Browse by Tags

Tagged Content List
  • Blog Post: Reliable Messaging and SecurityToken validation

    One of the things that have come up many times is how the service could stop a client from retrying a request for a valid security validation error while Reliable Messaging is enabled. If you are not familiar with the situation the essence of the problem is this, Binding on the Service has Reliable...
  • Blog Post: Handling Mismatched Trust Versions on the Client

    Federation Clients might have scenarios where it is talking to a Service and STS that don't have the same trust version. The Service WSDL can contain a RequestSecurityTokenTemplate with Trust elements that are in different version than the STS. In these cases a WCF client will convert the Trust elements...
  • Blog Post: WS-Federation Passive

    I have discussed about Federation before. This post discusses Federation from the active context. "Active" means that the client is a smart client capable of doing encryption and signing and can actively participate in the Federation protocol. There are cases where the client is simply a Web Browser...
  • Blog Post: Asymmetric tokens and Mixed-Mode Security

    When you are using a X.509 Certificate as the client authentication token in Mixed-Mode Security - apart from signing the Timestamp WCF will sign the 'To' header as well. This is to prevent a client spoofing attack by a rougue service. Consider the situation where the client does not sign the 'To' header...
  • Blog Post: Security Header Layout

    There are four different security header layout that can be specified in WCF. The values are defined in WS-SecurityPolicy. They are, Strict - All security tokens are defined in the security header before its first use. The primary signature should be specified before any endorsing signatures. ...
  • Blog Post: WCF Support in Compact Framework

    In a nutshell, .NET Compact Framework 3.5 supported features for WCF include: messaging-layer communication, WS-security, and http and mail transports. All of these a subsets of what the desktop supports, with the exception of the mail transport, which is new with NetCF. There is also some plans to provide...
  • Blog Post: Configuring HTTP in Windows Vista

    Hosting a WCF service on a HTTP endpoint on Windows Vista has some issues given that you are not running with Administrator privileges. Following blogs discusses how to get around this issue, http://blogs.msdn.com/drnick/archive/2006/10/16/configuring-http-for-windows-vista.aspx http://kennyw...
  • Blog Post: Federation and Bearer Tokens

    The latest WS-Trust spec (yet to be ratified by OASIS) introduces a concept called Bearer Tokens. This basically is a keyless token that a client requests from an STS (Security Token Service). The only purpose this token serves is to provide more information about the client to the service while the...
  • Blog Post: .Net Framework 3.0 is Live!!

    Get the latest version of .Net Framework 3.0 at http://www.microsoft.com/downloads/details.aspx?FamilyId=10CC340B-F857-4A14-83F5-25634C3BF043&displaylang=en
  • Blog Post: Debugging WCF - Traces and Message Logs

    There has been enough posts on this topic. But this topic cannot be over emphasized. The best way to debug any WCF issue is to get a complete Message log and trace. We write tons of information to the trace that there is very little (if any) issues that traces cannot solve. Below is a config to generate...
  • Blog Post: Re-Serialize SAML token

    In a Federation Scenario a client might want to access the services by using a SAML token that was issued to it by a STS. The service in turn might have to call other services (like a intermediary) to fulfill the request. When calling the backend service the service might want to use the SAML token that...
  • Blog Post: Federation

    As you are moving to Web Services world one of the buzz words that you will hear time and again is "Federation". This is simply a security scenario that involves 3 parties to secure a Message. The 3 parties in the scenario are, Client Security Token Service (STS) Target Service This is...
Page 1 of 1 (12 items)