| Encrypting the response (12 replies, VIP) |
| microsoft.public.dotnet.framework.webservices.enhancements |
| Looks like it should be fairly simple from the example provided with WSE 2 install. I get an error on the last line. Retrieve the signing token OK. It's definitley not nothing. Anything I am doing wrong. IN THE WEB METHOD Dim x509st As X509SecurityToken Dim se As ISecurityElement 'loop over security elements in request For Each se In context.Security.Elements 'when current element is message signa... |
|
| Where do I buy x.509 certificates? (7 replies, VIP) |
| microsoft.public.dotnet.framework.webservices.enhancements |
| I've looked on the verisign site and can't find it. |
|
| WSE Requires Private Key in MachineKey Folder? (4 replies, VIP) |
| microsoft.public.dotnet.framework.webservices.enhancements |
| Hello Readers, I'm trying to create a web service client using VS .NET 2003 along with WSE 2.0 under Win2K Prof. I'm having trouble using a X.509 digital certificate as it seems my app generates a windows exception when trying to read the private key of the certificate. I believe the digital certificate is installed on my machine as I can see it in both mmc and the X509 Certificate Tool that comes... |
|
| Multiple threads using the same client proxy object issue (3 replies, VIP) |
| microsoft.public.dotnet.framework.webservices.enhancements |
| Hi, We have multiple clients/threads, they are all using the same proxy object to send requests to the server. If the SCT expires, a new token is obtained but sometimes subsequent requests seem to time out and sometimes we see the following exception. System.Web.Services.Protocols.SoapHeaderException: Microsoft.Web.Services2.Security.SecurityFault: The specified source for the derivation is unknow... |
|
| WSE 2 and impersonation (6 replies, VIP) |
| microsoft.public.dotnet.framework.webservices.enhancements |
| I have a WSE 2 server and an older .Net application that I extended that now acts as a WSE 2 client. Part of the original functionality of the client was that it was available to COM callers. I now want the client to impersonate the COM caller and send some soap messages to my WSE 2 server. Before the client makes the WSE call I am able to grab the current user principle in order to impersonate, b... |
|
| Am I missing something or has MS missed the plot? (2 replies) |
| microsoft.public.dotnet.framework.webservices.enhancements |
| Hi, you are right Windows needs the password in plaintext to impersonate a user (having to call LogonUser, which requires a password). Thinking about it it is the only way Windows can do it. So if you want to use the Windows infrastructure that's already there you have to combine option 1 or 3 with option 2. If SSL seems too slow to you buy a SSL processor card (IIS6 supports them) to speed up the... |
|
| WS-Security with makecert (3 replies, VIP) |
| microsoft.public.dotnet.framework.webservices.enhancements |
| I'm trying to pass an X509SecurityToken from my client to my web service. The certificate was made using makecert.exe, so it obviously isn't trusted by the system. The problem now is that my service rejects the call outright with the following message: Microsoft.Web.Services2.Security.SecurityFault: The security token could not be authenticated or authorized > System.Security.SecurityException:... |
|
| WSE 2.0 issue with token expiry (3 replies, VIP) |
| microsoft.public.dotnet.framework.webservices.enhancements |
| Hi, We are using WSE 2.0 SP1. We have configured a token issuer on the web service. The client obtains a SCT providing a username token as the base token. The server returns the SCT and signs the message with its certificate. The client then signs and encrypts the soap message using the derived key from the security context token. We have configured the token expiry to be 10 minutes for our tests.... |
|
| Problem in WSE 2.0 SP1 (3 replies, VIP) |
| microsoft.public.dotnet.framework.webservices.enhancements |
| From reflecting the code of WSE 2.0 SP1 I see that the implementation of Microsoft.Web.Services2.SoapEnvelope.GetBodyObject(Type, String) was changed to pass a StringReader instead of an XmlNodeReader (as it was in WSE 2.0 RTM) to System.Xml.Serialization.XmlSerializer.Deserialize(TextReader). Could this explain why suddenly '\r' is replaced by '\n' as the content of xs:string fields? How did I st... |
|
| WSE 2.0 SP1 Bug (2 replies, VIP) |
| microsoft.public.dotnet.framework.webservices.enhancements |
| When making a simple web service call to a server with WSE 2.0 SP1 installed, I get the following error message: System.Web.Services.Protocols.SoapException: Server was unable to process request. System.NullReferenceException: Object reference not set to an instance of an object.\n at Microsoft.Web.Services2.WebServicesExtension.AfterDeserialize(SoapMessage message)\n at Microsoft.Web.Services2.We... |
|
| Problem when switching from SoapClient to WebServicesClientProtocol (7 replies) |
