Re-Serialize SAML token

  In a Federation Scenario a client might want to access the services by using a SAML token that was issued to it by a STS. The service in turn might have to call other services (like a intermediary) to fulfill the request. When calling the backend service the service might want to use the…

19

Search with msdewey.com

Live.com’s new search interface is www.msdewey.com. Who said Microsoft can’t be cool? This is a very slick site. I agree…Dewey talks too much and sometimes it gets annoying. Neverthless a nice attempt at search.

2

Federation

As you are moving to Web Services world one of the buzz words that you will hear time and again is “Federation”. This is simply a security scenario that involves 3 parties to secure a Message. The 3 parties in the scenario are, Client Security Token Service (STS) Target Service This is very similar to…

7

Supporting Tokens

Web Services Message Security has the concept of Primary and Supporting Tokens. The Primary token is the main token that provides security to the message. This signs the message body and other headers as required and serves as the main identity token for the sending party. There is also a concept of Supporting Tokens. As…

1

WSE and MTOM

If you are using WSE 3.0 and MTOM and was wondering why the client code is not streaming the request…you are not alone. A bug in WSE 3.0 was preventing the client from doing streaming with MTOM. We have this fixed and a QFE has been released. As all QFE’s go, you have to contact customer…

3

Writing a Custom Message Interceptor when Security is enabled

A custom message Interceptor give you access to the message as the message goes through the processing pipeline. There are two methods in the Message Interceptor – BeforeSendRequest and AfterReceiveReply. Both these methods gets passed in the Message by reference so you can modify the message. The BeforeSendRequest is called before the any processing has…

0

WCF Encrypts Signatures by default in Message Security

When you are building your application with security enabled you will see that all your signatures are encrypted by default. This was not the default in WCF Beta 1. As you would expect this did result in a significant performance penalty. The message protection order in Beta 1 was to Sign before Encrypt. There is…

7

Using Binary Encoding in WCF

I recently had a question from someone on using Binary Encoding and how performance of their application relates to that. My answer was it depends…it depends on what is in your message body and if you are using message security or transport security. Before talking about binary encoding, the first thing to understand is that it…

0