WCF: POC for SAML Token Creation and Consumption

WCF: POC for SAML Token Creation and Consumption Agenda: We will understand how we can create a custom SAML token from code and how it can be used to test against a WCF service. Importance: This comes handle when we need to work on Interop scenarios and handle the received SAML tokens from Java Clients….

0

WCF: Life behind SSL Offloader

WCF: Exposing and consuming WCF service behind SSL Off loader           Problem Statement: Service external address looks correct over HTTPS, however metadata location points to Http end point. Host headers getting corrected with the use of <useRequestHeadersForMetadataAddress/>, no machine name. but the metadata location on service page is pointing to Http….

0

WCF: How to send two different client certificates as credentials at both Transport and Message Level

WCF: How to send two different client certificates as credentials at both Transport and Message Level   Requirement: Transport Security Details A secure transport layer via mutually authenticated SSL/TLS (MASSL) is required. Mutually authenticated SSL requires the use of a client certificate to be provided to the server and validated by the server. If a…

0

WCF: Review System.Net and Network traces for Windows Authentication/Delegation based troubleshooting

WCF: Review System.Net and Network traces for Windows Authentication/Delegation based troubleshooting   System.Net traces <?xml version=”1.0″ encoding=”utf-8″ ?> <configuration> <system.diagnostics> <trace autoflush=”true” /> <sources> <source name=”System.Net”> <listeners> <add name=”System.Net”/> </listeners> </source> <source name=”System.Net.HttpListener”> <listeners> <add name=”System.Net”/> </listeners> </source> <source name=”System.Net.Sockets”> <listeners> <add name=”System.Net”/> </listeners> </source> <source name=”System.Net.Cache”> <listeners> <add name=”System.Net”/> </listeners> </source> </sources> <sharedListeners> <add…

0

WCF: Introp – Signing without primary signature requires timestamp.

WCF: Introp – Signing without primary signature requires timestamp. Security Requirement: SSL Channel SAML token for authentication as part of <security> header TimeStamp being added after the SAML Token   Working request from .Net client: <wsse:Security S:mustUnderstand=”true”> <wsu:Timestamp xmlns:ns17=”http://docs.oasis-open.org/ws-sx/ws- secureconversation/200512″ xmlns:ns16=”http://schemas.xmlsoap.org/soap/envelope/” wsu:Id=”_1″> <wsu:Created>2015-12-23T16:30:10Z</wsu:Created> <wsu:Expires>2015-12-23T16:35:10Z</wsu:Expires> </wsu:Timestamp> <saml2:Assertion xmlns:ds=”http://www.w3.org/2000/09/xmldsig#” xmlns:exc14n=”http://www.w3.org/2001/10/xml-exc-c14n#” xmlns:saml2=”urn:oasis:names:tc:SAML:2.0:assertion” xmlns:xenc=”http://www.w3.org/2001/04/xmlenc#” xmlns:xs=”http://www.w3.org/2001/XMLSchema” ID=”_906f6505770a46018fa4d9fed4fc9713″ IssueInstant=”2015-12-23T16:30:10.153Z” Version=”2.0″> </saml2:Assertion> <ds:Signature…

0

WF: Running Work Flow application on FIPS (The Federal Information Processing Standard) complaint Machines.

WF: Running Work Flow application on FIPS (The Federal Information Processing Standard) complaint Machines.   Issue: Using the System.Workflow.Runtime library in our code and when creating the workflow with WorkflowRuntime.CreateWorkflow()   We get the following exception: System.InvalidOperationException: This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms. at System.Security.Cryptography.MD5CryptoServiceProvider..ctor() at System.Workflow.Runtime.HashHelper.HashServiceType(String serviceFullTypeName)…

0

Negotiate v/s NTLM

Definitions: Negotiate: Microsoft Negotiate is a security support provider (SSP) that acts as an application layer between Security Support Provider Interface (SSPI) and the other SSPs. When an application calls into SSPI to log on to a network, it can specify an SSP to process the request. If the application specifies Negotiate, Negotiate analyzes the request…

0

WCF: SSL/TLS Failure during Add Service Reference (System.Net.Security.SslState.ProcessAuthentication)

Issue:   WCF Client application unable to consume web service metadata over SSL. Symptoms:  Unable to use “svcutil.exe” and “Add Service Reference” feature from .net  framework and visual studio. Point of confusion:   Is it a Visual Studio – Add service reference problem or with svcutil.exe Reason for failure:   Client app sends TLS 1.0 as part of…

0

WPF/WinForm: NetHttpBinding Timeout/Deadlock issue on main UI thread – using web sockets

Issue: We are trying to use NetHttpBinding and expect to use the web sockets, along with callback implementation.Now web sockets are by default available if we have a callback contract implemented (when using NetHttpBinding), and it also can be forced on a request/response channel. Synchronous and Asynchronous call to the service via console app works…

0

WCF: Net.Pipe – Endpoint not found exception – Admin/Non Admin mode

Issue Definition: Following error reported from client app calling the WCF service over net.pipe. There was no endpoint listening at net.pipe://localhost/XYZ/MyService that could accept the message. This is often caused by an incorrect address or SOAP action. See InnerException, if present, for more details.   Observation: Client fails to locate the MyService – although server…

0