Configuring a WCF Client to Use UserName Credentials On the Request and Check Certificate Credentials On the Response?

For anyone who is interested, I was able to work around this problem by creating a CustomMessageEncoder (with help from this MSDN article ) to intercept the response message before WCF was able to handle it. There, I removed the BinarySecurityToken and Signature elements from the response before handing it off to WCF. I used the following method to remove the offending elements from the stream: private Stream RemoveSignatures(Stream stream) { XmlDocument doc = new XmlDocument(); doc.

Load(stream); XmlNamespaceManager nsMgr = new XmlNamespaceManager(doc. NameTable); nsMgr. AddNamespace("soap", "http://schemas.xmlsoap.org/soap/envelope/"); nsMgr.

AddNamespace("dsig", "http://www.w3.org/2000/09/xmldsig#"); nsMgr. AddNamespace("wsse", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"); XmlNode signatureNode = doc. SelectSingleNode("/soap:Envelope/soap:Header/wsse:Security/dsig:Signature", nsMgr); XmlNode binarySecurityTokenNode = doc.

SelectSingleNode("/soap:Envelope/soap:Header/wsse:Security/wsse:BinarySecurityToken", nsMgr); XmlNode headerNode = doc. SelectSingleNode("/soap:Envelope/soap:Header/wsse:Security", nsMgr); headerNode. RemoveChild(signatureNode); headerNode.

RemoveChild(binarySecurityTokenNode); return new MemoryStream(new UTF8Encoding(). GetBytes(doc. OuterXml)); } Obviously this is not the greatest solution.It's very 'hacky'.

But it works and if need be I can continue using it because the message security is already being taken care of by HTTPS transport If anyone can tell me a better way to solve this, I'm open.

For anyone who is interested, I was able to work around this problem by creating a CustomMessageEncoder (with help from this MSDN article) to intercept the response message before WCF was able to handle it. There, I removed the BinarySecurityToken and Signature elements from the response before handing it off to WCF. I used the following method to remove the offending elements from the stream: private Stream RemoveSignatures(Stream stream) { XmlDocument doc = new XmlDocument(); doc.

Load(stream); XmlNamespaceManager nsMgr = new XmlNamespaceManager(doc. NameTable); nsMgr. AddNamespace("soap", "http://schemas.xmlsoap.org/soap/envelope/"); nsMgr.

AddNamespace("dsig", "http://www.w3.org/2000/09/xmldsig#"); nsMgr. AddNamespace("wsse", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"); XmlNode signatureNode = doc. SelectSingleNode("/soap:Envelope/soap:Header/wsse:Security/dsig:Signature", nsMgr); XmlNode binarySecurityTokenNode = doc.

SelectSingleNode("/soap:Envelope/soap:Header/wsse:Security/wsse:BinarySecurityToken", nsMgr); XmlNode headerNode = doc. SelectSingleNode("/soap:Envelope/soap:Header/wsse:Security", nsMgr); headerNode. RemoveChild(signatureNode); headerNode.

RemoveChild(binarySecurityTokenNode); return new MemoryStream(new UTF8Encoding(). GetBytes(doc. OuterXml)); } Obviously this is not the greatest solution.It's very 'hacky'.

But it works and if need be I can continue using it because the message security is already being taken care of by HTTPS transport. If anyone can tell me a better way to solve this, I'm open.

The service accepts my credentials in the message with the way I have it set up now. I send the request and WCF receives the correct response. The problem is with WCF failing to deal with the signature in the response.

– AlEl May 28 '10 at 21:47.

For anyone who is interested, I was able to work around this problem by creating a CustomMessageEncoder (with help from this MSDN article ) to intercept the response message before WCF was able to handle it. There, I removed the BinarySecurityToken and Signature elements from the response before handing it off to WCF. I used the following method to remove the offending elements from the stream.

Seems like service isn't waiting for credentials at a place you providing them. Try to specify username and password for transport level instead.

I cant really gove you an answer,but what I can give you is a way to a solution, that is you have to find the anglde that you relate to or peaks your interest. A good paper is one that people get drawn into because it reaches them ln some way.As for me WW11 to me, I think of the holocaust and the effect it had on the survivors, their families and those who stood by and did nothing until it was too late.

Related Questions