wse3.0


Remove Timestamp element from Security


All the geeks will say WSE is outdated.. Thats ok for me right now.. Just trying to find a solution for my problem
Trying to consume a Java webservice using WSE.
In the outgoing soap request has an security has additional time stamp node.
My outgoing soap request looks like this
<soap:Header>
<wsa:Action wsu:Id="Id-6209d12b-20bf-407e-ac72-533d0f671a2c"></wsa:Action>
<wsa:MessageID wsu:Id="Id-280fe225-2f80-4f37-b5d4-120146fc7dec">urn:uuid:a427b687-6f52-4689-9df2-c2e3c6d9ea1a</wsa:MessageID><
wsa:ReplyTo wsu:Id="Id-bc623f16-761c-4e03-a23e-aa70bd9b8d34"><wsa:Address>http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous</wsa:Address></wsa:ReplyTo>
<wsa:To wsu:Id="Id-b8607eed-cb9e-426b-a5dc-51d7855c32e1">https://service100.emedny.org:9047/MHService</wsa:To>
<wsse:Security soap:mustUnderstand="1">
<wsu:Timestamp wsu:Id="Timestamp-cbeb0310-93bf-4f39-a44d-3516b32b40e6"><wsu:Created>2013-06-20T20:19:47Z</wsu:Created><wsu:Expires>2013-06-20T20:24:47Z</wsu:Expires></wsu:Timestamp><wsse:BinarySecurityToken ValueType></BinarySecurityToken>....</soap:Header>
..
I am trying to remove the action, messageid, replyto, timestamp elements
So the outgoing should look like
<soap:Header>
<wsse:Security soap:mustUnderstand="1" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:BinarySecurityToken........>
</soap:header>
How would I remove the 4 elements + timestamp node from security.I am using WSE3.0. Sorry not Wcf rt now
This is what I tried.
Step1
Create a custom policy assertion by deriving from Microsoft.Web.Services3.Design.PolicyAssertion.
namespace UsernameAssertionLibrary
{
public class UsernameClientAssertion : SecurityPolicyAssertion, PolicyAssertion
{
private string username;
private string password;
public UsernameClientAssertion(string username, string password)
{
this.username = username;
this.password = password;
}
public override SoapFilter CreateClientOutputFilter(FilterCreationContext context)
{
return new ClientOutputFilter(this, context);
}
public override SoapFilter CreateClientInputFilter(FilterCreationContext context)
{
// we don't provide ClientInputFilter
return null;
}
public override SoapFilter CreateServiceInputFilter(FilterCreationContext context)
{
// we don't provide any processing for web service side
return null;
}
public override SoapFilter CreateServiceOutputFilter(FilterCreationContext context)
{
// we don't provide any processing for web service side
return null;
}
public override System.Collections.Generic.IEnumerable<System.Collections.Generic.KeyValuePair<string, Type>> GetExtensions()
{
return new KeyValuePair<string, Type>[] { new KeyValuePair<string, Type>("UsernameClientAssertion", this.GetType()) };
}
public override void ReadXml(XmlReader reader, IDictionary<string, Type> extensions)
{
reader.ReadStartElement("UsernameClientAssertion");
}
#region ClientOutputFilter
class ClientOutputFilter : SendSecurityFilter
{
UsernameClientAssertion parentAssertion;
FilterCreationContext filterContext;
public ClientOutputFilter(UsernameClientAssertion parentAssertion, FilterCreationContext filterContext)
: base(parentAssertion.ServiceActor, false, parentAssertion.ClientActor)
{
this.parentAssertion = parentAssertion;
this.filterContext = filterContext;
}
public override void SecureMessage(SoapEnvelope envelope, Security security)
{
X509SecurityTokenManager objCertTokenManager = (X509SecurityTokenManager)SecurityTokenManager.GetSecurityTokenManagerByTokenType(WSTrust.TokenTypes.X509v3);
objCertTokenManager.DefaultKeyAlgorithm = "RSA15";
objCertTokenManager.DefaultSessionKeyAlgorithm = "TripleDES";
X509Certificate2 cert = GetCertificateFromStore("LMWARD");
X509SecurityToken x5091 = new X509SecurityToken(cert);
X509Certificate2 cert2 = GetCertificateFromStore("DPMedsHistory");
X509SecurityToken x5092 = new X509SecurityToken(cert2);
UsernameToken userToken = new UsernameToken(
parentAssertion.username,
parentAssertion.password,
PasswordOption.SendNone); // we don't send password over network
// but we just use username/password to sign/encrypt message
// Add the token to the SOAP header.
security.Tokens.Add(x5091);
security.Tokens.Add(x5092);
security.Tokens.Add(userToken);
// Sign the SOAP message by using the UsernameToken.
MessageSignature sig = new MessageSignature(x5091);
security.Elements.Add(sig);
// encrypt BODY
EncryptedData data = new EncryptedData(x5092);
// add ancrypted data to the security context
security.Elements.Add(data);
}
private static X509Certificate2 GetCertificateFromStore(string certName)
{
// Get the certificate store for the current user.
X509Store store = new X509Store(StoreLocation.LocalMachine);
try
{
store.Open(OpenFlags.ReadOnly);
// Place all certificates in an X509Certificate2Collection object.
X509Certificate2Collection certCollection = store.Certificates;
X509Certificate2Collection signingCert = certCollection.Find(X509FindType.FindBySubjectName, certName, true);
if (signingCert.Count == 0)
return null;
// Return the first certificate in the collection, has the right name and is current.
return signingCert[0];
}
finally
{
store.Close();
}
}
}
#endregion
}
}
Step2
This is my wse3Policy.Config
<policies xmlns="http://schemas.microsoft.com/wse/2005/06/policy">
<extensions>
<extension name="usernameAssertion"
type="UsernameAssertionLibrary.UsernameServiceAssertion,
UsernameAssertionLibrary" />
</extensions>
<policy name="ServerPolicy">
<usernameAssertion />
</policy>
</policies>
Step3
namespace.Service1 MHs = new Service1();
UsernameClientAssertion assert = new UsernameClientAssertion("user", "pwd");
// create policy
Policy policy = new Policy();
policy.Assertions.Add(assert);
// and set it to web service
MHs.SetPolicy(policy);
Mhs.Method();
I am not getting any error. It has a warning in the policy file that
The element policy has an invalid child element usernameassertion.List of possible elements are .......
The security timestamp element, ActionId, mesageId, replyTo, wsa elements still appear in the outgoing soap.
What am I missing here..

