After 1 week of research and try/retry, I did succeed to program nearly my need.
I am currently under a problem concerning ws-security signing in message.
So i am using soap12 with ws-security 1.0, framework 4.0 and mutual certificate in authenticationMode.
All is good in my request sent to webservice except that i need to put a username in the ws-security header.
If i put CertificateOverTransport, i have the username but the message is not signed enough.
Here is my binding :
<customBinding>
<binding name="NewBinding">
<textMessageEncoding maxReadPoolSize="64" maxWritePoolSize="16"
messageVersion="Soap12" writeEncoding="utf-8">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
maxBytesPerRead="4096" maxNameTableCharCount="16384" />
</textMessageEncoding>
<security includeTimestamp="true"
authenticationMode="MutualCertificate"
securityHeaderLayout="Strict"
defaultAlgorithmSuite="Basic256"
allowSerializedSigningTokenOnReply="true"
messageSecurityVersion="WSSecurity10WSTrust13WSSecureConversation13WSSecurityPolicy12BasicSecurityProfile10">
</security>
<httpsTransport manualAddressing="false" maxBufferPoolSize="524288"
maxReceivedMessageSize="65536" allowCookies="false" authenticationScheme="Anonymous"
bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard"
keepAliveEnabled="true" maxBufferSize="65536" proxyAuthenticationScheme="Anonymous"
realm="" transferMode="Buffered" unsafeConnectionNtlmAuthentication="false"
useDefaultWebProxy="true" requireClientCertificate="true" />
</binding>
</customBinding>
Here is my behavior :
<behaviors>
<endpointBehaviors>
<behavior name="ServiceBehavior">
<clientCredentials>
<clientCertificate findValue="XXXXX" storeName="My" storeLocation="CurrentUser" x509FindType="FindByThumbprint"/>
<serviceCertificate>
<authentication certificateValidationMode ="PeerOrChainTrust" />
<defaultCertificate findValue="XXXX" storeLocation="CurrentUser" storeName="My" x509FindType="FindBySubjectName" />
</serviceCertificate>
</clientCredentials>
</behavior>
</endpointBehaviors>
</behaviors>
My endpoint :
<client>
<endpoint address="xxxx" binding="customBinding"
bindingConfiguration="NewBinding" contract="WSSTestOutboundService"
name="NewPort.0" behaviorConfiguration="ServiceBehavior">
<identity>
<dns value="XXXX"/>
</identity>
</endpoint>
</client>
Here is my code :
System.Net.ServicePointManager.ServerCertificateValidationCallback +=
(se, cert, chain, sslerror) =>
{
return true;
};
WSSTestOutboundServiceClient test = new WSSTestOutboundServiceClient();
test.ClientCredentials.ClientCertificate.SetCertificate(
StoreLocation.CurrentUser
, StoreName.My
, X509FindType.FindByThumbprint
, "9f 28 4b 80 f1 fe 5c 9e ea 4d b4 a1 34 48 e2 47 b9 29 82 27");
test.ClientCredentials.ServiceCertificate.SetDefaultCertificate(
StoreLocation.CurrentUser
, StoreName.My
, X509FindType.FindBySubjectName
, "DPUPRGWYDP01.npr.bngf.local");
test.Endpoint.Contract.ProtectionLevel = System.Net.Security.ProtectionLevel.Sign;
test.ClientCredentials.UserName.UserName = "TEST";
test.ClientCredentials.UserName.Password = "TEST";
test.ChannelFactory.Credentials.UserName.UserName = "TEST2";
test.ChannelFactory.Credentials.UserName.Password = "TEST2";
getGreeting test2 = new getGreeting();
MessageBox.Show(test.getGreeting(test2).greeting);
Please can you help me ?
A username in httprequest is not good enough.
Thank You!
////////////UPDATE////////////////
I managed to add this username token by adding it manually in endpoint information :
<endpoint address="https://XXXXXXX:443/TestSecurity/V1" binding="customBinding"
bindingConfiguration="NewBinding" contract="WSSTestOutboundService"
name="NewPort.0" behaviorConfiguration="ServiceBehavior">
<identity>
<dns value="DPUPRGWYDP01.npr.bngf.local"/>
</identity>
<headers>
<wsse:UsernameToken
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
wsu:Id="UsernameToken-6"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:Username name="UserNameToken" value="Username"></wsse:Username>
</wsse:UsernameToken>
</headers>
</endpoint>
But i don't know how to set the variable Username...
Have you any idea ?
Thank you!
////////////////UPDATE//////////////
This solution will not work because it is a multi-user application, so i can't modify config file.
I let the post here because it gives you an idea of what i am searching for.
Please help me!