.NET Tutorials, Forums, Interview Questions And Answers
Welcome :Guest
Sign In
Win Surprise Gifts!!!

Top 5 Contributors of the Month
Gaurav Pal
Post New Web Links

Need to dynamically authenticate client certificate from java client

Posted By:      Posted Date: December 04, 2010    Points: 0   Category :WCF

Hi, I have an urgent question.

In my development, we are required to dynamically authenticate client certificate with WCF web service via HTTPs using SOAP. Since it is dynamically checked, we are not going to have client certificate installed on the host prior to the call.

I have tried the following:

Method one:

wsHttpBinging.Security.Mode =

wsHttpBinging.Security.Transport.ClientCredentialType = HttpClientCredentialType.Certificate;

This fails in transport layer and client get 403 forbidden message since it requires the client cert to be installed on the host prior to the authentication. ps. It is also a requirement that WS-addressing binding to be removed from the binding list. So only MessageVersion.Soap12 is enabled.

View Complete Post

More Related Resource Links

sslstream client certificate validation error

Hi,I have taken server and client program from MSDN2 for sslstream. in that code client certifiacte authetication is made false  i want to enable that and do the code i have done some modification to the code but is giving error "RemoteCertificateNotAvailable" and i think that its not getting the client certificate at server side.So please can any one help me to do client server program using sslstream in which client certificate also needs to be validated.I am attaching my modified code of MSDN2Server sideusing System;using System.Collections;using System.Net;using System.Net.Sockets;using System.Net.Security;using System.Security.Authentication;using System.Text;using System.Security.Cryptography.X509Certificates;using System.IO;namespace Examples.System.Net{    public sealed class SslTcpServer     {        static X509Certificate serverCertificate = null;        // The certificate parameter specifies the name of the file         // containing the machine certificate.        // The following method is invoked by the RemoteCertificateValidationDelegate.        public static bool ValidateClientCertificate(              object sender,              X509Certificate certificate,              X509Chain chain,              SslPolicyErrors sslPolicyErrors)        {            SslPolicyErrors errors = sslPolicyErrors;            if (errors != SslPolicyErrors.None)            {

WCF client Java interop - No Response Headers = MessageSecurityEx

I am using a WCF client to communicate with a Websphere hosted web service.  The service requires my message to be signed, but not encrypted.  This is being done and works as expected.  I can see in my trace logs that I get a valid response back from the service.  However, it isn't making past the proxy becuase of the following error: System.ServiceModel.Security.MessageSecurityException: Security processor was un able to find a security header in the message. This might be because the message  is an unsecured fault or because there is a binding mismatch between the commun icating parties.   This can occur if the service is configured for security and the client is not using security. I've edited the binding to remove the timestamp and have verified that it is not being sent, however, I still get this error.   Here's what the header of my request looks like: <s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"> <s:Header> <ActivityId CorrelationId="b0d474df-8b00-4c30-bd05-d1e478529ce4" xmlns="http://schemas.microsoft.com/2004/09/ServiceModel/Diagnostics">cb8e51de-83b4-4bfe-bf1c-fd92ce86f557</ActivityId> <o:Security s:mustUnderstand="1" xmlns:o="http://

connect client certificate to an account in a membership database

Hello I have created a web service that authenticates with username and password, works fine.Basically this one, http://msdn.microsoft.com/en-us/library/ff649647.aspxNow I also want to connect to this web service using client certificates, works finehttp://msdn.microsoft.com/en-us/library/cc948997.aspx But I would like to when authenticated via client certificates, connect that certificate to a user in the membership database.So that I can use Roles.IsUserInRole(...) and such.I thought that, well if I implement a Custom certificate Validatorhttp://msdn.microsoft.com/en-us/library/ms733806.aspxthen I could check for example subject and map that against a created username in the membership database.But in the class X509CertificateValidatorpublic override void Validate(X509Certificate2 certificate)I don't have the same ability as when the user is authenticatedlike  void OnAuthenticateRequest(object source, EventArgs eventArgs)HttpApplication app = (HttpApplication)source;Basically how can I do this app.Context.User = new GenericPrincipal(new GenericIdentity(username, "Membership Provider"),roles);withinpublic override void Validate(X509Certificate2 certificate)and if that is not possible, can this be solved differently?Bottom line, how do I connect a client certificate to a user account in the membership database. Is there a MSDN article

