Code me up, code me down - All Comments

re: WCF Custom Security Tokens

Sandy — Fri, 18 Jan 2008 19:44:00 GMT

OK alternatively you can have your SecurityTokenParameters class extend UserNameSecurityTokenParameters. WSDL generation works then!

re: WCF Custom Security Tokens

Sandy — Fri, 18 Jan 2008 18:35:00 GMT

I create my own binding element by extending BindingElement for this purpose.
But then WCF does not recognize as it a security binding element even if this element wraps a SecurityBindingElement element, and the custom Client and Service credentials are never called.

So should SecurityBindingElement be extended?

re: WCF Service Authorization with Claims

xyz — Thu, 29 Nov 2007 06:55:00 GMT

very complex, i don't understand.

re: WCF Service Authorization with Claims

John — Wed, 20 Sep 2006 09:58:00 GMT

Brilliant article Thomasz,

Can you tell me the advantages using the claim based method over the method outlined by Steve Eichert

http://www.emxsoftware.com/Indigo-WCF/WCF+Extensibility+Behaviors+and+Inspectors

Thanks greatly,
JH

re: WCF Custom Security Tokens

Tomasz Janczuk — Thu, 27 Jul 2006 16:08:00 GMT

Security policy export/import is not extensible at this moment. At the same time, since WS-SecurityPolicy 1.1 generation is not trivial in a general case, it is desired to reuse existing framework for scoped extensibility scenarios like custom security token types. One way of accomplishing this is to:
1. Implement a custom BindingElement which wraps a SecurityBindingElement and implements IPolicyExportExtension.
2. In IPolicyExportExtension.ExportPolicy:
2.a. temporarily modify the SecurityTokenParameters from the custom ones to ones WCF recognizes
2.b. delegate the call to SecurityBindingElement.ExportPolicy and have the policy generated
2.c. perform targeted modifications of the generated policy to change the security token requirement.
2.d. revert the security token parameters back to the custom ones on the wrapped SecurityBindingElement.

re: WCF Custom Security Tokens

Pedro Felix — Thu, 27 Jul 2006 08:25:00 GMT

I'm unable to generate the WSDL of the service, since it is using a non "standard" token - the method SecurityPolicy11.CreateTokenAssertion throws an exception because it doesn't recognizes the SecurityTokenParameters.
I suppose I have to define a custom policy exporter for the UsernameKeySecurityToken. How can this be done?

re: WCF Service Authorization with Claims

Tomasz Janczuk — Tue, 18 Jul 2006 14:51:00 GMT

If this is not a production scenario, you can use makecert.exe to create your own certificate for testing purposes. Certificates created by makecert allow data encryption by default.

re: WCF Service Authorization with Claims

latch — Tue, 18 Jul 2006 08:56:00 GMT

Tomasz, I wonder if you can help me. I'm trying to obtain a digital certificate that I can use in a b2b scenario and am having a great deal of difficulty getting one. I've used verisign's digital certificate for emails but this does not work with wse3 because data encryption has not been enabled on it.

Any clues?

Thanks
Latch

WCF Custom Security Tokens

Code me up, code me down — Fri, 16 Jun 2006 18:16:00 GMT

Interesting Finds: June 15, 2006 PM edition

Jason Haley — Fri, 16 Jun 2006 03:06:00 GMT