Click here to Skip to main content
Rate this: bad
good
Please Sign up or sign in to vote.
See more: WCF certificate
I'm newer at creating WCF web services and I'm trying to figure out how to create a WCF service that conforms to the WSS:X509 Token Profile 1.0. There are many posts about how to do the client configuration however, not much about server configurations.
This project began as a WSDL-first generated service, so I am unable to change anything about how the client sends data to me, and I'm required to make the service conform to the data they send.
I've gone and created a custom endpoint for this service, however this is where i'm stuck. I'm sure theres just some small detail i'm missing to make it conform to the pdf below:
 
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0.pdf
 
<behavior name="Something.ServiceBehavior">
      <serviceMetadata httpGetEnabled="true" />
      <serviceDebug includeExceptionDetailInFaults="true" />
      <serviceCredentials>
        <clientCertificate>
          <authentication certificateValidationMode="None" />
          <certificate findValue="ClientCertificate" 
                       storeLocation="LocalMachine" 
                       storeName="My" 
                       x509FindType="FindBySubjectName" />
        </clientCertificate>
        <serviceCertificate findValue="OurCertificate" 
                            storeLocation="LocalMachine" 
                            storeName="My" 
                            x509FindType="FindBySubjectName"/>
      </serviceCredentials>
      <serviceSecurityAudit auditLogLocation="Application"
                            serviceAuthorizationAuditLevel="Failure"
                            messageAuthenticationAuditLevel="Failure"
                            suppressAuditFailure="true" />
    </behavior>
  </serviceBehaviors>
 
  <service behaviorConfiguration="Something.ServiceName"
    name="Something.ServiceName">
    <endpoint address="mex" binding="mexHttpBinding" bindingConfiguration="" name="MetaDataEndPoint" contract="IMetadataExchange" />
    <endpoint address="" binding="customBinding" bindingConfiguration="CustomBinding0" name="customBindingEndPoint" contract="Something.IServiceName" >
    </endpoint>
 
    <binding name="CustomBinding0">
      <textMessageEncoding messageVersion="Soap12" />
      <security authenticationMode="MutualCertificate" messageSecurityVersion="WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11" />
      <httpTransport />
    </binding>
Any Help/Comments is greatly appreciated.
Posted 28-Mar-13 8:55am

1 solution

Rate this: bad
good
Please Sign up or sign in to vote.

Solution 1

Well, the above was basically correct. I just needed to tweak how it found the certificate (by thumbprint instead of by name) and it worked perfectly.
  Permalink  

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

  Print Answers RSS
0 OriginalGriff 390
1 Jochen Arndt 150
2 Richard MacCutchan 135
3 DamithSL 95
4 Garth J Lancaster 90
0 OriginalGriff 6,045
1 DamithSL 4,601
2 Maciej Los 4,087
3 Kornfeld Eliyahu Peter 3,480
4 Sergey Alexandrovich Kryukov 3,260


Advertise | Privacy | Mobile
Web01 | 2.8.141220.1 | Last Updated 25 Apr 2013
Copyright © CodeProject, 1999-2014
All Rights Reserved. Terms of Service
Layout: fixed | fluid

CodeProject, 503-250 Ferrand Drive Toronto Ontario, M3C 3G8 Canada +1 416-849-8900 x 100