.NET Tutorials, Forums, Interview Questions And Answers
Welcome :Guest
Sign In
Win Surprise Gifts!!!

Top 5 Contributors of the Month
Gaurav Pal
Post New Web Links

Sign Body, Timestamp, and endorsing supporting tokens elements WSE 3.0

Posted By:      Posted Date: October 04, 2010    Points: 0   Category :ASP.Net

I'm trying to sign an outbound client request.  I'm trying to sign the body, timestamp, and endorsing support tokens. I think I have all the requirements except the Endorsing Support Tokens.  Does anyone know how to do this in WSE 3.0, in code?

Here is my SecureMessage function, and below is example output.

Public Overrides Sub SecureMessage(ByVal envelope As Microsoft.Web.Services3.SoapEnvelope, ByVal security As Microsoft.Web.Services3.Security.Security)
            Dim sc As SoapContext = envelope.Context
            Dim certobj As Object = sc("Certificate")
            Dim CertSubjectToUse As String 'the cert subject to find with

View Complete Post

More Related Resource Links

Sign outgoing body from client with custom endpoing behavior defined in code

I'm trying to sign (and sign only) the body of every outgoing message that uses this custom endpoint behavior.  When I first created this it was for signing a custom SOAP header.  We are moving away from that and going to just sign the body.  We have some applications that have 10+ web service references.  We don't want to touch the reference.cs for anything.  Below is the code I had before for signing the custom soap header.  I'm trying to modify it to just sign the body.  My modified code is below, and the error I get. Private Class CustomHeaderBehavior Implements ServiceModel.Description.IEndpointBehavior Public Sub New() End Sub Private Sub AddBindingParameters( _ ByVal endpoint As ServiceModel.Description.ServiceEndpoint, _ ByVal bindingParameters As ServiceModel.Channels.BindingParameterCollection) _ Implements ServiceModel.Description.IEndpointBehavior.AddBindingParameters Dim body As New Xml.XmlQualifiedName("Body", "http://schemas.xmlsoap.org/soap/envelope/") Dim BodyMsgPartSpec As New ServiceModel.Security.MessagePartSpecification() BodyMsgPartSpec.IsBodyIncluded = True Dim requirements As ServiceModel.Security.ChannelProtectionRequirements = bindingParameters.Remove(Of ServiceModel.Security.ChannelProtectionRequirements)() requirements

Sign outgoing client request SOAP body with WSE 3.0



We currently have the code in WCF to sign the outgoing client requests' SOAP Body, however we need the same code for use with WSE 3.0.  I can't find any examples of this.  

Is it possible?  If so, does anyone have an example?

Thank you,

WCF interoperability with Java SOAP service - sign elements order, force wsu id value



I need to consume a SOAP web service created in Java from a WCF client. By intensively searching this on the web in general and on this forum in particular, I've seen that quite a lot of people have problems in this area, however I never found the answer to the questions I will post on this thread.

The service I have to consume has the following constraints:

  • needs transport level security by communicating over HTTPS 
  • needs signatures on the body (soap:body element) and a custom header of each request. The signature is done using a client certificate and complies with http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0.pdf. The signature is required only on requests. Service responses are not signed.

After an intensive amount of work I managed  to make my request messages look like (intercepted with fiddler):

<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" xmlns:u<

Urgent: help needed signing a SOAP 1.1 Message's Body+Timestamp, and send over SSL



I have a deadline that is about to whoosh by having underestimated how tricky this would turn out to be.



  • SOAP 1.1
  • WS-Security for timestamp and signing
  • signature has to be single signature made from 2 elements: body + timestamp
  • Asymmetric Algorithm: SHA1
  • Key algorithm: RSA 
  • sent over SSL
  • client has to authenticate to server via cert with well known CN=
  • Server is not .NET but Weblogic, with policies that cannot be changed.

Basically, a secure (SSL) based transport, with signing to protect against tampering as well as replay.



Seemed like a good choice at first as it has WS-Security built in.After setting up a behavior that defines client and server certs setting binding/  

Unfortunately wsHttpBinding creates a signature from too many elements in the message (Body, Action, RelatesTo, Timestamp).

There is no apparent way of controlling what gets selected as an element of the signature.  

For example: as the ws-Security headers (Timestamp, etc.) are not part of the proxy Request message class definition, and are added/injected somewhere down the line, and are no

Supporting Tokens


Hi there,


I read sample code Supporting Tokens from http://msdn.microsoft.com/en-us/library/ms751480.aspx

but I didn't find code to authenticate username and password that means the sample works for any username and password. I want to validate them, how?




How to use getElementById to get the elements in a form

There are many ways of accessing form elements, of which the easiest is by using the cross-browser W3C DOM document.getElementById method. Before we learn more about this method, it would be useful to know something about the Document Object Model (DOM), the concept of HTML nodes or elements, and the concept of containers.

Each time you load an HTML page, the web browser generates an internal representation of the page in the form of an inverted tree structure. Let us look at a simple form. We will use this form later to demonstrate the use of the getElementById method.

Gmail style multiple Sign-in type combo...is it possible in asp.net?


I am developing a multi-company application and want my users to give the functionality like the following to switch companies.