.NET Client and Java Web Service Interoperability

I have a .net client that consumes an operation on a java based web service that appears to work accept for an issue with passing Boolean values back to the service in the soap message. Any member of the complex type that are defined as Boolean in the service contract will not be present in the soap message generated from the client even though they are set in the code. Sample Client Code: UpdateChecklistItemStatusPortTypeClient     proxy = new UpdateChecklistItemStatusPortTypeClient();     updateChecklistItemStatusReq request = new updateChecklistItemStatusReq(); request.ouid =   "P000122112"; request.applicationId =   "00000032"; request.adminFunction =   "ADMA"; request.checklistItemTypeCode =   "UHSTRN"; request.ceebCode =   "052046"; request.transcriptTerm =   "FINAL"; request.transcriptScores =   true;     updateChecklistItemStatusRsp response = new updateChecklistItemStatusRsp(); response = proxy.UpdateChecklistItemStatusOp(request); Client Soap Message Generated: <s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/">   <s:Body xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">   

Getting client information from X.509 certificate in C# code

I have a WCF service which accepts X.509 certificate signed incoming messages. As per my understanding the client will send the message with signature encrypted using his private key and web services will decrypt the signature with client's public key. This ensures that the sender of the message is holder of the private key and that he is certified by the server trusted CA as "He is what he claims to be". It's being a highly secure application I need to give access to only certain clients regardless of whether they are trusted or not. (This is to take care of good turned bad scenario :-)) How do I achieve this? Is there any way to get the client information as subject name etc from his certificate in C# code? Is there any example of this usage? Thanks in advance,Jeet.    

C# Client App connecting to WSS3.0 with X.509 certificate

I have been unable to find much information on using smart cards and X.509 certificates when connecting to WSS 3.0.  I am able to build a Web Service Reference in VS 2010 just fine.  I get prompted for my cert, I select it, enter my pin and all is well.  But I am failing to handle it properly in my app.  I created a test method that creates the new WSS List object.  I assign System.Net.Credentials.DefaultCredentials to the Credentials. I then call GetListCollection.  I am never prompted for my cert, and I get a 500 error back from the server.  Everything works fine in IE and adding the reference so I think I missed a step, but I cannot figure out what that would be. I running the app with an account that has no relationship to the authentication domain WSS is part of, so I expected to be prompted for the cert when I tried to connect. Does anyone know how to do this, or offer up some guidance.  Thanks, LD

Dynamically (on client side) populating data control (repeater) when dropdown item is selected

Hello!I'm currently working on a project and I want to make as much things as possible performing on client side - with as little loading as possible.The project consist of three "main" pages. On one page I use jQuery DataTable plugin which is working great. One page has tabs (using jQuery). I want to put datacontrol (repeater) on this site and when  user selects one item in dropdown, data in repeater loads on client side, without performing the action on server.I wonder if this is possible and if somebody can give me some case to help with?Thanks!I hope I was clear enough. all the best

SharePoint - Report Server - Client Certificate authentication

Hi,I have a SharePoint site collection which requires client certificates. On the server I have configured Reporting Services in integration mode.I can call reports on other site collections which don't require client certificates but not on the site which does. On the site which requires client certificates the pages fail with the following error message:'An unexpected error occurred while connecting to the report server. Verify that the report server is available and configured for SharePoint integrated mode. --> The request failed with HTTP status 403: forbidden'The error message indicates that SharePoint doesn't call the web service with a client certificate. Does anyone know how I can configure SharePoint to use a client certificate?Any help is greatly appreciated.Adam

