 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
.NET Forum / ASP.NET / Web Services / March 2005Usernametoken and activedirectory
hi!!! im sending a usernametoken with username/password and on the server i got a usernametokenmanager that authenticates the user in AD using LDAP. This works fine. The problem is that if the client dont send a usernametoken, the usernametokenmanager is never called and the user gets access. How can i prevent this ? Check out the "IsMessageSigned(SoapContext context)" method in the "How to: Verify Digital Signaturs of SOAP Messages Signed Using a User Name and Password" in the WSE Docs. You need to call IsMessageSigned (or what ever you create) in each method you want to enforce. You can also use Policy to enforce.  SignatureWilliam Stacey, MVP http://mvp.support.microsoft.com > hi!!! > [quoted text clipped - 6 lines] > > How can i prevent this ? Can you give my an url ? ive used the msdn search but it cant find anything about verify digital.... -Geir > Check out the "IsMessageSigned(SoapContext context)" method in the "How to: > Verify Digital Signaturs of SOAP Messages Signed Using a User Name and [quoted text clipped - 13 lines] > > > > How can i prevent this ? The WSE docs are on your computer if you installed WSE IIRC on your start menu. The link inside the help on my system is ms-help://MS.WSE20.1033/wse/html/23072609-310c-460d-9efc-ebfd8b77cef9.htm SignatureWilliam Stacey, MVP http://mvp.support.microsoft.com > Can you give my an url ? > [quoted text clipped - 19 lines] > > > > > > How can i prevent this ? Hello Geir, WS-I Basic profile does not support signatures using of the username token. Having said that, and provided you're using only WSE and .net on client and server you can use the signature policy to prevent unauthorized users. If not (e.g. java and .net interop) you need to either write your own policy assertion derived class that checks for the existence a username token in the soap context or may be even a filter which is easier to do. HTH Regards, Dilip Krishnan MCAD, MCSD.net dkrishnan at geniant dot com http://www.geniant.com > hi!!! > [quoted text clipped - 6 lines] > usernametokenmanager is never called and the user gets access. > How can i prevent this ? I have some .net webservices and a .net windows app. This works fine with normal domain/local accounts, but with AD i cant make it work. Does Integrated Windows Authentication work with Active Directory ? when i use a usernametokenmanager it works fine on my win xp computer, but when i install it on a win2k server i only get : WSE041: that my manager does not implement isecuritytokenmanager. ive just made a class that overrides authenticatetoken in usernametokenmanager like the examples says. any idea ? > Hello Geir, > WS-I Basic profile does not support signatures using of the username [quoted text clipped - 21 lines] > > usernametokenmanager is never called and the user gets access. > > How can i prevent this ?
Free MagazinesGet these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...
|
Reply to this Message
|
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2008 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.