I have a WCF server/client structure, which gets a new way for authentication.
serviceHost.Credentials.UserNameAuthentication.UserNamePasswordValidationMode = UserNamePasswordValidationMode.Custom;
There are two versions:
Server Version 1.0 Supports Authentication 1.0
Server Version 2.0 Supports Authentication 2.0
Both Server Versions supports username and password. The client needs to know, which user should be used. The new client should support both Authentication methods.
Client 2.0 --> Server 1.0
Client 2.0 --> Server 2.0
Is there any information available, to get the service version of the server before the authentication process? The client should select the compatible method depended on the version of the server.
One idea was to use a mex data with the version infos inside the url.
A service's endpoint identity is a value generated from the service Web Services Description Language : WSDL. This value, propagated to any client, is used to authenticate the service.
You can verify communication in this way, as you can see for examples.
Related
I'm trying to configure my application so it authorises using ADFS server. I have configured ADFS server. In my Solution file(which is combination of WF, WPF projects and WCF) I have multiple no. of projects, I am using visual studio 2017. One project is client and another is server. Client is supposed to send authentication request to ADFS and receive token, which is sent to server side of my solution, where user is authorised to use application. Now my question is how do I configure it? Microsoft's documentations are using Identity and Access tool which is not supported in VS17. Is there any tutorial or legit guide/documentation which I can follow to configure my application.
I'm developing an ASP.NET Web API which implements also an Identity provider using Identity Server. The requirement is to support Windows Authentication via Active Directory, and also Custom credentials.
All these requirements are achievable. An extra requirement is to support Win Auth from different untrusted domains.
Recap:
Three untrusted domain (A, B, C)
the ASP.net Core service runs (using HTTP.SYS and not behind IIS) on a server joined to domain A
a user from domain B wants to login using Windows Authentication (preferable SSO) using domainB\userB
I've googled and it doesn't seem possible.
It's an option to migrate to Kestrel 3.0, but Microsoft says here
In ASP.NET Core 3.0, Kestrel has the ability to use Negotiate, Kerberos, and NTLM on Windows, Linux, and macOS for Windows domain-joined hosts
so supports only domain joined hosts.
My understanding is that LDAP could support untrusted domains, is this true?
Thanks,
How do you add a username/password to a Soap header via a Windows Mobile 6.5 application for an outbound web service call?
I have successfully achieved this in the full .Net framework by specifying the SoapExtension in the App.Config/Web.Config file but this does not exist in the compact framework.
edit:
a bit more info.
i have a web service which was supplied by a third party so i dont have the code to it and i couldnt tell you what happens within it. However, when i add a service reference to the URL and use it in my compact framework application i get an "unauthorised" error.
i can create a winforms/webforms app and reference a library to set the username/password for the outgoing message and it works fine (library supplied by third party so i also cannot view the code).
the library is not compatible with the compact framework and it also requires the SoapExtension be specified in the app.config/web.config file which is also not present in the compact framework.
I am very very new to ADFS 2.0, i have been using Domain trust and i am doing some research on ADFS 2.0 to convert my current web app to ADFS 2.0, question i have is
Does the Web server needs to be on a perimeter network facing internet? or i can use web proxy or if federation proxy supports that built in for web server too.
Does my SSL cert needs to be on my IIS or i can host it on my load balancer?
Also do i need to have .net 3.0 and above to use adfs with asp.net?
For ADFS, you can install an ADFS proxy that is accessible to the Internet. This communicates with an instance of ADFS which can be behind a firewall.
ADFS requires a "Service communications" certificate which typically uses the SSL certificate of the IIS that hosts ADFS.
I detailed the WIF requirements in my other answer to you.
ADFS requires Microsoft .NET Framework 3.5 together with Service Pack 1.
I am about to develop a windows applikation which need to communicate with an Axis2 webservice using Web Service Security - all the documentation says is, that the SOAP security communication is configured to TIMESTAMP, SIGNATURE, ENCRYPT and the the certificate of my company must be installed in my keystore and the SOAP client I am about to develop must trust the webservice-provider certificate. But from here I am lost.
I know how to use a regular webservice - but with the above informations nothing I know of or do will succeed, all I have figured out so far is installing Web Service Enhancement 3.0. Im using VS2008/C#.
Does anyone knows a good guide or provide a code-sample?
Here's a link to the WSE 3.0 Quick Start Examples:
WSE QuickStarts
If you're using VS2008 though, you should considering building your client using WCF. You won't need to install WSE 3.0 as the security standards are built-in. Here's a WCF reference that should get you started on the security aspect:
Common Security Scenarios (WCF)