You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@cxf.apache.org by darrint <da...@gmail.com> on 2011/04/11 16:47:02 UTC

Policy and WCF

I'm working with a .NET programmer to try and establish Java interop with a
WCF service already running on a particular port on many servers. We've set
up what should be a Java compatible wshttpbinding configuration and started
trying to get CXF or Metro to connect to it.

So far we've worked out that we have to use ws-security, ws-securitypolicy,
ws-secureconversation (we think), and  maybe ws-trust to establish a shared
session key after validating a username/password.

On his end in .NET it's trivial to turn on the features of security he
desires, but on my end I cannot figure out how to set all the right
policies/whatevers. Shouldn't there be a way to get this policy from .NET
after he sets up the binding? Would it be easier for us to make a new
interface in Java, have some tool generate the appropriate policy and
consume that in .NET? Is there some switch I can flip to make CXF and .NET
discover this stuff from each other?

Given the large number of hours we've fruitlessly burned on this I'm
certainly open to the idea that we're missing something big and obvious.

Here is the .NET code that my partner in this is using to describe the
binding and service:

    static void Init_WSHttp_Message_BasicAuth_Custom_Interop()
    {
        _endpointAddress = "http://localhost:8411/MySvc";
        //_binding = CustomWSHttpBindingFactory.CreateCustomWSHttpBinding();
        _binding = new WSHttpBinding();
        ((WSHttpBinding)_binding).Security.Mode = SecurityMode.Message;
        ((WSHttpBinding)_binding).Security.Message.ClientCredentialType =
MessageCredentialType.UserName;
       
((WSHttpBinding)_binding).Security.Message.NegotiateServiceCredential =
false;
        ((WSHttpBinding)_binding).Security.Message.EstablishSecurityContext
= false;

        _serviceHost = new ServiceHost(new MySvc());
        ServiceEndpoint sep =
_serviceHost.AddServiceEndpoint(typeof(IMySvc), _binding, _endpointAddress);
        _serviceHost.Credentials.ServiceCertificate.SetCertificate(
            StoreLocation.LocalMachine,
            StoreName.My,
            X509FindType.FindBySubjectName,
            "Server3");
        Console.WriteLine("svc cert thumbprint: {0}",
_serviceHost.Credentials.ServiceCertificate.Certificate.Thumbprint);
       
_serviceHost.Credentials.UserNameAuthentication.UserNamePasswordValidationMode
= UserNamePasswordValidationMode.Custom;
       
_serviceHost.Credentials.UserNameAuthentication.CustomUserNamePasswordValidator
= new CustomUserNamePasswordValidator();
    }

--
Darrin


--
View this message in context: http://cxf.547215.n5.nabble.com/Policy-and-WCF-tp4296084p4296084.html
Sent from the cxf-user mailing list archive at Nabble.com.

Re: Policy and WCF

Posted by darrint <da...@gmail.com>.

For what it's worth, we found our own solution. Turns out that on the .NET
side we had disabled the ?wsdl resource on the service. Once we had that
available we had policy information.

--
Darrin


--
View this message in context: http://cxf.547215.n5.nabble.com/Policy-and-WCF-tp4296084p4300601.html
Sent from the cxf-user mailing list archive at Nabble.com.