WSE2 SP2 released today

This release fixes some top customer issues and provide a new security token, KerberosToken2, which supports impersonation, windows constrained delegation.  The new token also works well with the web farm scenario. Please download WSE2 SP2 from It is a very exciting release!       


How to let ASPNET process run the Whidbey bits

This should be quite easy.  After installing the right version of Whidbey, go to your framework directory, and run aspnet_regiis.exe under the whidbey directory. >cd \WINDOWS\Microsoft.NET\Framework >cd {The Whidbey installation version} >aspnet_regiis -i >iisreset Your ASPNET process should be set to run whidbey correctly.    


System.Runtime.CompilerServices.InternalsVisibleTo works

This is a very sneaky feature which has been discovered or blogged by quite a few .net gurus.  I just want to give a simple example as how to declare it properly.  Let us say you are developing a core assembly called MyAssembly.  And you also developed another unit test assembly called MyAssembly.UnitTest.  In any class of MyAssembly,…


Private Key is not available

When you use X509Certificate to encrypt a message, sometime you will see an error like “Private Key is not available”.  Here is the list you want to check first: 1. Permission problem:        The running thread must have permission to access the public/private key portion of the certificate.  You can easily find out where the private key folder…


SymmetricKeyEncryption in WSE 2.0 ( part 2 )

As promised, i would talk about a second approach to achieve symmetric key based encryption in WSE 2.0. First, you need to create a simple hello world web service with a client project and a web service project. Assuming you already know how to do it. Now add the symmetric key based encryption using WSE 2.0…


Symmetric key based encryption in WSE 2.0 ( part 1 )

In WSE 1.0, symmetric key encryption could be done through decryption key provider.  Moving to WSE 2.0, every security operation has been bound with a security token, including the symmetric key encryption.  There are generally two ways to do a symmetric key encryption, commonly known as share secret encryption in WSE 2.0 Option #1: Use…


SecurityTokenManager in WSE 2.0

The idea of SecurityTokenManager is very powerful.  It provides one single place to extend the WSE built-in token infrastructure.   You can only have one token manager registered for each token type.   Here is a list of things that you can override: 1. Deserialization of an xml element public override SecurityToken LoadTokenFromXml(XmlElement element)  {     // your ideal way to deserialize a…


WSE 2.0 SP1

In case you don’t know, WSE 2.0 SP1 has already shipped.  You can download it from After the installation, please check out the readme.htm for more details.  


Marshal.Sizeof(typeof(char)) is not equal to sizeof(char)

Yes, believe your eyes.  Marshal.SizeOf(typeof(char)) = 1, however sizeof(char)  = 2.  Reason? Not sure about the first one, i guess it is traditional C style while char used to be defined as one byte.  However, in C#, char type is defined as unicode encoded, which means it will use 2 bytes.  So when you make…



Yes!  The second version of Web Service Enhancements for Microsoft .NET has recently shipped!  There are a lot of excitement and enthusiasms about WSE 2.0 RTM. The release was announced in Steve Ballmer’s keynote.  As the very first demo successfully delivered by Rebecca Dias, WSE certainly gains a big audience. This release includes the implementation of the lastest…