Lost in history

Blogs focused on WWSAPI: the new native web services stack from Microsoft

Browse by Tags

Tagged Content List
  • Blog Post: WWSAPI to WCF interop 11: security binding templates

    In my previous post on WsUtil , I explained how the generated helper functions can simplify the creation of WS_SERVICE_PROXY and WS_SERVICE_ENDPOINT. In both of these functions, the first parameter is a pointer to a same binding template. When no security is used in the binding, the template will be...
  • Blog Post: WWSAPI to WCF interop 10: WsUtil.exe, the silver bullet

    In my previous post on interoperating with WCF BasicHttpBinding endpoint , I explained that you had to set the channel properties to match SOAP version and addressing version on the server side. Wouldn’t it be great if you don’t have to do all that? That’s one of the goal of building WsUtil.exe, the...
  • Blog Post: WWSAPI to WCF interop 9: secure conversation bootstrapped by Kerberos AP-REQ token

    In my post on WWSAPI federation support , I explained how to set up secure conversation on the WWSAPI client to work with a WCF server using WSFederationHttpBinding. In this post, I’ll show how to use secure conversation without federation. Secure conversation can be helpful in reducing the payload size...
  • Blog Post: WWSAPI to WCF interop 8: invalid XML characters (part 2)

    In part 1 of this topic, I explained that some Unicode characters would be rejected by WWSAPI’s XML reader and writer because they are not considered legal in XML spec. There is an XML reader property and an XML writer property to allow such characters. Unfortunately that won’t work in all cases and...
  • Blog Post: WWSAPI to WCF interop 8: invalid XML characters (part 1)

    Although all Unicode characters can be carried in XML document, not all characters are considered legal according to XML 1.0 spec , the version used by SOAP and supported by WWSAPI. As you can see in the production copied below, ASCII characters under 32 except tab, carriage return and line feed are...
  • Blog Post: WWSAPI to WCF Interop 7: HTTP header authentication (part 3) - used in BasicHttpBinding with transport credential only

    In my previous post I explained how to do HTTP header authentication protected by SSL in WWSAPI. In this post, I’ll show how to do header authentication without SSL. In WCF, this mode is called TransportCredentialOnly and is only available in BasicHttpBinding. (Note that this mode is not secure as the...
  • Blog Post: WWSAPI to WCF Interop 7: HTTP header authentication (part 2) - used in WSHttpBinding with transport security

    In WCF’s standard bindings, HTTP header authentication can be used in WSHttpBinding with security mode Transport. In this security mode, the client credential type can be set to either Basic, Digest, Ntlm or Windows (Negotiate scheme) to enable HTTP header authentication. In this post, I'll use Windows...
  • Blog Post: WWSAPI to WCF Interop 7: HTTP header authentication (part 1) - comparison

    Just like WCF, WWSAPI supports Basic, Digest, NTLM and Negotiate HTTP header authentication (If you are not familiar with HTTP header authentication, you can read more details about it at Nicholas Allen’s HTTP authentication post ). The two implementations are very similar, but there are also many differences...
  • Blog Post: WWSAPI to WCF interop 6: NetTcpBinding with transport security

    NetTcpBinding provides a more efficient way to send/receive SOAP messages than HTTP does. The SOAP envelopes are transferred in binary format and an XML dictionary is built over the TCP session to help further reduce the payload size. NetTcpBinding supports all three security modes (message, transport...
  • Blog Post: WWSAPI to WCF interop 5: WSFederationHttpBinding with mixed mode security

    WCF endpoints with WSFederationHttpBinding accept SAML tokens issued by trusted Security Token Services (STS, the Issuing Party, or IP). The first thing that should be noted with WSFederationHttpBinding is that secure conversation (specifically, the February 2005 version) is turned on and no knob is...
  • Blog Post: WWSAPI to WCF interop 4: WSHttpBinding with username over transport security

    WWSAPI doesn’t support full message mode security (where security negotiation happens at SOAP message level and parts of the envelope are signed and encrypted using XML signature and XML encryption) in Win7 time frame. This means the default WSHttpBinding is not interoperable with the WWSAPI’s security...
  • Blog Post: WWSAPI to WCF interop 3: BasicHttpBinding with transport security

    Transport security means the message integrity and confidentiality are provided at transport layer. For http transport, this means https. In WCF’s BasicHttpBinding, BasicHttpSecurityMode.Transport provides transport security. To use security in WWSAPI, you need to fill in a WS_SECURITY_DESCRIPTION structure...
  • Blog Post: WWSAPI to WCF interop 2: default BasicHttpBinding

    WCF's BasicHttpBinding is conformant to Basic Profile 1.1. That is, BasicHttpBinding uses SOAP version 1.1 and no WS-Addressing. The message intent is carried in the SOAPAction header. If you have read my previous post , you’ve probably realized that the default WWSAPI settings (SOAP version 1.2 and...
  • Blog Post: WWSAPI to WCF interop 1: WSHttpBinding with no security

    WCF provides a number of standard bindings, each targeting a specific usage scenario. WSHttpBinding is for the mainline Internet web services scenario. It uses the newer SOAP version 1.2 and WS-Addressing version 1.0 and enables a wide range of security settings over the public http/https transport....
Page 1 of 1 (14 items)