473,382 Members | 1,814 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > .net framework > questions > re: [wse 3.0] i need some pointers for using security

Join Bytes to post your question to a community of 473,382 software developers and data experts.

Re: [WSE 3.0] I need some pointers for using security


"Jeff Johnson" <i.***@enough.spamwrote in message
news:JtydnTFI1LlG2GfanZ2dnUVZ_qKgnZ2d@datapex...
Background: I have very little experience with Web services, but I'm not a
complete n00B. I'm using VS 2005 SP1, C#, and WSE 3.0, if any of that
matters.

Problem: For an upcoming project, I want to provide access to a partner
company in another state to a Web service that I will be writing. I'm not
dealing in nuclear secrets or anything, but I want to secure the messages
without buying a certificate and using SSL.

I have installed and played with some of the QuickStart samples that come
with WSE 3.0. I built and ran the WSSecurityCertificatePolicy sample, and
even built an installer package for it and put the client on another
machine. After some certificate exporting/importing and fiddling with the
*.config files, I got the client to talk to the service. Unfortunately, I
don't fully see the big picture. There are the main questions I have:

1) Can I give all the users the same client certificate as opposed to
creating one for each? (It is not important to me to track who accessed
the service.)

2) If I can use only one cert, is there any way to distribute and install
that cert along with my custom app? I ask because when I exported the
sample client cert along with its private key I had to provide a password,
and I'm wondering if that might hose the install process.

3) Speaking of installing a cert, can I even DO that in a setup package
and/or programmatically? The QuickStart samples use CertMgr.exe, which
isn't even part of a normal Windows installation; it's from the Framework
SDK.

4) If I have to create a separate cert for each user, how do I handle
(i.e., "register") that in my service?

If anyone has some examples of using certificates in Web services, I'd
appreciate links.

For reference, I'm focusing on the certificate route because it SEEMS the
simplest (least code). If anyone feels other methods are easier, I'm
willing to listen.
Purchase an ssl cert...its cheaper than your labour...doing all that message
layer security takes weeks and weeks of work...plus it'll all be changed
again for WCF when ur WSE is obsolete...
Do a search for 'Web Service Security Patterns and Practices' on MS website.
Thats a good document. 250 pages though.
Jun 27 '08 #1
0 924
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

3
WSE 2.0 security problem
by: Michael Rodriguez | last post by:
I have a web service that I am calling by digitally signing the message with WSE 2.0 SP2. It runs fine on my PC. I uploaded the WS to our server, and if I call that from my PC that also works...
C# / C Sharp
4
Adding security to a web service without using WSE
by: razvan | last post by:
I need advice about adding security to a web service without using WSE, as the clients will run Win98.
.NET Framework
3
Sending a WSE 2.0 security SOAP request from HTML client VBScript
by: Sydney | last post by:
Hi, I am trying to construct a WSE 2.0 security SOAP request in VBScript on an HTML page to send off to a webservice. I think I've almost got it but I'm having an issue generating the nonce...
.NET Framework
0
WSE 3.0 Kerberos Auth and issue with Windows XP ASPNET Account
by: CESAR DE LA TORRE [MVP] | last post by:
I am using WSE 3.0 with Visual Studio 2005, specifically I'm using Kerberos authentication and passing Kerberos ticket from Presentation Tier (VSTO.2005 client) to Server Tier through our Web...
.NET Framework
2
WSE 3.0 Security?
by: Baheri | last post by:
If I use WSE3.0 security to authenticate my user does the client need to install WSE3.0 or any other installation? Does he need to use the WSE API to send requestes to my service?How does a Java...
.NET Framework
2
PDA WSE 2 & OpenNetCF
by: Keith Wilson | last post by:
Hello all I am trying to upload/download files via a webservice to/from a PDA. The webservices are secured using WSE 2.0 (this cannot change). ..NETCF 2 does not support WSE 2.0 so am using...
.NET Framework
4
Is WSE 3.0 in VS2005(VB) required to migrate from VS2003?
by: Tony Girgenti | last post by:
Hello. I developed a VS.NET2003(VB), ASP.NET web application client program with ..NET Framework 1.1, ASP.NET 1.1, IIS 5.1 and WSE 2.0. I tried to migrate it to VS 2005 Pro(VB), Web...
Visual Basic .NET
0
Connecting to a WSE 3.0 security enabled web service with .Net 1.1
by: =?Utf-8?B?Q2hhaXRhbnlh?= | last post by:
I have created a WSE 3.0 security enabled web service using a custom username token manager. Everything is working properly when I consume this web service with a WSE enabled client application. ...
.NET Framework
4
Forum for WSE 3.0??
by: GaryDean | last post by:
Is there a forum somewhere specializing in WSE 3.0? I am going through the "Microsoft Web Service Security Patterns and Practices" book/pdf and it has a link to a community forum with a url of...
ASP.NET
0
Wordpress or something else?
by: Faith0G | last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...
Content Management Systems
0
One-click Importing Excel Data into a*Database
by: ryjfgjl | last post by:
In our work, we often need to import Excel data into databases (such as MySQL, SQL Server, Oracle) for data analysis and processing. Usually, we use database tools like Navicat or the Excel import...
Microsoft Excel
0
Easy Steps to Fix "Canon Printer Won't Connect to WiFi Network"
by: taylorcarr | last post by:
A Canon printer is a smart device known for being advanced, efficient, and reliable. It is designed for home, office, and hybrid workspace use and can also be used for a variety of purposes. However,...
General
0
Basic Javascript concepts
by: aa123db | last post by:
Variable and constants Use var or let for variables and const fror constants. Var foo ='bar'; Let foo ='bar';const baz ='bar'; Functions function $name$ ($parameters$) { } ...
Javascript
0
Merging data from multiple Excel files
by: ryjfgjl | last post by:
In our work, we often receive Excel tables with data in the same format. If we want to analyze these data, it can be difficult to analyze them because the data is spread across multiple Excel files...
Data Management
0
Migrating Website to Cloud - Emmanuel Katto
by: emmanuelkatto | last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud. Please let me know. Thanks! Emmanuel
General
0
BarryA
Navigating the Data Structures and Algorithms (DSA)
by: BarryA | last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
Algorithms / Advanced Math
1
Is that possible of reading the .csv file in column wise and the column have different lengths ?
by: Sonnysonu | last post by:
This is the data of csv file 1 2 3 1 2 3 1 2 3 1 2 3 2 3 2 3 3 the lengths should be different i have to store the data by column-wise with in the specific length. suppose the i have to...
C / C++
0
How to build RAID in BIOS?
by: Hystou | last post by:
There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
Computer Hardware

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!