 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
.NET Forum / ASP.NET / Web Services / May 2005WSE2 Sub-Classing
I would like our web service to look in our AD certificate store for the certificates used to verify trust when the web service is first called. Is that possible? If so, what methods would I need to override? Thanks. At the webservice, You can define a Custom input Filter class derived from SecurityInputFilter. In this custom filter class override the base class 'ProcessMessage' method. In your ProcessMessage add custom code (to get the certificate) and if you want to do authorizatio/authentication call the base class ProcessMessage. Hope this helps. > I would like our web service to look in our AD certificate store for the > certificates used to verify trust when the web service is first called. > > Is that possible? If so, what methods would I need to override? > > Thanks. Thank you. After getting the certificate from the AD in the new ProcessMessage method, where do I put it so the base class ProcessMessage can find it? Is there a property I need to assign the certificate to, or should I simply try to avoid using the base ProcessMessage altogether and do the authentication/verification in the new ProcessMessage? Thanks again. > At the webservice, You can define a Custom input Filter class derived from > SecurityInputFilter. In this custom filter class override the base class [quoted text clipped - 10 lines] > > > > Thanks. I haven't dealt with certificates at the webservice. I used my Custom input filter to do some checking in the http application cache and then call the base class ProcessMessage method to authenticate/Authorize the user against the AD. I'm just curious, Will you be using https to communicate with the webservice? if so can't you make use of IIS to deal with certificates? let me know how you implement the solution for this. > Thank you. > [quoted text clipped - 20 lines] > > > > > > Thanks. Thanks again, Yedu. Yes we do use SSL, but the certificates we use are personal certificates that we have already issued to the user. Remember, the web service is called directly from the client's browser, not another web server. Right now, when we issue a certificate, a copy of it (- private key of course) is stored in the AD with the user's other account info. Then we have to copy it to the web server where the web service runs. We want to actually get WSE to look for the certificate in the AD instead of requiring its presence on the web server. Thanks. > I haven't dealt with certificates at the webservice. I used my Custom input > filter to do some checking in the http application cache and then call the [quoted text clipped - 30 lines] > > > > > > > > Thanks. Free MagazinesGet these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...
|
Reply to this Message
|
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2008 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.