473,406 Members | 2,707 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > .net framework > questions > authenticatetoken method not firing in custom x509tokenmanager

Join Bytes to post your question to a community of 473,406 software developers and data experts.

AuthenticateToken method not firing in custom X509TokenManager

I am developing a smart client application that I intend to use role-based
authentication using X509 certificates. That is, each client would have a
certificate that would uniquely identify them, via mapping of the thumbprint
hash on each certificate with a role.

I've got my own class that inherits from the X509SecurityTokenManager. When
the smart client (Windows App) calls a webmethod, this class is initialized,
but the AuthenticateToken method is never entered.

A call to RequestSoapContext.Current.Security does provide a valid X509
token. The result of the webmethod call throws back my own SOAP exception
because the caller cannot be authenticated.

Any suggestions?
Jul 11 '06 #1
3 2018
Hi Sid,

At first glance, I think the client is not sending the right tokens or some
security headers are wrong. Did you check the service trace to see if the
security headers are arriving in the inbound messages ?

Regards,
Pablo Cibraro
http://weblogs.asp.net/cibrax
[MVP - Connected Systems Developer]
"Sid DeLuca" <Si*******@discussions.microsoft.comwrote in message
news:09**********************************@microsof t.com...
>I am developing a smart client application that I intend to use role-based
authentication using X509 certificates. That is, each client would have a
certificate that would uniquely identify them, via mapping of the
thumbprint
hash on each certificate with a role.

I've got my own class that inherits from the X509SecurityTokenManager.
When
the smart client (Windows App) calls a webmethod, this class is
initialized,
but the AuthenticateToken method is never entered.

A call to RequestSoapContext.Current.Security does provide a valid X509
token. The result of the webmethod call throws back my own SOAP exception
because the caller cannot be authenticated.

Any suggestions?

Jul 17 '06 #2
Thanks for the reply, Pablo. I'll check the trace logs.

"Pablo Cibraro" wrote:
Hi Sid,

At first glance, I think the client is not sending the right tokens or some
security headers are wrong. Did you check the service trace to see if the
security headers are arriving in the inbound messages ?

Regards,
Pablo Cibraro
http://weblogs.asp.net/cibrax
[MVP - Connected Systems Developer]
"Sid DeLuca" <Si*******@discussions.microsoft.comwrote in message
news:09**********************************@microsof t.com...
I am developing a smart client application that I intend to use role-based
authentication using X509 certificates. That is, each client would have a
certificate that would uniquely identify them, via mapping of the
thumbprint
hash on each certificate with a role.

I've got my own class that inherits from the X509SecurityTokenManager.
When
the smart client (Windows App) calls a webmethod, this class is
initialized,
but the AuthenticateToken method is never entered.

A call to RequestSoapContext.Current.Security does provide a valid X509
token. The result of the webmethod call throws back my own SOAP exception
because the caller cannot be authenticated.

Any suggestions?


Jul 17 '06 #3
Ok - now my requirements have changed. I need to get specific user
credentials from the client app.

I've implemented a solution using a username token, which is encrypted with
a X509 certificate (the WSE Quickstart cert). It appears to be using to
Windows Integrated security - valid credentials work, invalid credentials
don't. Everything works fine until I associate a custom token manager with
the service (custom token inherits from "SecurityToken" - is this correct?).
Now, I get an error stating "...the security header is not present in the
incoming message...."

The Server policy looks like this:

<policy name="UsernameToken Policy 1">
<usernameForCertificateSecurity establishSecurityContext="false"
renewExpiredSecurityContext="true" requireSignatureConfirmation="false"
messageProtectionOrder="SignBeforeEncrypt" requireDerivedKeys="true"
ttlInSeconds="300">
<serviceToken>
<x509 storeLocation="LocalMachine" storeName="My"
findValue="CN=WSE2QuickStartServer" findType="FindBySubjectDistinguishedName"
/>
</serviceToken>
<protection>
<request signatureOptions="IncludeAddressing, IncludeTimestamp,
IncludeSoapBody" encryptBody="true" />
<response signatureOptions="IncludeAddressing, IncludeTimestamp,
IncludeSoapBody" encryptBody="true" />
<fault signatureOptions="IncludeAddressing, IncludeTimestamp,
IncludeSoapBody" encryptBody="false" />
</protection>
</usernameForCertificateSecurity>
<requireActionHeader />
</policy>

The "policy name" matches the "policy" attribute on the actual service class.