x509 - Client Certificate infrastructure for Asp.Net question

I dont have a lot of background with SSL and X509 configuration and support with my Asp.Net application, so I was wondering if someone can explain or point me in the right direction to MSDN or any other article or posting explaining if it's possible to do what I am looking to support in my environment.I have IIS 6.0 with SSL (Verisign cert) as well as "Require client certificates" working against a local installation of Microsoft Certificate Services, https://<domain>/certsrv, where users can request and install client certs (both xp clients for basic mode, and Vista/7 for advance mode).Here's what I am up against:I have a segment of users coming from a virtualized server environment where this environment does not store personal settings for more than 48 hours. It's not an internet cafe, but rather an actual business where their IT staff uses server images to reimage each virtual server in the farm every 48hrs. Thus losing all users data in the "Current Users" Certificate Stores.The IT staff give users a network folder share to store any personal items (docs, spreadsheets, links, etc.). The servers consist of Windows Server 2003, and will be migrating to Windows Server 2008 in the next 6-9 months.These users have rights in Internet Explorer to navigate to my certsrv site and use activex to to request and install certificates then clode and

WCF and certificates : "The client certificate is not provided."

Hi,I'm having a hard time to get certificates working with my WCF application and I keep getting the error: "The client certificate is not provided. Specify a client certificate in ClientCredentials."I am using a free trial certificate by Verisign and I have done the following things on a local XP Pro machine:VeriSign Trial Secure Server CA - G2 certificate is installed in the Personal => CerficatesVeriSign Trial Secure Server Root CA - G2 certificate is installed in the Trusted Root Certification Authorities => CertificatesI am using the following kind of binding configuration settings: *** Client web.config ******<binding name="CertificateBinding" maxReceivedMessageSize="4194304">          <security mode="Message">            <message clientCredentialType="Certificate" />          </security>        </binding><endpoint address="http://localhost/MyWcfApplication/Service1.svc"        binding="wsHttpBinding" bindingConfiguration="CertificateBinding"        contract="ServiceReference1.IService1" name=&qu

One-To-One Client Certificate Mapping in Exchange Server 2010 WCF Configuration

Hi.I am having a java client which has proxy classes generated with jax-ws to use the exchange web services (exchange server 2010). This proxy only supports SOAP11.What I need is to configure exchange servers with CAS role to (additionally to the default authentication) map one certificate to one windows accout. Until now I: imported the servers certificate and enabled it (import-ExchangeCertificate -fileData ([Byte[]]$(get-content -path <certpath> -encoding byte -readCount 0)) -password:<security-string pwd> | enable-ExchangeCertificate -services IIS) created a client certificate mapping in IIS 7 and here is where I got stuck What do I have to change in the "...\V14\ClientAccess\exchweb\ews\web.config" to get this scenario work?The web.config file looks like this: <services> <service behaviorConfiguration="EWSServiceBehavior" name="Microsoft.Exchange.Services.Wcf.EWSService"> <endpoint address="" binding="customBinding" bindingConfiguration="EWSHttpsBinding" contract="Microsoft.Exchange.Services.Wcf.IEWSContract"> <endpoint address="wssecurity" binding="customBinding" bindingConfiguration="EWSWSSecurityBinding" contract="Microsoft.Exchange.Services.Wcf.IEWSContract"

WCF MTOM Client calling Java Webservice - Issues with File attachment Content ID encoded in SOAP mes

Hello,I'm having difficulty calling a MTOM enabled Java based web service that accepts an file as input..NET appeats to be generating a SOAP message where the reference to the binary part of the message is an encoded url.For Example:  <inc:Include href="cid:http%3A%2F%2Ftempuri.org%2F1%2F634000265217257868" xmlns:inc="http://www.w3.org/2004/08/xop/include"/>In fact, the Content ID defined in the SOAP message, looks nothing like the actual Content ID of the actual message part.Content-ID: <http://tempuri.org/1/634000265217257868=2787915398744@soapui.org>The service is invoked and executed on the java webserver...but the data element appears to be null.I do not believe the java web server understands the reference in the SOAP message because it is encoded....Or...perhaps it's because the Content-ID attribute has extract stuff on it.I'm working with a custom MTOM encoder in WCF....is there a way to generate your own Content ID or tell .NET not to encode the url?My frustration with .NET has reached an all new level with this project...Any help would be greatly appreciated.Here the SOAP message that is being generated:<soapenv:Envelope xmlns:soapenv="http://www.w3.org/2003/05/soap-envelope" xmlns:ns="http://docs.oasis-open.org/ns/cmis/messaging/200901" xmlns:ns1="http://docs.oasis-open.org/ns/cmis/core/200901&q