| microsoft.public.dotnet.framework.webservices.enhancements |
| I have a working C# class library that acts as a soap client. It was implemented by extending the SoapClient object which gave me full control over the formatting of the soap body: public class InventoryProxy : SoapClient { ...working code goes here...} The vendor providing the web service will be requiring that all soap messages (requests) be digitally signed, and later on also encrypted. So, I'v... |
|
| PolicyVerificationException: WSE464: No policy could be found (2 replies, VIP) |
| microsoft.public.dotnet.framework.webservices.enhancements |
| I have a web client consuming a web service. Both are on localhost. I am securing the communication using WSE 2.0 Policy with X.509 certificates. I am following all the standard procedures using WSE Security tool. I have also secured number of other clients and services on the same machine and they are working fine. But for this particular instance, I am getting the exception as "WSE464: No policy... |
|
| WSE stupid question.... (5 replies, VIP) |
| microsoft.public.dotnet.framework.webservices.enhancements |
| I am thinking of using attachments in WSE 2.0 to move a large file (100 Mb) across a VPN to a third party network, does the client of the web service implementing WSE 2.0 have to support WSE2.0 or can the cleint be any OS that supports web services? Cheers Ollie Riches |
|
| Using dynamic url changes generated proxy (2 replies, VIP) |
| microsoft.public.dotnet.framework.webservices.enhancements |
| a general advice: leave the generated classes untouched. if you want to customize the proxy in any way, inherit from the proxy and to your customisation there. use the inherited class in your app to call the webservice. in this way you can modify the proxy behaviour (e.g. reading some values from config files,add properties...) and can always regenerate the web proxy without loosing your changes..... |
|
| Encrypted response (2 replies, VIP) |
| microsoft.public.dotnet.framework.webservices.enhancements |
| What would be teh proper way to encrypt a SOAP response from a Web Service without using x.509 or Kerberos? I know I could do it using straight symmetric encryption algorithms like DES, but I'd rather use something more secure. I am encrypting the request to the Web Service using a UsernameToken. I'm thinking that a move to writing and using a custom binary token service. Would this be usable to e... |
|
| Problem using DIME attachments with files larger than 4MB (2 replies, VIP) |
| microsoft.public.dotnet.framework.webservices.enhancements |
| I'm currently developing a .NET application using WSE 2.0 for Uploading files to a server. After changing the following lines in the web.config to increase the maxRequestLength, I'm also able to upload files larger than 4MB: microsoft.web.services2 messaging maxRequestLength 2097151 /maxRequestLength /messaging diagnostics / security / /microsoft.web.services2 Now I want to download these files to... |
|
| Policy choice for the client. (2 replies, VIP) |
| microsoft.public.dotnet.framework.webservices.enhancements |
| Hi From what I understand of WSE2.0 and Policy you can declare a service as requiring say a Kerberose token and the .net client will automatically wrap your windows identity in a Kerberose tocken and send it to the server. Is that basically right? I'm not saying this is all policy does : ). However, if my service had a policy that says EITHER a kerberose token or a UserNamePassword token can be gi... |
|
| WSDL Username Token Signature & Encryption? (7 replies) |
| microsoft.public.dotnet.framework.webservices.enhancements |
| My service requires a Username token. It also requires a MessageSignature and EncryptedData (using said token.) Is there any way to specify what is expected in my WSDL document? If not, how will the service consumer know what token(s) are required? Thanks, Ben to reply, remove .s.p.a.m. from email |
|
| Custom UsernamtTokenManager not being called in Windows service (2 replies) |
| microsoft.public.dotnet.framework.webservices.enhancements |
| I wrote a custom UsernameTokenManager class that works as intended when installed in a sample ASP.NET application. I tested first using a simple asmx, then again with a class derived from SoapService and registered in web.config. I am now attempting to host the same SoapService code in a service, registering an endpoint as a SoapReceiver. This also works, but I cannot get my custom user token clas... |
|
| Article on WSE 2.0 (2 replies) |
| microsoft.public.dotnet.framework.webservices.enhancements |
| Building Real World SOAP Messaging Applications using WSE 2.0 (Part 1) by D. Venkatesh Prasad |
|
| Why can't I step into my web service? (3 replies, VIP) |
| microsoft.public.dotnet.framework.webservices.enhancements |
| I used to be able to step into it my web service. I think I stopped being able to when I starting using WSE2. Any ideas? |
|
| Sending default credentials with WSE 2.0 ? (2 replies, VIP) |