Related Links

Remove Timestamp element from Security

Categories

HOME
pypi
gerrit
netbeans
reflection
homebrew
include
objectgears
alfresco
spagobi
rsync
react-redux
amortized-analysis
gps
sql-server-2016
alpha
ebean
opengl-es-2.0
quickbooks
orchardcms
fallback
zebra-printers
foselasticabundle
sms-gateway
textfield
ehcache
microsoft-sync-framework
wpfdatagrid
fgetcsv
xacml
tasklet
bcd
column-family
repo
uiswipegesturerecognizer
mmenu
bitbucket-pipelines
hot-module-replacement
powershell-dsc
botbuilder
estimote
arena-simulation
btrace
network-flow
termination
clean-architecture
dotnetzip
lowpass-filter
elgg
lift-json
imanage
django-scheduler
quartz-composer
objective-c-swift-bridge
color-picker
sts-springsourcetoolsuite
dstu2-fhir
fody
skobbler-maps
firebaseui
pickadate
phpcas
freedesktop.org
javax.sound.midi
iad
teamcity-8.0
qdialog
wireshark-dissector
spidermonkey
microbenchmark
service-accounts
fluid-dynamics
sorl-thumbnail
xc16
openexr
sgen
jquery-layout
valueconverter
typo3-neos
prettify
farseer
ivyde
jsctypes
spring-io
soundtouch
coverflow
dotnetnuke-5
flash-builder4.5
orchardcms-1.7
robotics-studio
delphi-6
bitsharp
bluepill
parametric-equations
spring-portlet-mvc
pydot
data-loss
lpeg
visitor-statistic
google-friend-connect
gamequery
suppress
routedevent
nhibernate.search
dbal
data-driven
noscript
thread-local-storage
multiple-languages

Resources

Encrypt Message