HOWTO: Authenticate Active Directory account over VPN from C# client?



I have some code that authenticates a user in Active Directory from a C# client but it does not work through a VPN connection, though it works just fine when I'm connected to the network.  How can I get this to work over a VPN?

These are the three functions I've used that ALL work, just not when I'm connected through a VPN.


        public static bool ValidateUser1(string strDomain, string strUsername, string strPassword)
                DirectoryEntry entry = new DirectoryEntry("LDAP://" + strDomain, strUsername, strPassword);
                object nativeObject = entry.NativeObject;
                return true;
            catch (DirectoryServicesCOMException) { }

Can't authenticate into Central Admin via IE but ok in other browsers on client PCs


This is an odd one - I have a SharePoint 2010 installed on a server and standard Windows authentication is used (via Active Directory). Locally on the server I can access Central Administration web site in IE with no problem.

On other PCs, whenever I try to access central admin in Internet Explorer (7/8) it fails to authenticate. IE quite happily automatically authenticates into the normal sharepoint sites, but not central admin. Yet if I use Firefox, then that quite happily authenticates into Central Admin. I've tried this on quite a few PCs with the same result - IE can't authenticate, Firefox can.

Any idea why this would be? The connection settings in IE appear the same as other browsers (i.e. no proxy).


WCF client to access Java SOAP server 1.2


To all WCF experts out there... Maybe you can shed some light on the following questions.  Any pointers regarding WCF client to non-Microsoft implementation on .NET Framework 3.x will be appreciated too.  Thanks in advance.

  1. I already have an object that can serialize to a valid XML input message; minus soap specific elements.  If I pass it directly, it will fail because the object type is so different than type generated by svcutil.exe.  What's the best way of passing this to the service?  I know when I serialize my object, and the one created by svcutil to XML, they are identical. 
  2. I guess this should be the first question.  To access a non-microsoft SOAP 1.2 service, is WCF the way to go on .NET Framework 3.0/4.0?
  3. Reference:  Are there any good books/sites that you can refer regarding WCF client (specially non-Microsoft implementation)?  I've seen so many WCF service, but very less focus on the client.

consume WCF events from java client??




is there a way to consume WCF services with events from a Java Client?



Visita mí BlOg y Colabora con tus comentarios ;-) Gracias.

How to dynamically populate a ComboBox through client-side Javascript?


I'm using the ComboBox control from the May 2009 release of the ASP.NET Ajax Control Toolkit.

I'd like to try and populate this ComboBox's list of options dynamically from the client-side Javascript (because I'm retrieving the data from the server based on the user's selection in another drop-down box).  Can anyone suggest how to accomplish this?  I tried this:


                var teacherComboBox = document.getElementById("ctl00_ContentPlaceHolder1_TeacherComboBox_OptionList");
                teacherComboBox.innerHTML = "";
                for (var i = 0 ; i < result.length ; i++) {
                    var listitem = document.createElement("li");
                    listitem.innerHTML = result[i];


And it didn't work.  The ComboBox just ended up with just one item (the first one) in the list, instead of all of them.

Any help appreciated.


ASP.NetWindows Application  .NET Framework  C#  VB.Net  ADO.Net  
Sql Server  SharePoint  Silverlight  Others  All   

Hall of Fame    Twitter   Terms of Service    Privacy Policy    Contact Us    Archives   Tell A Friend