| microsoft.public.dotnet.framework.webservices.enhancements |
| I need to use integrated security between servers. This require double hops, which is not supported by NTLM. We do not use Kerberos. I hope WSE 2.0 can help me. Is it possible to send the default credentials (the logged on user) as a security token in WSE 2.0 ? Example Machine 1: a user with browser that connect to Server 1 Server 1: Can use integrated security to identify user. Server 1 calls Ser... |
|
| Hands-On Labs (2 replies, VIP) |
| microsoft.public.dotnet.framework.webservices.enhancements |
| I have just finished reading the MS Hand On Labs (Manuals) #33(Messaging) and #34(Security), being very pleased with the material. They were mentioned in some of the discussions here, that's how I got them in the first place. I wander if another HOL manuals of that kind (particulary the ones related to other WSE technologies like routing, addressing etc.) exist and are they freely available somewh... |
|
| Switching SoapClient -> WebServicesClientProtocol (WSE 2.0 SP1) (5 replies) |
| microsoft.public.dotnet.framework.webservices.enhancements |
| All, I have a webservice proxy class which I would like to use with WSE 2.0 SP1. Thus I switched the base class from SoapClient to WebServicesClientProtocol. Now I'm not able anymore to compile the proxy class since in the generated methods there are method calls like 'base.SendRequestResponse' and in the WebServicesClientProtocol there aren't such methods. Any ideas? Thanks! Regards, Yves |
|
| WSE 2.0 PolicyCache.config files non-compliant with referenced sch (3 replies, VIP) |
| microsoft.public.dotnet.framework.webservices.enhancements |
| I am getting acquainted with WSE and hope to use it in a thesis project. Trying to understand the policy files a bit more, I downloaded most of the schema files and was alarmed to find that the policyCache.config files that are generated by the wse 2.0 config tool are not compliant with the schemas. Specifically, the schemas at http://schemas.xmlsoap.org/ws/2002/12/policy and http://schemas.xmlsoa... |
|
| X509 takes very long time (2 replies, VIP) |
| microsoft.public.dotnet.framework.webservices.enhancements |
| I'm getting awfully bad response time calling a web service and signing it with X509. This is the simplest possible service, taking a short string. It takes about 13 seconds, 26 seconds or up to 45 seconds. I've tried to track down what is taking all this time and it's essentially all on the server side. I've timestamped the calls into X509SecurityTokenManager. About half of the time is lost betwe... |
|
| Stale EndpointReferences (3 replies, VIP) |
| microsoft.public.dotnet.framework.webservices.enhancements |
| The WS Addressing and WS Messaging support in WSE 2.0 allow exchanging EndpointReferences between services clients and providers (e.g. WS Eventing). Typically, a Web Service may store the EndPointReference in a database. What is the WS recommended way to handle EndPointReferences that may be stale because the The Service hosting the endpoint moved to another machine are is using a different transp... |
|
| WS-Security with soap.tcp (10 replies) |
| microsoft.public.dotnet.framework.webservices.enhancements |
| Hi, I'm just getting started with all this wse 2.0 stuff so hopefully I'm not too lost with terminology. First, I created a console app derived from SoapServer that has a soap.tcp endpoint. I then created a second console app derived from SoapClient that will connect to the SoapServer. This works fine, but now I want to add some WS Security stuff to it. I looked at some samples and they all seem t... |
|
| How to secure specific web service from client side (WSE 2.0 SP1) (6 replies) |
| microsoft.public.dotnet.framework.webservices.enhancements |
| I have a client talking with three different web services. I want to secure the communication for only one webservice. Since the WSE tool doesn't allow me to mention endpoint uri at client side, I have manually changed the policyCache.config file from: defaultEndpoint defaultOperation request policy "#Sign X.509 Encrypt X.509 8" / response policy "#Sign X.509 Encrypt X.509 9" / fault policy "" / /... |
|
| Setting To Header & TCPMon (4 replies, VIP) |
| microsoft.public.dotnet.framework.webservices.enhancements |
| I've read a lot of postings in here about how you have to set the To attribute to the url when using a tool such as TCPMon. Where/How exactly is this done? Am I supposed to do it on the client side, server side? Am I supposed to do this through the Actor attribute? Can someone give a newbie details. Thanks SB |
|
| Error in XML Document (4 replies, VIP) |
| microsoft.public.dotnet.framework.webservices.enhancements |
| Hi A web method which returns a dataset works fine when the web service it belongs to is running locally. When run on a remote server I get the following error; Unhandled Exception: System.InvalidOperationException: There is an error in XML document (1, 142804). System.Xml.XmlException: The 'user email' start tag on line '1' does not match the end tag of 'us'. Line 1, position 142823. even though ... |
