Vista - Problems creating secure, authenticated web services usingbasicHttpBinding

05-29-2008

I have some web services written with WCF that require secure,
authenticated sessions across internet. I initially got this working
with my own certificates and message security and credentials.
Unfortunately some of the client machines run Windows 2000 (healthcare
space), so I need a client solution that does not depend on WCF.

My approach was to use transport layer security with message
credentials. I started with a completely new ASP.NET web service
application using WCF of the server. I was able to deploy the
Service1.svc successfully on an IIS 6.0 server with a self signed
certificate. I have my own username password validator.

I then created a client to call this service. With .NET 3.5 as the
target framework this worked fine. With .NET 2.0, it's not working
and sifting through the extensive log output, it looks like the client
from 3.5 is creating a security header with a username token, and the
2.0 client is not doing that.

How can I set the appropriate security token in the 2.0 client? Is
there a better approach I could take? Suggestions and sample code
welcome. I would prefer not to install WSE on the Windows 2000
machines, but if I need to I will.

Here is the 3.5 code which sets the username credentials successfully:

sr1.Service1Client sc1 = new ModernClient.sr1.Service1Client();
sc1.ClientCredentials.UserName.UserName = "a";
sc1.ClientCredentials.UserName.Password = "b";
string s = sc1.GetData(5);

Here is the 2.0 code which doesn't work:

sr1.Service1 sc1 = new AncientClient.sr1.Service1();
sc1.Credentials = new NetworkCredential("a", "b");
string s = sc1.GetData(5, true);
sc1.Dispose();

Here is the relevant section of Web.config for the service:

<system.serviceModel>
<services>
<service name="TWP2.Service1"
behaviorConfiguration="TWP2.Service1Behavior">
<endpoint address="" binding="basicHttpBinding"
contract="TWP2.IService1" bindingConfiguration="Binding1">
<identity>
<dns value="localhost"/>
</identity>
</endpoint>
<endpoint address="mex" binding="mexHttpBinding"
contract="IMetadataExchange"/>
</service>
</services>
<bindings>
<basicHttpBinding>
<binding name="Binding1">
<security mode="TransportWithMessageCredential">
<transport clientCredentialType="None"/>
<message clientCredentialType="UserName"/>
</security>
</binding>
</basicHttpBinding>
</bindings>
<behaviors>
<serviceBehaviors>
<behavior name="TWP2.Service1Behavior">
<serviceMetadata httpsGetEnabled="true"/>
<serviceDebug includeExceptionDetailInFaults="true"/

Quote:

>

05-29-2008	#1 (permalink)
Pavel n/a posts	Problems creating secure, authenticated web services usingbasicHttpBinding I have some web services written with WCF that require secure, authenticated sessions across internet. I initially got this working with my own certificates and message security and credentials. Unfortunately some of the client machines run Windows 2000 (healthcare space), so I need a client solution that does not depend on WCF. My approach was to use transport layer security with message credentials. I started with a completely new ASP.NET web service application using WCF of the server. I was able to deploy the Service1.svc successfully on an IIS 6.0 server with a self signed certificate. I have my own username password validator. I then created a client to call this service. With .NET 3.5 as the target framework this worked fine. With .NET 2.0, it's not working and sifting through the extensive log output, it looks like the client from 3.5 is creating a security header with a username token, and the 2.0 client is not doing that. How can I set the appropriate security token in the 2.0 client? Is there a better approach I could take? Suggestions and sample code welcome. I would prefer not to install WSE on the Windows 2000 machines, but if I need to I will. Here is the 3.5 code which sets the username credentials successfully: sr1.Service1Client sc1 = new ModernClient.sr1.Service1Client(); sc1.ClientCredentials.UserName.UserName = "a"; sc1.ClientCredentials.UserName.Password = "b"; string s = sc1.GetData(5); Here is the 2.0 code which doesn't work: sr1.Service1 sc1 = new AncientClient.sr1.Service1(); sc1.Credentials = new NetworkCredential("a", "b"); string s = sc1.GetData(5, true); sc1.Dispose(); Here is the relevant section of Web.config for the service: <system.serviceModel> <services> <service name="TWP2.Service1" behaviorConfiguration="TWP2.Service1Behavior"> <endpoint address="" binding="basicHttpBinding" contract="TWP2.IService1" bindingConfiguration="Binding1"> <identity> <dns value="localhost"/> </identity> </endpoint> <endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange"/> </service> </services> <bindings> <basicHttpBinding> <binding name="Binding1"> <security mode="TransportWithMessageCredential"> <transport clientCredentialType="None"/> <message clientCredentialType="UserName"/> </security> </binding> </basicHttpBinding> </bindings> <behaviors> <serviceBehaviors> <behavior name="TWP2.Service1Behavior"> <serviceMetadata httpsGetEnabled="true"/> <serviceDebug includeExceptionDetailInFaults="true"/ Quote: > <serviceCredentials> <userNameAuthentication userNamePasswordValidationMode="Custom" customUserNamePasswordValidatorType="TWP2.AdminValidator,TWP2" /> </serviceCredentials> </behavior> </serviceBehaviors> </behaviors> </system.serviceModel>
My System Specs

Similar Threads
Thread	Forum
Creating secure shared folder.	Vista networking & sharing
Creating Install for Services	.NET General
SmtpClient.UseDefaultCredentials does not work in Authenticated SM	.NET General
Re: Authenticated Users	Vista security
problems with acronis secure zone and windows vista	Vista General