Is this possible? then how?

Please help


statement cannot appear outside of a method body


hi all,

  i am posting my vb.net problem .plz tell me how to resolve this :-

Dim conn As String = ConfigurationManager.ConnectionStrings("NorthwindConnectionString").ConnectionString
    'Dim mysqlconnection As New SqlConnection(conn)
    'If mysqlconnection.State=ConnectionState.closed Then mysqlconnection.Open();
    'Dim mySqlcommand As New SqlCommand("select CategoryId,CategoryName from Categories", mysqlconnection)
    'Dim mySqlDataAdapter As New SqlDataAdapter(mySqlcommand)
    'Dim mydataSet As New DataSet()

    'if mysqlconnection.State=ConnectionState.closed Then mysqlconnection.Open();

i m getting 5 errors in this code

declaration expected in mySqlDataAdapter.Fill method; Gridview1.DataSource=ds; Gridview1.DataBind();

Single Sign-On: A Developer's Introduction To Active Directory Federation Services


Use Active Directory Federation Services to allow other organizations to use your Web applications without the need for you to grant access explicitly.

Keith Brown

MSDN Magazine November 2006

Wicked Code: Supporting Database Cache Dependencies in ASP.NET


Developers love the ASP. NET application cache. One reason they love it is that ASP. NET lets them create dependencies between items placed in the cache and files in the file system. If a file targeted by a dependency changes, ASP.

Jeff Prosise

MSDN Magazine April 2003

Command Management: Use Design Patterns to Simplify the Relationship Between Menus and Form Elements


In Windows Forms applications, similar commands, such as those in a menu and their counterparts on a toolbar, are not automatically related. They don't fire the same event or run the same handler routine. Yet code that allows the same or similar user commands to fire the same code simplifies development.This article describes the principles of command management and why it's important to have functional commands that are not exclusive to any one UI element. In order to provide an MFC-like command management infrastructure, a design pattern is developed and applied as a series of C# classes.

Michael Foster and Gilberto Araya

MSDN Magazine October 2002

Passport Secure Sign-In: Provide Your Users with Secure Authentication Capabilities Using Microsoft


Secure sign-in, a new feature in version 2.0 of the .NET Passport single sign-in and profile service, is a functionality that will be especially useful for sites containing confidential information or anywhere security is a primary concern. Such sites include banks, medical sites, and so on. Secure sign-in is as safe as any SSL-based Web site login used today and provides a way to virtually eliminate vulnerability to replay and dictionary attacks.This article explains secure sign-in and demonstrates how you can implement this feature with very little effort in either ASP using the Passport.Manager COM object or in ASP.NET using the .NET class PassportIdentity.

Michael Kogotkov-Lisin

MSDN Magazine September 2002

Infopath cannot load this form. Either the signature is corrupted, or the certificatie used to sign



I have a whole bunch of forms contains errors like whenever you try to open it up.

Infopath cannot load this form.  Either the signature is corrupted, or the certificatie used to sign this form is expired or revoked.

The forms were orginally created with digital signature with it.  But we were in the middle of transition from one company to another company.  The digital signature was no longer valid.  Actually, the certificate should have been expired by now.  I removed all the signatures for all of the forms.  So they can continue using the forms to fill in the information.  The problem right now, is trying to open the old forms with digital signature on it.   Not only the company has changed.  We also moved sharepoint from the old server to the new server.

Any idea to resolve th

Announcements with Image in Body, displayed via CQWP


I feel like I've set this up to be as difficult as possible for my non-programmer users ;) There's GOT to be a better way. Any guidance much appreciated.

I have an Announcements-type list on a NEWS subsite, with fields for Title, Body, and Summary (body with image plus first few sentences of Body). I have a separate Picture Library to store the images they'll use in the Body and Summary.

The Title and Summary are displayed on the Site Collection HOME using a CQWP.

My instructions for users are as follows

1. place image in http://site/subsite/imagelibrary/Forms/AllItems.aspx
2. right click on image and select Copy
3. go to http://site/subsite/announcementspage.aspx
4. Click New > New Item.
5. In "Body", click CTRL+V.
6. Add Title, Body, and Summary text.
7. In HTML, add align="left" insite <img> tag.

Adding to http://site/subsite/announcementspage.aspx automatically gets picked up by the CQWP on the home page.

Like I said, it's pretty ugly, esp considering that my users don't know HTML. Recommendations warmly appreciated.

Sign out issue with IE7 of MOSS application.

Hi All,

I have a sign out issue with my moss application in IE7:

1) When I log in and attempt to log out immediately, the log out function hiding behind this drop down menu did not work.it left me logged in.The logout does not in fact log out the user.

2) When i click sign in as different user, it logs out the user and cant sign in again using same browser page , i need to restart the browser.

Am not able to fix this issue actually,might be we need to make some changes in internet options or something???

I do not know what really is happening.


ASP.NetWindows Application  .NET Framework  C#  VB.Net  ADO.Net  
Sql Server  SharePoint  Silverlight  Others  All   

Hall of Fame    Twitter   Terms of Service    Privacy Policy    Contact Us    Archives   Tell A Friend