|
| WSE 2.0 and structured Exceptionhandling (5 replies, VIP) |
| microsoft.public.dotnet.framework.webservices.enhancements |
| Hello, I've built a soap.tcp based webservice using WSE 2.0, which runs quite smoothly. When I throw an exception on the server side, the exception in propagated to the client as SoapException. If I turn "detailedErrors" on, I get the message of the original exception somewhere in the message of the SoapException. But the innerException is empty, so I cannot access the original exception. Here is ... |
|
| header <To> (4 replies) |
| microsoft.public.dotnet.framework.webservices.enhancements |
| Hello, I tried to use TCPMonitor which redirects all request from port 8080 to 80. I changed URL to http://localhost:8080/UsernameSignCodeService/UsernameSigningService.asmx in UsernameToken sample. WebService raised : Destination Unreachable System.Exception: WSE816: The To header must match the value of an incoming message's HTTP Request Url if the soap receiver does not have an actor name. The ... |
|
| change http content type (3 replies, VIP) |
| microsoft.public.dotnet.framework.webservices.enhancements |
| I am using WSE 2.0 to call a web service that I do not control. The owner of that web service would like me to change my content type from "text/xml" to "application/x www form urlencoded". I cannot find any information on how to actually change the content type though. Any help would be greatly appreciated! Thanks! Josh Pollard josh.glmotorsports.net/blog |
|
| How to sign request which use wsewsdl2 genereted proxy (2 replies, VIP) |
| microsoft.public.dotnet.framework.webservices.enhancements |
| How to sign request which use wsewsdl2 genereted proxy? I can't access RequestSoapContext!? Thnx for yours advice. Here is Client code: using System; using Microsoft.Web.Services2; using Microsoft.Web.Services2.Diagnostics; using System.Diagnostics; using Microsoft.Web.Services2.Security; using Microsoft.Web.Services2.Security.X509; namespace DiagnozaClient { class Client { public void Run() { // ... |
|
| Trouble using test X509 certificates:System.Security.Cryptography.CryptographicException: Cryptography_CSP_NoPrivateKey (2 replies, VIP) |
| microsoft.public.dotnet.framework.webservices.enhancements |
| (Type your message here) From: ravina rao Hello , I have a problem using X509 certificates and need some help soon.This is my first attempt at this so do not know where I am going wrong This is what's going on 1.I have a web client called AuthWebClient talking to a web service named AuthWebService 2.I have successfully implemented UsernameToken authentication for this using WSE and am now trying t... |
|
| calling a webservice from an aspx page (4 replies, VIP) |
| microsoft.public.dotnet.framework.webservices.enhancements |
| Hi, I created a simple webservice. Now I would like to call it from an aspx page. I tried the following code, but I keep getting a remote server error. When I try to access the webservice directly (http://localhost/webserviceTest/Service1.asmx/Hello), I also get an error: Request format is unrecognized. What am I missing here ? string url "http://localhost/webserviceTest/Service1.asmx/Hello"; Http... |
|
| Interop with RSA Secure-WS product (4 replies, VIP) |
| microsoft.public.dotnet.framework.webservices.enhancements |
| I am trying to get a very simple "Hello World" type web service to work with a client that uses the RSA WS Secure SDK to implement the WS Security portion of the message. I am signing and encrypting with X509v3 certificates, which I have tested with a regular .Net web service client app against the server. The server is set up with WS Policy to expect the specific signature and encryption. The RSA... |
|
| Proxy authentication failure (4 replies) |
| microsoft.public.dotnet.framework.webservices.enhancements |
| Hi I am trying to access a web service from a desktop app which is running behind an ISA Server (Windows 2003 network). The desktop app fails with the message 'The request failed with HTTP status 470: Proxy authentication required (The ISA Server requires authorization to fulfil the request. Access to the Web Proxy Service is denied). The client app is in vb.net and the second line below gives the... |
|
| Error calling web service (3 replies) |
| microsoft.public.dotnet.framework.webservices.enhancements |
| Hi My first web service seems to be OK as I can put its url in explorer and can use the invoke button to view the returned data as xml. The problem comes when I call it form a client app using; Dim ws As New localhost.StaffWS Dim ds ws.GetStaffDiary When the second line above is executed I get a 'The request failed with HTTP status 401: Access Denied.' error on the line indicated below in the \web... |
|
| Calling an ASMX web service (with WSE 2.0) using SoapClient proxy (7 replies) |
| microsoft.public.dotnet.framework.webservices.enhancements |
