• Govind's WebLog

    Debugging WCF - Traces and Message Logs

    • 1 Comments
    There has been enough posts on this topic. But this topic cannot be over emphasized. The best way to debug any WCF issue is to get a complete Message log and trace. We write tons of information to the trace that there is very little (if any) issues that...
  • Govind's WebLog

    Federation

    • 7 Comments
    As you are moving to Web Services world one of the buzz words that you will hear time and again is "Federation". This is simply a security scenario that involves 3 parties to secure a Message. The 3 parties in the scenario are, Client Security...
  • Govind's WebLog

    WCF Encrypts Signatures by default in Message Security

    • 7 Comments
    When you are building your application with security enabled you will see that all your signatures are encrypted by default. This was not the default in WCF Beta 1. As you would expect this did result in a significant performance penalty. The message...
  • Govind's WebLog

    Re-Serialize SAML token

    • 19 Comments
    In a Federation Scenario a client might want to access the services by using a SAML token that was issued to it by a STS. The service in turn might have to call other services (like a intermediary) to fulfill the request. When calling the backend service...
  • Govind's WebLog

    WCF Security Modes

    • 5 Comments
    WCF supports three types of Security. They are, Transport Security Mixed-Mode Security Message Security Let's discuss the various Security Modes below. Transport Security is applied at the transport byte stream below the message layer...
  • Govind's WebLog

    Using Visual Studio Intellisense to Edit WCF Configuration files.

    • 6 Comments
    If you are using Visual Studio 2005 below is how you can enable intellisense to edit your WCF config files. Copy the Attached WCF Configuration schema file to your VS installation folder at %Program Files%\Visual Studio 8\Xml\Schemas. You will find...
  • Govind's WebLog

    Federation and Bearer Tokens

    • 1 Comments
    The latest WS-Trust spec (yet to be ratified by OASIS) introduces a concept called Bearer Tokens. This basically is a keyless token that a client requests from an STS (Security Token Service). The only purpose this token serves is to provide more information...
  • Govind's WebLog

    Asymmetric tokens and Mixed-Mode Security

    • 0 Comments
    When you are using a X.509 Certificate as the client authentication token in Mixed-Mode Security - apart from signing the Timestamp WCF will sign the 'To' header as well. This is to prevent a client spoofing attack by a rougue service. Consider the situation...
  • Govind's WebLog

    503 Server Unavailable failure with IIS 7.0

    • 2 Comments
    When working with IIS 7.0 in Vista if you are seeing this failure trying to access the webserver, there are couple of things to look for. 1. Check if the Application Pool is running. You can click on the Application Pools option on the Left Pane of...
  • Govind's WebLog

    Reliable Messaging and SecurityToken validation

    • 1 Comments
    One of the things that have come up many times is how the service could stop a client from retrying a request for a valid security validation error while Reliable Messaging is enabled. If you are not familiar with the situation the essence of the problem...
  • Govind's WebLog

    Configure SSL in IIS 7.0

    • 1 Comments
    If you are confused looking at the IIS 7.0 UI, you are not alone. I recently had to configure SSL on a IIS 7.0 and had quite some guessing work before I could get it to work. Below documents the procedure required to do this, Open IIS Manager and...
  • Govind's WebLog

    WSE VS addin fails to generate WSE proxy in 64-bit machine

    • 3 Comments
    If you are using WSE and are a VS developer, you would be familar with the WSE Visual Studio Addin that automatically generates WSE Proxy when a Web Reference is added to the project. But if you are a developer in 64-bit machine you will not have this...
  • Govind's WebLog

    Security Header Layout

    • 0 Comments
    There are four different security header layout that can be specified in WCF. The values are defined in WS-SecurityPolicy. They are, Strict - All security tokens are defined in the security header before its first use. The primary signature should...
  • Govind's WebLog

    Supporting Tokens

    • 1 Comments
    Web Services Message Security has the concept of Primary and Supporting Tokens. The Primary token is the main token that provides security to the message. This signs the message body and other headers as required and serves as the main identity token...
  • Govind's WebLog

    WS-Federation Passive

    • 0 Comments
    I have discussed about Federation before. This post discusses Federation from the active context. "Active" means that the client is a smart client capable of doing encryption and signing and can actively participate in the Federation protocol. There are...
  • Govind's WebLog

    WCF Support in Compact Framework

    • 1 Comments
    In a nutshell, .NET Compact Framework 3.5 supported features for WCF include: messaging-layer communication, WS-security, and http and mail transports. All of these a subsets of what the desktop supports, with the exception of the mail transport, which...
  • Govind's WebLog

    Security element and "actor" attribute.

    • 1 Comments
    SOAP 1.1 defines the attribute "actor" that can be on any SOAP header which will indicate who the ultimate processor of the header is going to be. It also defines a standard URI value for this actor attribute that is " http://schemas.xmlsoap.org/soap...
  • Govind's WebLog

    WSE and MTOM

    • 3 Comments
    If you are using WSE 3.0 and MTOM and was wondering why the client code is not streaming the request...you are not alone. A bug in WSE 3.0 was preventing the client from doing streaming with MTOM. We have this fixed and a QFE has been released. As all...
  • Govind's WebLog

    Writing a Custom Message Interceptor when Security is enabled

    • 0 Comments
    A custom message Interceptor give you access to the message as the message goes through the processing pipeline. There are two methods in the Message Interceptor - BeforeSendRequest and AfterReceiveReply. Both these methods gets passed in the Message...
  • Govind's WebLog

    Using Binary Encoding in WCF

    • 0 Comments
    I recently had a question from someone on using Binary Encoding and how performance of their application relates to that. My answer was it depends...it depends on what is in your message body and if you are using message security or transport security...
  • Govind's WebLog

    Search with msdewey.com

    • 2 Comments
    Live.com's new search interface is www.msdewey.com . Who said Microsoft can't be cool? This is a very slick site. I agree...Dewey talks too much and sometimes it gets annoying. Neverthless a nice attempt at search.
  • Govind's WebLog

    Updated Re-Serialize SAML token

    • 0 Comments
    There has been a lot of interest around this and hence I have attached some code listing to this post. Check it out!
  • Govind's WebLog

    Patterns and Practices: WCF Security Guidance available online

    • 0 Comments
    The Microsoft Patterns and Practices team has created a guide for WCF security. http://blogs.msdn.com/jmeier/archive/2008/03/27/patterns-and-practices-wcf-security-guidance-now-available.aspx You can find more information at the root site http...
  • Govind's WebLog

    .Net Framework 3.0 is Live!!

    • 0 Comments
    Get the latest version of .Net Framework 3.0 at http://www.microsoft.com/downloads/details.aspx?FamilyId=10CC340B-F857-4A14-83F5-25634C3BF043&displaylang=en
  • Govind's WebLog

    Configuring HTTP in Windows Vista

    • 0 Comments
    Hosting a WCF service on a HTTP endpoint on Windows Vista has some issues given that you are not running with Administrator privileges. Following blogs discusses how to get around this issue, http://blogs.msdn.com/drnick/archive/2006/10/16/configuring...
Page 1 of 2 (32 items) 12