Lost in history

Blogs focused on WWSAPI: the new native web services stack from Microsoft

Browse by Tags

Tagged Content List
  • Blog Post: WWSAPI to WCF interop 11: security binding templates

    In my previous post on WsUtil , I explained how the generated helper functions can simplify the creation of WS_SERVICE_PROXY and WS_SERVICE_ENDPOINT. In both of these functions, the first parameter is a pointer to a same binding template. When no security is used in the binding, the template will be...
  • Blog Post: LiveID support in WWSAPI on Win7

    In Windows 7, LiveID can be used with WWSAPI in two scenarios: 1. SSPI over TCP ( WS_TCP_SSPI_TRANSPORT_SECURITY_BINDING ) with the default SPNEGO package : on both client and server 2. HTTP Negotiate header authentication ( WS_HTTP_HEADER_AUTH_SECURITY_BINDING ): on the client side only ...
  • Blog Post: More on HTTP header authentication

    My previous post on header authentication comparison between WWSAPI and WCF mentioned the impersonation level. Here is a bit more detail as people still seem to be caught by surprise due to this difference. I mentioned that WCF client could set the impersonation level, but I didn’t mention the default...
  • Blog Post: WWSAPI to WCF interop 9: secure conversation bootstrapped by Kerberos AP-REQ token

    In my post on WWSAPI federation support , I explained how to set up secure conversation on the WWSAPI client to work with a WCF server using WSFederationHttpBinding. In this post, I’ll show how to use secure conversation without federation. Secure conversation can be helpful in reducing the payload size...
  • Blog Post: A simple way to run the WWSAPI Kerberos over SSL samples

    The Kerberos over SSL samples (like the calculator one ) demonstrate WWSAPI mixed mode security that matches the WCF’s KerberosOverTransport authentication mode. In this mode, the Kerberos AP-REQ ticket is wrapped in a WS-Security header for client and server authentication. There is no negotiation here...
  • Blog Post: One-time set up for WWSAPI security examples

    Nikola asked me to write a post on how to set up machine to run our security examples. Here it goes. To run WWSAPI security examples (like the one doing Basic authentication over SSL ), you need to set up the client and server certificates for SSL and a local user account for HTTP header authentication...
  • Blog Post: HTTP header authentication gotcha

    So I was testing WWSAPI client to ASMX interop. After getting the basic Hello World scenario working, I decided to require Windows authentication on the web application and impersonate the client identity. Then I reran the client without changing the client code to enable HTTP header authentication....
  • Blog Post: 403 Forbidden due to client certificate issue

    Just when I thought I had seen all possible 403 Forbidden errors and could pinpoint the 403 issues without looking into traces, I found myself surprised by another 403 error. I was testing a WWSAPI client to WCF server interop scenario. Only this time the WCF server was hosted on IIS 7.0 on Windows Server...
  • Blog Post: WWSAPI to WCF Interop 7: HTTP header authentication (part 3) - used in BasicHttpBinding with transport credential only

    In my previous post I explained how to do HTTP header authentication protected by SSL in WWSAPI. In this post, I’ll show how to do header authentication without SSL. In WCF, this mode is called TransportCredentialOnly and is only available in BasicHttpBinding. (Note that this mode is not secure as the...
  • Blog Post: WWSAPI to WCF Interop 7: HTTP header authentication (part 2) - used in WSHttpBinding with transport security

    In WCF’s standard bindings, HTTP header authentication can be used in WSHttpBinding with security mode Transport. In this security mode, the client credential type can be set to either Basic, Digest, Ntlm or Windows (Negotiate scheme) to enable HTTP header authentication. In this post, I'll use Windows...
  • Blog Post: WWSAPI to WCF Interop 7: HTTP header authentication (part 1) - comparison

    Just like WCF, WWSAPI supports Basic, Digest, NTLM and Negotiate HTTP header authentication (If you are not familiar with HTTP header authentication, you can read more details about it at Nicholas Allen’s HTTP authentication post ). The two implementations are very similar, but there are also many differences...
  • Blog Post: WWSAPI to WCF interop 6: NetTcpBinding with transport security

    NetTcpBinding provides a more efficient way to send/receive SOAP messages than HTTP does. The SOAP envelopes are transferred in binary format and an XML dictionary is built over the TCP session to help further reduce the payload size. NetTcpBinding supports all three security modes (message, transport...
  • Blog Post: WWSAPI to WCF interop 5: WSFederationHttpBinding with mixed mode security

    WCF endpoints with WSFederationHttpBinding accept SAML tokens issued by trusted Security Token Services (STS, the Issuing Party, or IP). The first thing that should be noted with WSFederationHttpBinding is that secure conversation (specifically, the February 2005 version) is turned on and no knob is...
  • Blog Post: WWSAPI to WCF interop 4: WSHttpBinding with username over transport security

    WWSAPI doesn’t support full message mode security (where security negotiation happens at SOAP message level and parts of the envelope are signed and encrypted using XML signature and XML encryption) in Win7 time frame. This means the default WSHttpBinding is not interoperable with the WWSAPI’s security...
  • Blog Post: WWSAPI to WCF interop 3: BasicHttpBinding with transport security

    Transport security means the message integrity and confidentiality are provided at transport layer. For http transport, this means https. In WCF’s BasicHttpBinding, BasicHttpSecurityMode.Transport provides transport security. To use security in WWSAPI, you need to fill in a WS_SECURITY_DESCRIPTION structure...
Page 1 of 1 (15 items)