cxf-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From darrint <darri...@gmail.com>
Subject Policy and WCF
Date Mon, 11 Apr 2011 14:47:02 GMT
I'm working with a .NET programmer to try and establish Java interop with a
WCF service already running on a particular port on many servers. We've set
up what should be a Java compatible wshttpbinding configuration and started
trying to get CXF or Metro to connect to it.

So far we've worked out that we have to use ws-security, ws-securitypolicy,
ws-secureconversation (we think), and  maybe ws-trust to establish a shared
session key after validating a username/password.

On his end in .NET it's trivial to turn on the features of security he
desires, but on my end I cannot figure out how to set all the right
policies/whatevers. Shouldn't there be a way to get this policy from .NET
after he sets up the binding? Would it be easier for us to make a new
interface in Java, have some tool generate the appropriate policy and
consume that in .NET? Is there some switch I can flip to make CXF and .NET
discover this stuff from each other?

Given the large number of hours we've fruitlessly burned on this I'm
certainly open to the idea that we're missing something big and obvious.

Here is the .NET code that my partner in this is using to describe the
binding and service:

    static void Init_WSHttp_Message_BasicAuth_Custom_Interop()
    {
        _endpointAddress = "http://localhost:8411/MySvc";
        //_binding = CustomWSHttpBindingFactory.CreateCustomWSHttpBinding();
        _binding = new WSHttpBinding();
        ((WSHttpBinding)_binding).Security.Mode = SecurityMode.Message;
        ((WSHttpBinding)_binding).Security.Message.ClientCredentialType =
MessageCredentialType.UserName;
       
((WSHttpBinding)_binding).Security.Message.NegotiateServiceCredential =
false;
        ((WSHttpBinding)_binding).Security.Message.EstablishSecurityContext
= false;

        _serviceHost = new ServiceHost(new MySvc());
        ServiceEndpoint sep =
_serviceHost.AddServiceEndpoint(typeof(IMySvc), _binding, _endpointAddress);
        _serviceHost.Credentials.ServiceCertificate.SetCertificate(
            StoreLocation.LocalMachine,
            StoreName.My,
            X509FindType.FindBySubjectName,
            "Server3");
        Console.WriteLine("svc cert thumbprint: {0}",
_serviceHost.Credentials.ServiceCertificate.Certificate.Thumbprint);
       
_serviceHost.Credentials.UserNameAuthentication.UserNamePasswordValidationMode
= UserNamePasswordValidationMode.Custom;
       
_serviceHost.Credentials.UserNameAuthentication.CustomUserNamePasswordValidator
= new CustomUserNamePasswordValidator();
    }

--
Darrin


--
View this message in context: http://cxf.547215.n5.nabble.com/Policy-and-WCF-tp4296084p4296084.html
Sent from the cxf-user mailing list archive at Nabble.com.

Mime
View raw message