Home | Contact Us | FAQ | Search & Site Map | Link to Us
Sign In | Join | Other 45 Sites in Network
HomeAnnouncementsFree MagazinesWhite PapersSubmit Content
Discussion GroupsASP.NETWindows FormsLanguages.NET FrameworkVisual Studio.NET
Articles.NET FrameworkASP.NETToolsWindows Forms
.NET DirectoryOpen Source ProjectsUser GroupsWeb Resources
Related Topics
Visual Basic 6SQL ServerMS AccessOther DB ProductsMS Server ProductsMore Topics ...
.NET Forum / ASP.NET / Web Services / April 2005

Tip: Looking for answers? Try searching our database.

Implementing WSE

Thread view: 
Enable EMail Alerts  Start New Thread
Thread rating: 
Nick - 25 Apr 2005 18:03 GMT
I am new to WSE...  I have read over examples from Microsoft and others, but
I am not able to get WSE to work.  My client has an existing database of
users and password that would like a new applicaiton.  I can either use
Remoting or Webservices with it.  Regular web services work great and I could
use them all day long but using them with WSE I get stuck.  I am trying to
take my existing webservice and secure it using the features of WSE such as
usernametokes, message signing, and role based security (there is a table in
the clients database that contains permissions/roles)  Does anyone have an
example of how I can do this or any articles that explain it?  In theroy it
sounds pretty easy and I saw an example of how to do it months ago, but at
that time I was not using it at all.  Also if possible can WSE do 2 way
message signing such as from server -> client and client -> server?  I would
use windows authentication with this, but my client insists that we use the
existing database of user accounts.
Reply to this Message
[MSFT] - 26 Apr 2005 03:16 GMT
Hello,

I don't have a very proper sample on hand. Anyway, I suggest you may begin
with the quick start sample in WSE 2.0, for example, UsernameSigning. You
can first read the file readme.htm in the sample folder and run the
VBscript file to set up virtual folder for the samples, and then open the
samples in VS.NET to see if they can run on your server. If you have
further questions, please feel free to post here.

Luke
Reply to this Message
Dilip Krishnan - 26 Apr 2005 18:59 GMT
Pretty simple to do this.. Create a subclass of the
UsernameTokenManager.. override the Authenticate method and within that
method try and compare the username and pwd with the one in the
database. If they match return the client supplied pwd as the return.
Else return a predefined pwd that does not match the client supplied pwd.
   Another step you need to do is to configure the username token
manager in the web.config.

An example of doing this can be found in [0]

[0] - http://www.devx.com/security/Article/18207/0/page/2

> I am new to WSE...  I have read over examples from Microsoft and others, but
> I am not able to get WSE to work.  My client has an existing database of
[quoted text clipped - 10 lines]
> use windows authentication with this, but my client insists that we use the
> existing database of user accounts.

Signature

HTH
Regards,
Dilip Krishnan
MCAD, MCSD.net
dilip.krishnan AT apdiya DOT com

Reply to this Message

Free Magazines

Get these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...

Oracle MagazineNetwork ComputingComputer WorldBio-IT WorldeWeekInformation WeekInfosecurity
 
Sign In
Join
My Latest Posts
My Monitored Threads
My Blog
My Photo Gallery
My Profile
My Homepage
Start New Thread
Enable EMail Alerts
Rate this Thread



©2008 Advenet LLC   Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.