| Hi all: In order to have one generic proxy class on my client that can both handle TCP and HTTP channels, I created a class that derives from SoapClient. It can call my TCP SoapService (running as a Windows Service) fine. It can call my HTTP .asmx Web Service, but apparently, the SOAP body does not get deserialized. The argument to my WebMethod is Nothing. Yet, in that same method calling RequestS... |
|
| Signing the part of the message (3 replies) |
| microsoft.public.dotnet.framework.webservices.enhancements |
| Hello, All! I have a problem with signing the part of the soap body via wse 2.0. Here is the code [code] Sub Main() Dim g As New localhost.gWse() Dim reqCtx As SoapContext g.RequestSoapContext Dim tok As New Tokens.UsernameToken(Environment.UserDomainName & "\" & Environment.UserName, "bla bla bla", Tokens.PasswordOption.SendHashed) reqCtx.Security.Tokens.Add(tok) Dim guid As Guid guid.NewGuid() D... |
|
| Error reading web service (2 replies) |
| microsoft.public.dotnet.framework.webservices.enhancements |
| Hi I am getting the following error when getting a dataset from a web method; Unhandled Exception: System.InvalidOperationException: There is an error in XML document (1, 138437). System.IO.IOException: Unable to read data from the transport connection. Any idea what it means and how to fix it? Thanks Regards |
|
| Problems with WSE (2 replies, VIP) |
| microsoft.public.dotnet.framework.webservices.enhancements |
| Hey All, I am a new to .Net Web service enhancements. I trying to learn it, and am using the tuorial provide by microsoft. I am doing the basic code shown below to get that started. Please tell me am I doing something wrong? What password do I use If I am using Windows 2K public class Service1 : System.Web.Services.WebService { public Service1() { //CODEGEN: This call is required by the ASP.NET We... |
|
| Reading Client Certificate Store to check if a certificate Exists (2 replies, VIP) |
| microsoft.public.dotnet.framework.webservices.enhancements |
| (Type your message here) Hi all, I am new with this WSE. I want to know how to check the Client Root store to see if a certain certificate exists on that machine or not. Any help would be appreciated. I tried using the below code for that, but didn't work. X509CertificateStore store X509CertificateStore.CurrentUserStore (X509CertificateStore.RootStore.ToString()); store.Open(); X509CertificateColl... |
|
| System.Net.WebException making web service calls about 10% of the time. (2 replies) |
| microsoft.public.dotnet.framework.webservices.enhancements |
| We are seeing a very frustrating intermittent problem. We are making Synchronious web service method calls from a .NET windows Service using the following syntax WebRequest.getResponse call it occasionally fails with the following error: 1) Exception Information ********************************************* Exception Type: System.Net.WebException Status: ConnectFailure Response: NULL Message: The ... |
|
| Null RequestSoapContext.Current in Soap Client problem (4 replies, VIP) |
| microsoft.public.dotnet.framework.webservices.enhancements |
| Hello all, I'm building a TCP web service using SoapClient/SoapService as my base proxy and WS classes, and need to stuff in a Username token on the client side. Problem is, the RequestSoapContext.Current object is null on the proxy side. Am I doing something wrong here? What do i need to do to add security tokens to a TCP web service using SoapClient? Any help would be greatly appreciated. Thanks... |
|
| how to access wse proxy.RequestSoapContext.Security object (2 replies, VIP) |
| microsoft.public.dotnet.framework.webservices.enhancements |
| Can someone tell me how can I access proxy.RequestSoapContext.Security object in my client? my proxy was generated by wsewsdl2.exe an looks like this: generated proxy: [SoapService("http://xmlsoap.org/Ping")] public class DiagnozaService : SoapClient { public DiagnozaService() : base( new Uri("http://localhost:8080/securesimple/Ping") ) { } [SoapMethod("")] public pingResponse vrniDiagnozo( diagno... |
|
| signing message element by id / no namespace (20 replies) |
| microsoft.public.dotnet.framework.webservices.enhancements |
| wse 1.01, vs.net 2003 c# IS it possible to sign an element of a soap message using an Id attribute without prefixing the Id attribute with a namespace. wse seems to call for a namespace referring to ws utility, but I need to be able to sign the Id without the namespace as the webservice I am consuming will not accept the Id with a NS prefix: Currently I have: soap:Header Operation d3p1:Id "MsgOper... |
|
| Another custom UsernameTokenManager (4 replies, VIP) |
| microsoft.public.dotnet.framework.webservices.enhancements |
| Have followed the examples by the letter in MSDN and I get the following when I call my web service method. Both locally in debug and remotely. System.Web.Services.Protocols.SoapHeaderException: SOAP header Security was not understood. Would be grateful of any pointers. |
|
