WWSAPI to WCF interop 5: WSFederationHttpBinding with mixed mode security

WCF endpoints with WSFederationHttpBinding accept SAML tokens issued by trusted Security Token Services (STS, the Issuing Party, or IP). The first thing that should be noted with WSFederationHttpBinding is that secure conversation (specifically, the February 2005 version) is turned on and no knob is provided to turn it off (in fact, this is the case…

3

WWSAPI to WCF interop 4: WSHttpBinding with username over transport security

WWSAPI doesn’t support full message mode security (where security negotiation happens at SOAP message level and parts of the envelope are signed and encrypted using XML signature and XML encryption) in Win7 time frame. This means the default WSHttpBinding is not interoperable with the WWSAPI’s security offering as the WSHttpBinding defaults to use full message…

3

WWSAPI to WCF interop 3: BasicHttpBinding with transport security

Transport security means the message integrity and confidentiality are provided at transport layer. For http transport, this means https. In WCF’s BasicHttpBinding, BasicHttpSecurityMode.Transport provides transport security. To use security in WWSAPI, you need to fill in a WS_SECURITY_DESCRIPTION structure. On the client side, you then pass this structure to WsCreateServiceProxy or WsCreateChannel. To use transport…

4

WWSAPI to WCF interop 2: default BasicHttpBinding

WCF’s BasicHttpBinding is conformant to Basic Profile 1.1. That is, BasicHttpBinding uses SOAP version 1.1 and no WS-Addressing. The message intent is carried in the SOAPAction header. If you have read my previous post, you’ve probably realized that the default WWSAPI settings (SOAP version 1.2 and WS-Addressing 1.0) don’t match these two in BasicHttpBinding. Therefore,…

4