Building of Custom Security Token in WCF

re: Building of Custom Security Token in WCF

Damir Dobric — Sat, 27 Jun 2009 13:51:39 GMT

Please take a look here: developers.de/.../signing-xml-documents.aspx

Thi smight be helpful. Signing in context of WCF ist mostly very complex topic, because it is not well documented etc.

re: Building of Custom Security Token in WCF

Alex — Sat, 27 Jun 2009 02:15:26 GMT

I've tried this exact code and it does work, however, there is a problem when it comes to signing the token with a pki cert.

When WCF signs a message, it doesn't care what has been written to the xml message stream, it goes directly to the object. This can be a problem if you write out a custom attribute in a way that is different from that of the standard serializer.Serialize (this) method. There has to be another way. Any ideas?

re: Building of Custom Security Token in WCF

ktk — Mon, 18 May 2009 21:45:13 GMT

Thanks Damir. I appreciate your help. I'm posting the code blocks here:

//////////////////////////////////

//This is from Damir's Blog

/////////////////////////////////

internal class MySecurityTokenSerializer : WSSecurityTokenSerializer

{

private SecurityToken m_Token;

public MySecurityTokenSerializer(SecurityToken token, SecurityVersion version) : base(version)

{

m_Token = token;

}

///<summary>

/// Writes the specified security token using the specified XML writer. Called

/// by the base class.

///</summary>

///<param name="writer">The writer used to wite the token data.</param>

///<param name="token">The security token which should be serialized.</param>

protected override void WriteTokenCore(XmlWriter writer, SecurityToken token)

{

if (m_Token is XmlSecurityToken)

serializeSbbSamlToken(writer, token as XmlSecurityToken);

else

base.WriteTokenCore(writer, token);

}

private void serializeSbbSamlToken(XmlWriter writer, XmlSecurityToken token)

{

XmlNodeReader reader = new XmlNodeReader(token);

writer.WriteNode(reader, true);

}

/////////////////////////////////////////////////////////////////////

//This is my calling code

/////////////////////////////////////////////////////////////////////

Claim[] claims = new Claim[]

{

new Claim(@"schemas.xmlsoap.org/.../upn",

"Someone@hotmail.com")

};

//my internal method to get a security token from my STS

SecurityToken stsToken = CreateSTSToken(claims);

SecurityVersion version = SecurityVersion.WSSecurity11;

MySecurityTokenSerializer serializer = new MySecurityTokenSerializer(stsToken, version);

StringBuilder stringBuilder = new StringBuilder();

XmlWriter xr = XmlWriter.Create(new StringWriter(stringBuilder), new XmlWriterSettings { OmitXmlDeclaration = true });

serializer.WriteToken(xr, stsToken);

//////////////////////////////////////////////////////////////////////

re: Building of Custom Security Token in WCF

Damir Dobric — Sat, 16 May 2009 18:06:28 GMT

Can you post the code?

re: Building of Custom Security Token in WCF

ktk — Fri, 15 May 2009 18:03:36 GMT

I'm getting an error saying 'type or namespace XmlSecurityToken could not be found'. does this need to be defined somewhere?

re: Building of Custom Security Token in WCF

Damir Dobric — Fri, 09 May 2008 21:51:46 GMT

Could you please describe the error?

re: Building of Custom Security Token in WCF

James Syed — Fri, 09 May 2008 21:44:09 GMT

There was an error serializing the security token

I get the above error when I rin your code. Any ideas what I am doing wrong?

re: Building of Custom Security Token in WCF

Damir Dobric — Thu, 13 Dec 2007 07:20:39 GMT

Hi Chris,

In general, there are two ways how to do that:

1. Binary Share

You use the same library at both sides. This is not a real SOA approach, but anytime you are going to make changes in the protocol it will be necessary to do that. If your app is designed for .NET30, this should not be a problem.

2. There are two implementations of the same thing. In a case of MessageHeader, this is not a big problem, because the message header just keeps a list of some “strings”, semantically describe something. However the reusability of this is not well 

Last but not least, I’m not sure that exactly the same functionality in context o Message Header has to be implemented on both sides. Usually, I would expect that client appends something to header and service reads it (and vice versa in duplex scenario).

Hope this helps you.

re: Building of Custom Security Token in WCF

Chris — Thu, 13 Dec 2007 01:28:46 GMT

Hi!

Greate Article!

I also want to write a custom MessageHeader. I want to attach it in a client interceptor an get it on the serverside in a server interceptor.

My problem is: How can I share the MyHeader Type bewteen Client and Server, so tha I can do that on the client side:

request.Headers.Add(new MyHeader ());

and that on the serverside:

MyHeader header = new MyHeader;

header = request.Headers.GetHeader<MyHeader>(header.Name, header.Namespace);

Thank you!!!