I have created a custom algorithm suite class following the instruction on https://msdn.microsoft.com/en-us/library/gg617968(v=vs.110).aspx. However, instead of specifying the class in code, I want to specify the custom class in the XML configuration file. Is it possible?
Example:
<basicHttpBinding>
<binding name="Binding1">
<security mode="Message">
<message clientCredentialType="Certificate" algorithmSuite="MyCustomAlgorithmSuite"/>
</security>
</binding>
</basicHttpBinding>
Related
I have a WCF Service with netTcpBinding and I want to add GZip compression to it.
Here is my current binding:
<netTcpBinding>
<binding>
<security mode="TransportWithMessageCredential">
<message clientCredentialType="UserName" />
</security>
</binding>
</netTcpBinding>
But to add GZip Compression, I need to convert it to a customBinding.
So I think the new binding must looks like this:
<customBinding>
<binding>
<security ??? />
<binaryMessageEncoding compressionFormat="GZip" />
<tcpTransport />
</binding>
</customBinding>
How can I achieve mode="TransportWithMessageCredential" and clientCredentialType="UserName" of netTcpBinding in customBinding?
i'm using message security with a certificate authentication
<basicHttpBinding>
<binding name ="customBinding">
<security mode="Message">
<message clientCredentialType="Certificate"/>
</security>
</binding>
</basicHttpBinding>
i'm trying to log client user name, when i do this:
ServiceSecurityContext.Current.WindowsIdentity.Name
i get null. how can i retrieve the client's user name while using this security mode?
<basicHttpBinding>
<binding name="BasicHttpEndpointBinding">
<security mode="TransportCredentialOnly">
<transport clientCredentialType="Windows" />
</security>
</binding>
</basicHttpBinding>
ServiceSecurityContext Class uses windows authentication
I have nothing to test, but may you can try mix transport-Window with message-Certificat. I'm really not sure, if this is possible.
<basicHttpBinding>
<binding name ="customBinding">
<security mode="Message">
<message clientCredentialType="Certificate" />
<transport clientCredentialType="Windows"/>
</security>
</binding>
</basicHttpBinding>
and for your web.config:
<system.web><authentication mode="Windows"/></system.web>
For Reference:
message-Windows https://learn.microsoft.com/en-us/dotnet/framework/wcf/feature-details/message-security-with-a-windows-client
message-Certificate https://learn.microsoft.com/en-us/dotnet/framework/wcf/feature-details/message-security-with-a-certificate-client
I got in my binding the username from the client with basicHttpBinding with Transport-Security (ssl):
<security mode="Transport">
<transport clientCredentialType="Windows"/>
</security>
and without ssl:
<security mode="TransportCredentialOnly">
<transport clientCredentialType="Windows"/>
</security>
Be sure, IIS is configured with Authentication - WindowsAuthentication Enabled.
Hope this helps someone who is dealing with this.
I have a binding configuration for wsHttpBinding defined as:
<wsHttpBinding>
<binding name="CustomAuthentication">
<security mode="Message">
<!-- Change to Message-->
<message clientCredentialType="UserName"/>
<!-- Change to UserName -->
</security>
</binding>
</wsHttpBinding>
When I generate my proxy code using svcutil and look at the app.config it generates for the client, I see this in the security section:
<security mode="Message">
<transport clientCredentialType="Windows" proxyCredentialType="None" realm="" />
<message clientCredentialType="UserName"
negotiateServiceCredential="true"
algorithmSuite="Default" />
</security>
I did not specify transport security in my service config, so why did it create a transport node with clientCredentialType="Windows". Is this by design and does it matter? I watched a video my Michele Leroux Bustamante and she said that you can't use Transport and Message, it will ignore one of them, so it doesn't matter if you specify both. I just want to know why it created it it in the client app.config
The reason is probably the same that svcutil and VS create huge config files for most services: They generate bindings/config with default settings, tweak them, and then serialize them into the config files, which means you get fairly extensive, verbose config files out of them because they include values (default or otherwise) for all properties in those configuration objects.
I've been given a wsdl for a service which VS2010 generated the following binding as part of it's configuration.
<bindings>
<basicHttpBinding>
<binding name="NotificationHttpBinding">
<security mode="Transport">
<transport clientCredentialType="None" proxyCredentialType="None" realm="" />
<message clientCredentialType="UserName" algorithmSuite="Default" />
</security>
</binding>
</basicHttpBinding>
</bindings>
I'm a little confused as what the message node will do given the mode is set to Transport?
Nothing. This will not be used at all. It is safe to remove it.
I am new at WCF programming model and I want to use netTcpBinding. Before I ask my question below this is my custom binding :
<customBinding>
<binding name="basic">
<security authenticationMode="UserNameForCertificate"/>
<binaryMessageEncoding/>
<httpsTransport/>
</binding>
</customBinding>
When I create a service reference using a simple console application it finds a certificate and ask me to use it. And this way I can use the webservice ...
But when I change binding to netTcpBinding with TransportWithMessageCredential the service is looking for certificate and could not find it like this :
<netTcpBinding>
<binding name ="sdfsd">
<security mode="TransportWithMessageCredential">
<message clientCredentialType="UserName"/>
<transport clientCredentialType="None"/>
</security>
</binding>
</netTcpBinding>
ServiceCertificate.SetCertificate(StoreLocation.LocalMachine, StoreName.My, X509FindType.FindByIssuerName, "Contoso.com").
At this point I use a CustomNameValidator and I do it programmatically.
So when I use netTcpBinding with TransportWithMessageCredential, why does the call to SetCertificate not find the installed certificate? Am I missing something ? Or do I have to add something?
ok guys...sorry but some of the message is miising ...
my custom binding is
customBinding
<customBinding>
<binding name="basic">
<security authenticationMode="UserNameForCertificate"/>
<binaryMessageEncoding/>
<httpsTransport/>
</binding>
</customBinding>
and netTcpBing that i tried to convert is :
<netTcpBinding>
<binding name ="sdfsd">
<security mode="TransportWithMessageCredential">
<message clientCredentialType="UserName"/>
<transport clientCredentialType="None"/>
</security>
</binding>
</netTcpBinding>