Home | Contact Us | FAQ | Search & Site Map | Link to Us
Sign In | Join | Other 45 Sites in Network
HomeAnnouncementsFree MagazinesWhite PapersSubmit Content
Discussion GroupsASP.NETWindows FormsLanguages.NET FrameworkVisual Studio.NET
Articles.NET FrameworkASP.NETToolsWindows Forms
.NET DirectoryOpen Source ProjectsUser GroupsWeb Resources
Related Topics
Visual Basic 6SQL ServerMS AccessOther DB ProductsMS Server ProductsMore Topics ...
.NET Forum / ASP.NET / Web Services / November 2007

Tip: Looking for answers? Try searching our database.

UserNameToken in WSE 3.0 - can I pass the password as byte[]?

Thread view: 
Enable EMail Alerts  Start New Thread
Thread rating: 
bainite13@gmail.com - 19 Oct 2007 15:47 GMT
I'm writing an client application to consume an existing web service
which requires password digest authentication. I tried to use
UserNameToken in WSE 3.0 but found every time the authentication will
fail. After debugging the code I found out the hashing algorithm for
the web service is a little bit different, it's something like:

Base64(SHA-1(Nonce + Created + SHA-1(password)))

Note the password is hashed as an byte[] before it was combined with
nonce and created. However in UserNameToken I can only pass password
as a string. Even if I hash the password and convert to a string then
pass to UserNameToken it will produce a totally different password
digest.

My question is, is there any way to get around this within WSE? The
algorithm for hashing the password cannot be changed as it's already
in production. I don't want to re-write the whole thing to produce the
soap header as WSE already did it except for this one.
Reply to this Message
BigJohn - 19 Nov 2007 15:16 GMT
Not sure if this is what you are looking for, but for a WSE Service call
where a UsernameTokenManager is available in the service, here is what I have
had working in the client:

On the WSE 3.0 Settings ... wizard, set up a policy in the Policy tab named
"APPPolicy".  The name is essential.

In the application:
           Imports Microsoft.Web.Services3.Security
           Imports Microsoft.Web.Services3.Security.Tokens

...
           Dim wsAPP As New WebReferenceName.ServiceWSE

           ' Define username token
           Dim wsToken As New Tokens.UsernameToken(strID, strPSW,
PasswordOption.SendPlainText)

           ' Assign token to service container
           wsApp.SetClientCredential(wsToken)
           wsApp.SetPolicy("APPPolicy")

           ' call needed function/method from service
           dim strResults as String = wsApp.GetData(Data_Parameters)

Of course this is all wrapped in a Try/Catch block.

Hopefully this helps.  Good luck
Reply to this Message

Free Magazines

Get these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...

Oracle MagazineNetwork ComputingComputer WorldBio-IT WorldeWeekInformation WeekInfosecurity
 
Sign In
Join
My Latest Posts
My Monitored Threads
My Blog
My Photo Gallery
My Profile
My Homepage
Start New Thread
Enable EMail Alerts
Rate this Thread



©2008 Advenet LLC   Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.