WCF: Mutual SSL Client Cert Authentication Guide With Sample App

Issue: Challenges while we try to use the SSL Mutual Authentication with Client Certificates for WCF service hosted on IIS.                                                                        …

0

WIF: Long live My Session – Session Authentication Module To Avoid STS Redirect

Issue: We are talking about problem where the SAML Token Validity Time set via custom STS is less (5 minutes) and we want to make sure NOT to redirect user every 5 min to get new SAML token.   Default STS: When we use out of box LocalSTS.exe to create Test STS, the default token validity time…

0

WCF/WIF: JWT Token Validator

Issue: Client > JWT Token -> REST Service -> SOAP Service Steps: ======== 1. User call the REST Web Service (Web API Service) 2. Web API service redirect the client to STS (Token Manager), after presenting the correct credentials. User Get the JWT token. 3. Now Web API makes the call to WCF SOAP Service…

0

WCF: POC for SAML Token Creation and Consumption

WCF: POC for SAML Token Creation and Consumption Agenda: We will understand how we can create a custom SAML token from code and how it can be used to test against a WCF service. Importance: This comes handle when we need to work on Interop scenarios and handle the received SAML tokens from Java Clients….

0

WCF: Life behind SSL Offloader

WCF: Exposing and consuming WCF service behind SSL Off loader           Problem Statement: Service external address looks correct over HTTPS, however metadata location points to Http end point. Host headers getting corrected with the use of <useRequestHeadersForMetadataAddress/>, no machine name. but the metadata location on service page is pointing to Http….

0

WCF: How to send two different client certificates as credentials at both Transport and Message Level

WCF: How to send two different client certificates as credentials at both Transport and Message Level   Requirement: Transport Security Details A secure transport layer via mutually authenticated SSL/TLS (MASSL) is required. Mutually authenticated SSL requires the use of a client certificate to be provided to the server and validated by the server. If a…

0

WCF: Review System.Net and Network traces for Windows Authentication/Delegation based troubleshooting

WCF: Review System.Net and Network traces for Windows Authentication/Delegation based troubleshooting   System.Net traces <?xml version=”1.0″ encoding=”utf-8″ ?> <configuration> <system.diagnostics> <trace autoflush=”true” /> <sources> <source name=”System.Net”> <listeners> <add name=”System.Net”/> </listeners> </source> <source name=”System.Net.HttpListener”> <listeners> <add name=”System.Net”/> </listeners> </source> <source name=”System.Net.Sockets”> <listeners> <add name=”System.Net”/> </listeners> </source> <source name=”System.Net.Cache”> <listeners> <add name=”System.Net”/> </listeners> </source> </sources> <sharedListeners> <add…

0

WCF: Introp – Signing without primary signature requires timestamp.

WCF: Introp – Signing without primary signature requires timestamp. Security Requirement: SSL Channel SAML token for authentication as part of <security> header TimeStamp being added after the SAML Token   Working request from .Net client: <wsse:Security S:mustUnderstand=”true”> <wsu:Timestamp xmlns:ns17=”http://docs.oasis-open.org/ws-sx/ws- secureconversation/200512″ xmlns:ns16=”http://schemas.xmlsoap.org/soap/envelope/” wsu:Id=”_1″> <wsu:Created>2015-12-23T16:30:10Z</wsu:Created> <wsu:Expires>2015-12-23T16:35:10Z</wsu:Expires> </wsu:Timestamp> <saml2:Assertion xmlns:ds=”http://www.w3.org/2000/09/xmldsig#” xmlns:exc14n=”http://www.w3.org/2001/10/xml-exc-c14n#” xmlns:saml2=”urn:oasis:names:tc:SAML:2.0:assertion” xmlns:xenc=”http://www.w3.org/2001/04/xmlenc#” xmlns:xs=”http://www.w3.org/2001/XMLSchema” ID=”_906f6505770a46018fa4d9fed4fc9713″ IssueInstant=”2015-12-23T16:30:10.153Z” Version=”2.0″> </saml2:Assertion> <ds:Signature…

0

WF: Running Work Flow application on FIPS (The Federal Information Processing Standard) complaint Machines.

WF: Running Work Flow application on FIPS (The Federal Information Processing Standard) complaint Machines.   Issue: Using the System.Workflow.Runtime library in our code and when creating the workflow with WorkflowRuntime.CreateWorkflow()   We get the following exception: System.InvalidOperationException: This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms. at System.Security.Cryptography.MD5CryptoServiceProvider..ctor() at System.Workflow.Runtime.HashHelper.HashServiceType(String serviceFullTypeName)…

0