I have a need to Implement Direct Authentication with UsernameToken WS-Security.
I am consuming a Java Web-Service with Visual Studio 2010; which authenticates using UsernameToken header.
I figured I can use WSE 3.0 -> http://msdn.microsoft.com/en-us/library/ff647197.aspx
However, WSE 3开发者_JAVA百科.0 is not supported in Visual Studio 2010. I also found http://www.junasoftware.com/blog/how-to-use-wse-3-in-visual-studio-2010.aspx But I could not find the AddIn file in Windows 7 machine :-(
So back to square 1; How do I generate WS-security usernameToken header in Visual studio 2010?
I remember doing this a couple of months ago and it was a total headache. I think I did find the file in C:\Program Files\Microsoft WSE\v3.0\Tools but I might be wrong. If you are able to get it working, you can then create a class that inherits from SoapHeader something like this:
public class SecuredWebServiceHeader : System.Web.Services.Protocols.SoapHeader
{
public string UserName { get; set; }
public string Password { get; set; }
public string AuthenticationToken { get; set; }
public SecuredWebServiceHeader() { }
}
after this you declare an instance of SecuredWebServiceHeader variable on your WebServices and add the [System.Web.Services.Protocols.SoapHeader("SoapHeader")]
attribute to all of your WebMethods. For the AuthenticationToken property of the SecuredWebServiceHeader class I just use/generate a Guid object and use it as the token. I have a AuthenticateUser method that checks whether the username provided is valid or not.
If you don't find the Addin file let me know and I will try harder to find it.
Good luck securing those WebServices.
Hanlet
精彩评论