Welcome to MSDN Blogs Sign in | Join | Help

Browse by Tags

All Tags » Security
Wednesday, September 09, 2009 8:57 AM

WWSAPI to WCF interop 11: security binding templates

In my previous post on WsUtil , I explained how the generated helper functions can simplify the creation of WS_SERVICE_PROXY and WS_SERVICE_ENDPOINT. In both of these functions, the first parameter is a pointer to a same binding template. When no security
Posted by haoxu | 0 Comments
Monday, May 18, 2009 1:19 PM

LiveID support in WWSAPI on Win7

In Windows 7, LiveID can be used with WWSAPI in two scenarios: 1. SSPI over TCP ( WS_TCP_SSPI_TRANSPORT_SECURITY_BINDING ) with the default SPNEGO package : on both client and server 2. HTTP Negotiate header authentication ( WS_HTTP_HEADER_AUTH_SECURITY_BINDING
Posted by haoxu | 1 Comments
Monday, May 18, 2009 12:11 PM

More on HTTP header authentication

My previous post on header authentication comparison between WWSAPI and WCF mentioned the impersonation level. Here is a bit more detail as people still seem to be caught by surprise due to this difference. I mentioned that WCF client could set the impersonation
Posted by haoxu | 1 Comments
Friday, May 15, 2009 10:52 AM

WWSAPI to WCF interop 9: secure conversation bootstrapped by Kerberos AP-REQ token

In my post on WWSAPI federation support , I explained how to set up secure conversation on the WWSAPI client to work with a WCF server using WSFederationHttpBinding. In this post, I’ll show how to use secure conversation without federation. Secure conversation
Posted by haoxu | 1 Comments
Friday, May 01, 2009 12:32 PM

A simple way to run the WWSAPI Kerberos over SSL samples

The Kerberos over SSL samples (like the calculator one ) demonstrate WWSAPI mixed mode security that matches the WCF’s KerberosOverTransport authentication mode. In this mode, the Kerberos AP-REQ ticket is wrapped in a WS-Security header for client and
Posted by haoxu | 1 Comments
Thursday, April 30, 2009 3:58 PM

One-time set up for WWSAPI security examples

Nikola asked me to write a post on how to set up machine to run our security examples. Here it goes. To run WWSAPI security examples (like the one doing Basic authentication over SSL ), you need to set up the client and server certificates for SSL and
Posted by haoxu | 3 Comments
Thursday, April 09, 2009 11:17 PM

HTTP header authentication gotcha

So I was testing WWSAPI client to ASMX interop. After getting the basic Hello World scenario working, I decided to require Windows authentication on the web application and impersonate the client identity. Then I reran the client without changing the
Posted by haoxu | 1 Comments
Thursday, April 09, 2009 1:05 AM

403 Forbidden due to client certificate issue

Just when I thought I had seen all possible 403 Forbidden errors and could pinpoint the 403 issues without looking into traces, I found myself surprised by another 403 error. I was testing a WWSAPI client to WCF server interop scenario. Only this time
Posted by haoxu | 1 Comments
Friday, March 27, 2009 12:31 AM

WWSAPI to WCF Interop 7: HTTP header authentication (part 3) - used in BasicHttpBinding with transport credential only

In my previous post I explained how to do HTTP header authentication protected by SSL in WWSAPI. In this post, I’ll show how to do header authentication without SSL. In WCF, this mode is called TransportCredentialOnly and is only available in BasicHttpBinding.
Posted by haoxu | 0 Comments
Wednesday, March 25, 2009 12:07 AM

WWSAPI to WCF Interop 7: HTTP header authentication (part 2) - used in WSHttpBinding with transport security

In WCF’s standard bindings, HTTP header authentication can be used in WSHttpBinding with security mode Transport. In this security mode, the client credential type can be set to either Basic, Digest, Ntlm or Windows (Negotiate scheme) to enable HTTP header
Posted by haoxu | 2 Comments
Friday, March 13, 2009 11:50 PM

WWSAPI to WCF Interop 7: HTTP header authentication (part 1) - comparison

Just like WCF, WWSAPI supports Basic, Digest, NTLM and Negotiate HTTP header authentication (If you are not familiar with HTTP header authentication, you can read more details about it at Nicholas Allen’s HTTP authentication post ). The two implementations
Posted by haoxu | 2 Comments
Tuesday, December 02, 2008 10:55 AM

WWSAPI to WCF interop 6: NetTcpBinding with transport security

NetTcpBinding provides a more efficient way to send/receive SOAP messages than HTTP does. The SOAP envelopes are transferred in binary format and an XML dictionary is built over the TCP session to help further reduce the payload size. NetTcpBinding supports
Posted by haoxu | 3 Comments
Monday, November 24, 2008 10:43 AM

WWSAPI to WCF interop 5: WSFederationHttpBinding with mixed mode security

WCF endpoints with WSFederationHttpBinding accept SAML tokens issued by trusted Security Token Services (STS, the Issuing Party, or IP). The first thing that should be noted with WSFederationHttpBinding is that secure conversation (specifically, the February
Posted by haoxu | 3 Comments
Tuesday, November 18, 2008 11:49 AM

WWSAPI to WCF interop 4: WSHttpBinding with username over transport security

WWSAPI doesn’t support full message mode security (where security negotiation happens at SOAP message level and parts of the envelope are signed and encrypted using XML signature and XML encryption) in Win7 time frame. This means the default WSHttpBinding
Posted by haoxu | 3 Comments
Friday, November 14, 2008 9:20 AM

WWSAPI to WCF interop 3: BasicHttpBinding with transport security

Transport security means the message integrity and confidentiality are provided at transport layer. For http transport, this means https. In WCF’s BasicHttpBinding, BasicHttpSecurityMode.Transport provides transport security. To use security in WWSAPI,
Posted by haoxu | 4 Comments
 
Page view tracker