Client Config generated by Factory for the client

Topics: General Discussion Forum, Service Factory Modeling Edition Forum
Jun 4, 2008 at 2:29 PM
Hi,



I tried creating a Host and Client talking to each other using wshttpbinding... Here are my observations and concerns I have.. I am new to WCF.. please correct me..


1. The client config file generated looks as if it was generated to talk to WSE3.0 enabled services rather than WCF services.

2. My understanding is that when I use wshttpbinding (message security).. the messages should be signed and encrypted by default( I mean the functionality should be available). I checked the messages passed between the host and client using fiddler(web debug tool), I see that there are four messages basically for negotiation.. but I still see that message returned by the host is available in plain text( I was expecting it to be encrypted as it is default behavior for wshttpbinding)... Is there anything I am not doing it correct or is it the way factory autogenerated it for us????

3. I am looking for wshttpbinding with windows authentication( intranet application) using Active Directory as credentail store..any idea how can I accomplish that with Service factory...???

Here is the config file generated for client.

<

system.serviceModel>

 

<

bindings>

 

<

customBinding>

 

<

binding name="wsHttpEndPoint">

 

<

security defaultAlgorithmSuite="Default" authenticationMode="SecureConversation"

 

 

requireDerivedKeys="true" securityHeaderLayout="Strict" includeTimestamp="true"

 

 

keyEntropyMode="CombinedEntropy" messageProtectionOrder="SignBeforeEncrypt"

 

 

messageSecurityVersion="WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10"

 

 

requireSecurityContextCancellation="true" requireSignatureConfirmation="false">

 

<

localClientSettings cacheCookies="true" detectReplays="true"

 

 

replayCacheSize="900000" maxClockSkew="00:05:00" maxCookieCachingTime="Infinite"

 

 

replayWindow="00:05:00" sessionKeyRenewalInterval="10:00:00"

 

 

sessionKeyRolloverInterval="00:05:00" reconnectTransportOnFailure="true"

 

 

timestampValidityDuration="00:05:00" cookieRenewalThresholdPercentage="60" />

 

<

localServiceSettings detectReplays="true" issuedCookieLifetime="10:00:00"

 

 

maxStatefulNegotiations="128" replayCacheSize="900000" maxClockSkew="00:05:00"

 

 

negotiationTimeout="00:01:00" replayWindow="00:05:00" inactivityTimeout="00:02:00"

 

 

sessionKeyRenewalInterval="15:00:00" sessionKeyRolloverInterval="00:05:00"

 

 

reconnectTransportOnFailure="true" maxPendingSessions="128"

 

 

maxCachedCookies="1000" timestampValidityDuration="00:05:00" />

 

<

secureConversationBootstrap defaultAlgorithmSuite="Default"

 

 

authenticationMode="SspiNegotiated" requireDerivedKeys="true"

 

 

securityHeaderLayout="Strict" includeTimestamp="true" keyEntropyMode="CombinedEntropy"

 

 

messageProtectionOrder="SignBeforeEncryptAndEncryptSignature"

 

 

messageSecurityVersion="WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10"

 

 

requireSecurityContextCancellation="true" requireSignatureConfirmation="false">

 

<

localClientSettings cacheCookies="true" detectReplays="true"

 

 

replayCacheSize="900000" maxClockSkew="00:05:00" maxCookieCachingTime="Infinite"

 

 

replayWindow="00:05:00" sessionKeyRenewalInterval="10:00:00"

 

 

sessionKeyRolloverInterval="00:05:00" reconnectTransportOnFailure="true"

 

 

timestampValidityDuration="00:05:00" cookieRenewalThresholdPercentage="60" />

 

<

localServiceSettings detectReplays="true" issuedCookieLifetime="10:00:00"

 

 

maxStatefulNegotiations="128" replayCacheSize="900000" maxClockSkew="00:05:00"

 

 

negotiationTimeout="00:01:00" replayWindow="00:05:00" inactivityTimeout="00:02:00"

 

 

sessionKeyRenewalInterval="15:00:00" sessionKeyRolloverInterval="00:05:00"

 

 

reconnectTransportOnFailure="true" maxPendingSessions="128"

 

 

maxCachedCookies="1000" timestampValidityDuration="00:05:00" />

 

</

secureConversationBootstrap>

 

</

security>

 

<

textMessageEncoding maxReadPoolSize="64" maxWritePoolSize="16"

 

 

messageVersion="Default" writeEncoding="utf-8">

 

<

readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"

 

 

maxBytesPerRead="4096" maxNameTableCharCount="16384" />

 

</

textMessageEncoding>

 

<

httpTransport manualAddressing="false" maxBufferPoolSize="524288"

 

 

maxReceivedMessageSize="65536" allowCookies="false" authenticationScheme="Anonymous"

 

 

bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard"

 

 

keepAliveEnabled="true" maxBufferSize="65536" proxyAuthenticationScheme="Anonymous"

 

 

realm="" transferMode="Buffered" unsafeConnectionNtlmAuthentication="false"

 

 

useDefaultWebProxy="true" />

 

</

binding>

 

</

customBinding>

 

</

bindings>

 

<

client>

 

<

endpoint address=http://test.com/CMSWCFTestServices/CmsService.svc

 

 

binding="customBinding" bindingConfiguration="wsHttpEndPoint"

 

 

contract="WcfServices.Client.WcfProxy.CmsServiceContract"

 

 

name="wsHttpEndPoint">

 

<

identity>

 

<

userPrincipalName value=IIS_SVC@test.com />

 

</

identity>

 

</

endpoint>

 

</

client>

 

</

system.serviceModel>

 

Developer
Jun 6, 2008 at 1:51 AM
For #1 and #2, check setting ProtectionLevel property of your contract as described here: http://www.codeplex.com/servicefactory/Thread/View.aspx?ThreadId=29145
For #3, you can check this guidance: http://www.codeplex.com/WCFSecurity
and this guidance package: https://www.codeplex.com/Release/ProjectReleases.aspx?ProjectName=servicefactory&ReleaseId=8814
Jun 6, 2008 at 7:16 PM
Thank you that resolved my issue..

ProtectionLevel  on my operation is not set to Encrypt and Sign.. I was able to generate client config with wshttpbinding rather than custom binding ..


Thank you...