2

I am new to using .net 4.0 VS2010. I need to consume java webservice and send usernametoken custom authentication to access the service, this i did easily using WSE2.0 in VS2005 , whats the replacement for this in net 4.0 ?

My client is .net 4.0 Asp.net web application(website) and service is java webservice.

Thanks

Alright after checking with Google uncle the following site was a gud starting point

WCF Security

based on that i made few changes to my code but still not much joy . heres the code

     protected void TPLoginButton_Click(object sender, EventArgs e)
    {
        thirdpartyloginClient tplogin = null;
        ThirdPartyLogInResponse proxyresponse = null; 
        ThirdPartyLogInRequest proxyrequest = null;            

        try
        {
            if (tplogin == null)
            {
                tplogin = new thirdpartyloginClient();
            }


            if (proxyrequest == null)
            {
                proxyrequest = new ThirdPartyLogInRequest();
            }

            tplogin.ChannelFactory.Credentials.UserName.UserName = "abcd";
            tplogin.ChannelFactory.Credentials.UserName.Password = "sWwqHyCKMgjttlJEsQIvxzuBPTIBeVquZRPZqZdbDYDaOiHVxKuwYuYmQDVtqqBrBAlLiuOwWwQwOfTqSzOpyUaEbliOPaBHJTnBvulRSuZrcTHddKXwAIIxYDcuUmBJ";

            proxyrequest.username = "gauls";           
            proxyresponse = tplogin.ThirdPartyLogIn(proxyrequest);


        }
        catch 
        {
            if (proxyresponse != null)
            {
                                     ResultBoxResponse.Text = proxyresponse.result.resultMessage.ToString();
            }
            else
            {

                ResultBoxResponse.Text = "Empty response!!";
            }                        


        }
        finally
        {

            if (proxyresponse != null)
            {
                                   ResultBoxResponse.Text = proxyresponse.result.resultMessage.ToString();
            }
            else 
            {

                ResultBoxResponse.Text = "Empty response!!";
            }



        }    






    }

my web.config looks like below

<system.serviceModel>    
    <bindings>
        <basicHttpBinding>
            <binding name="thirdpartyloginSoap11" closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00" allowCookies="false" bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard" maxBufferSize="65536" maxBufferPoolSize="524288" maxReceivedMessageSize="65536" messageEncoding="Text" textEncoding="utf-8" transferMode="Buffered" useDefaultWebProxy="true">
                <readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384" maxBytesPerRead="4096" maxNameTableCharCount="16384"/>
      <!-- UsernameToken over Transport Security -->
      <security mode="TransportWithMessageCredential">
                    <transport clientCredentialType="None" proxyCredentialType="None" realm=""/>
                    <message clientCredentialType="UserName" algorithmSuite="Default"/>
                </security>
            </binding>
        </basicHttpBinding>      
    </bindings>   
<client>      
  <endpoint address="http://11.2.2.16:6060/trydemo/ws/thirdpartylogin" binding="basicHttpBinding" bindingConfiguration="thirdpartyloginSoap11" contract="ThirdPartyLoginService.thirdpartylogin" name="thirdpartyloginSoap11"/>      
    </client>
</system.serviceModel>

Question is

how do i add timestamp and password as password digest

the error i get now is The provided URI scheme 'http' is invalid; expected 'https'. Parameter name: via

i tried using clearusernamebinding

i get the following error

An unsecured or incorrectly secured fault was received from the other party. See the inner FaultException for the fault code and detail.

my web.config file looks like this

<
system.serviceModel> 
<bindings> 
<clearUsernameBinding>
<binding name="myClearUsernameBinding" messageVersion="Soap11" />
</clearUsernameBinding>
</bindings>
<
client> 
<
endpoint address=http://10.2.2.16:7070/demo/ws/thirdpartylogin 
binding="clearUsernameBinding" bindingConfiguration="myClearUsernameBinding" 
contract="ThirdPartyLoginService.thirdpartylogin" 
name="ClearUsernameBinding_thirdpartylogin" /> 
</
client> 
<
extensions> 
<
bindingExtensions> 
<
add name="clearUsernameBinding" type="WebServices20.BindingExtenions.ClearUsernameCollectionElement, ClearUsernameBinding" /> 
</
bindingExtensions> 
</
extensions> 
</
system.serviceModel>

"Receiver Requirement for Digested Password has not been met"strong text thats the actual error

How do i send password in the header as PasswordDigest?

BenMorel
  • 34,448
  • 50
  • 182
  • 322
Gauls
  • 1,955
  • 6
  • 28
  • 44
  • can you point out the code that is not working ? (and give the code that is not working) – Aristos Feb 03 '12 at 15:15
  • i simply don't know the replacement for usernametoken in .net4.0 – Gauls Feb 03 '12 at 15:27
  • The error states that you have a service that can be accessed over HTTPS and you are trying to access it over HTTP. Just change that in the address – Rajesh Feb 07 '12 at 12:28
  • @rajesh the webservice is not hosted as HTTPS – Gauls Feb 07 '12 at 16:12
  • @Gauls: What do you mean by adding a timestamp and password as password digest? Where do you want to add this to? – Rajesh Feb 08 '12 at 10:03
  • @Rajesh password within the header needs to be sent as PasswordDigest and ofcourse it might need timestamp to do it right or may its different in WCF? – Gauls Feb 08 '12 at 11:13
  • @Rajesh how do i get this done in service client 2011-09-14T09:12:23.714Z 2011-09-14T09:13:23.714Z – Gauls Feb 08 '12 at 12:56
  • This question/answer helped me without downloading new code: http://stackoverflow.com/questions/1246689/connecting-to-a-wse-3-0-web-service-from-a-wcf-client?rq=1 – CodeRedick May 08 '15 at 14:38

1 Answers1

1

You should use ClearUsernameBinding

Yaron Naveh
  • 23,560
  • 32
  • 103
  • 158
  • i get the following error An unsecured or incorrectly secured fault was received from the other party. See the inner FaultException for the fault code and detail. – Gauls Feb 08 '12 at 10:51
  • "Receiver Requirement for Digested Password has not been met" thats the actual error after using TCPMON to monitor calls to service – Gauls Feb 08 '12 at 11:20
  • 1
    http://blogs.msdn.com/b/aszego/archive/2010/06/24/usernametoken-profile-vs-wcf.aspx – Yaron Naveh Feb 08 '12 at 12:00
  • that helped but need timestamp to be passed within the header outside usertoken 2011-09-14T09:12:23.714Z 2011-09-14T09:13:23.714Z – Gauls Feb 08 '12 at 12:54
  • ok got it it was simply to true the following transportSecurity.IncludeTimestamp = true; http://blogs.msdn.com/b/aszego/archive/2010/06/24/usernametoken-profile-vs-wcf.aspx – Gauls Feb 08 '12 at 13:03
  • Also very important is following withing BindingHelper Class transportSecurity.EnableUnsecuredResponse = true;A null reponse with huge exception abt unsured response was throw the above setting to true disappered that – Gauls Feb 08 '12 at 13:58