The client's code to setup the token looks like this:

Dim tkn As New UsernameToken(txtLogin.Text, txtPassword.Text,
PasswordOption.SendPlainText)
Dim oProxy As New TestClient.ws.APIServiceWse
oProxy.SetClientCredential(Of UsernameToken)(tkn)
oProxy.SetPolicy("Test - Username token")

The X509 Certificate can be found in both the "Personal" and "Trusted
People" folders in the Current User Store.

Any suggestions?

"Sid DeLuca" wrote:
Thanks for the reply, Pablo. I'll check the trace logs.

"Pablo Cibraro" wrote:
Hi Sid,

At first glance, I think the client is not sending the right tokens or some
security headers are wrong. Did you check the service trace to see if the
security headers are arriving in the inbound messages ?

Regards,
Pablo Cibraro
http://weblogs.asp.net/cibrax
[MVP - Connected Systems Developer]
"Sid DeLuca" <Si*******@discussions.microsoft.comwrote in message
news:09**********************************@microsof t.com...
>I am developing a smart client application that I intend to use role-based
authentication using X509 certificates. That is, each client would have a
certificate that would uniquely identify them, via mapping of the
thumbprint
hash on each certificate with a role.
>
I've got my own class that inherits from the X509SecurityTokenManager.
When
the smart client (Windows App) calls a webmethod, this class is
initialized,
but the AuthenticateToken method is never entered.
>
A call to RequestSoapContext.Current.Security does provide a valid X509
token. The result of the webmethod call throws back my own SOAP exception
because the caller cannot be authenticated.
>
Any suggestions?
Jul 18 '06 #4
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

1
Using System.Timers.ElapsedEventHandler to specify a method and and ElapsedEventArgs object
by: Max Adams | last post by:
Using System.Timers.ElapsedEventHandler to specify a method and and ElapsedEventArgs object I've trawled the internet looking for some help on this topic. What I want to do is, every x seconds...
C# / C Sharp
1
UserControl OnInit not firing
by: | last post by:
Hi, All, I'm having problems getting OnInit to fire in my UserControl, when I use a custom template to render the control. The control will render to the browser and it wasn't until I needed...
ASP.NET
1
Events not firing (First time only) in a dynamic user control. Please help.
by: Shourie | last post by:
I've noticed that none of the child controls events are firing for the first time from the dynamic user control. Here is the event cycle. 1) MainPage_load 2) User control1_Load user clicks a...
ASP.NET
4
Page_Load event firing twice
by: Seraph | last post by:
Again, I'm rather new here, so if I fail to follow any etiquette, please forgive me and let me know what I've done wrong, but I think this might interest quite a few people. One of my colleaques...
ASP.NET
5
Custom field validators not firing in Firefox or Netscape
by: John Abbler | last post by:
I'm currently testing doing some testing with other browsers and have found that my custom field validators aren't firing with Firefox or Netscape, but they work fine with Ie. Here's the code...
ASP.NET
0
Event from Control embedded in another control not firing on web form.
by: scotprince | last post by:
Hi, I am hoping someone here can help. I have one custom control called "MyButton". On another custom control (CC2) I dynamically create a table and add the "MyButton" control to a cell or...
ASP.NET
0
Server-side event handlers firing twice
by: Mike Hofer | last post by:
I've noticed that some of my server-side event handlers are firing twice. I should point out that my web forms are derived from a custom base class that derives from System.Web.UI.Page. The...
ASP.NET
4
dynamic control's event handler not firing
by: TS | last post by:
I am creating a User control and i create some dynamic controls in the init handler. one of the controls is a custom validator which i assign a serverValidate event handler. I usally always do my...
ASP.NET
1
Event Not Firing?
by: Don Q. | last post by:
Hi, I'm writing a class in VB that will (once I get it working) be rolled up into a DLL for use in all our web applications. However I'm running into problems with button events not firing. ...
ASP.NET
0
Migrating Website to Cloud - Emmanuel Katto
by: emmanuelkatto | last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud. Please let me know. Thanks! Emmanuel
General
1
Looking to do Android software development, any suggestions? Is flutter better?
by: nemocccc | last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
General
0
How to build RAID in BIOS?
by: Hystou | last post by:
There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
Computer Hardware
0
Changing the language in Windows 10
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
Windows Server
0
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...
C / C++
0
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
Online Marketing
0
tracyyun
Discussion: How does Zigbee compare with other wireless protocols in smart home applications?
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
General
0
agi2029
AI Job Threat for Devs
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing,...
Career Advice
0
isladogs
Access Europe - Using VBA to create a class based on a table - Wed 1 May
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome a new...
Microsoft Access / VBA

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!