProtectionOrder.SignBeforeEncrypt; //The default value is false mc11aCertAssertion.RequireDerivedKeys = false; //The default value is 5 min = 300 sec... mc11aCertAssertion.TtlInSeconds = 300; pPolicy.Assertions.Add(mc11aCertAssertion); pPolicy.Assertions.Add(rahaActionHeaderAssertion); serviceProxy.SetPolicy(pPolicy); > The service is setting the policy with the config file. > [quoted text clipped - 69 lines] > > Gary Free MagazinesGet these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...
|
Reply to this Message
|
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2008 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.