Home | Contact Us | FAQ | Search & Site Map | Link to Us
Sign In | Join | Other 45 Sites in Network
HomeAnnouncementsFree MagazinesWhite PapersSubmit Content
Discussion GroupsASP.NETWindows FormsLanguages.NET FrameworkVisual Studio.NET
Articles.NET FrameworkASP.NETToolsWindows Forms
.NET DirectoryOpen Source ProjectsUser GroupsWeb Resources
Related Topics
Visual Basic 6SQL ServerMS AccessOther DB ProductsMS Server ProductsMore Topics ...
.NET Forum / ASP.NET / Web Services / December 2004

Tip: Looking for answers? Try searching our database.

Encryption in WS-Policy and WSE2.0

Thread view: 
Enable EMail Alerts  Start New Thread
Thread rating: 
Hernan de Lahitte - 10 Dec 2004 20:29 GMT
Hi Guys,

Does anybody knows how to encrypt applying WS-Policy with WSE2.0 (SP2)
something other than wsp:Body() and wse:UsernameToken() ? Are filters the
way to go or there is any other trick to use ?

If you don?t know what I mean, just try to encrypt something apart from body
and UsernameToken and you will receive an exception much like this one:
"Microsoft.Web.Services2.Policy.PolicyEnforcementException: WSE429: It is
only possible to enforce the Confidentiality assertion using the following
message parts in the SOAP message part dialect: wsp:Body()
wse:UsernameToken()."

In fact, I?m looking for some way to encrypt the signature digest of a
message.

Thanks,

Hernan de Lahitte
http://weblogs.asp.net/hernandl
http://www.lagash.com/english/index.html

"An expert is one who knows more and more about less and less until he knows
absolutely everything about nothing".
Reply to this Message
Softwaremaker - 11 Dec 2004 01:13 GMT
Hernan,

I did spent some time on issues like this recently and it will be reflected
in an article soon (I hope) on MSDN. Now before, we go on trying to solve
your problem. Is there a specific reason why you are encrypting the
signature ?

A note of caution I can give is that signatures can and may be verified
along the way via SOAP intermediaries. If you encrypt them, the
intermediaries will not be able to verify the authencity of it and therefore
cannot trust it.

Signature

Thank you.

Regards,
Softwaremaker
http://www.softwaremaker.net/blog

=========================================

> Hi Guys,
>
[quoted text clipped - 20 lines]
> "An expert is one who knows more and more about less and less until he knows
> absolutely everything about nothing".
Reply to this Message
Softwaremaker - 11 Dec 2004 08:38 GMT
Hernan,

I have documented this in my blog. Do check it out here.
http://www.softwaremaker.net/blog/PermaLink,guid,45822828-5b63-4cb6-b139-97bd1ab
03ec4.aspx

hth.
Signature

Thank you.

Regards,
Softwaremaker
http://www.softwaremaker.net/blog

=========================================

> Hernan,
>
[quoted text clipped - 34 lines]
> knows
> > absolutely everything about nothing".
Reply to this Message
Softwaremaker - 11 Dec 2004 08:40 GMT
Do comment there and let me know if it helps. Good Luck !

> Hernan,
>
> I have documented this in my blog. Do check it out here.

http://www.softwaremaker.net/blog/PermaLink,guid,45822828-5b63-4cb6-b139-97bd1ab
03ec4.aspx

> hth.
> > Hernan,
[quoted text clipped - 40 lines]
> > knows
> > > absolutely everything about nothing".
Reply to this Message

Free Magazines

Get these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...

Oracle MagazineNetwork ComputingComputer WorldBio-IT WorldeWeekInformation WeekInfosecurity
 
Sign In
Join
My Latest Posts
My Monitored Threads
My Blog
My Photo Gallery
My Profile
My Homepage
Start New Thread
Enable EMail Alerts
Rate this Thread



©2008 Advenet LLC   Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.