challenge/respons in WSE 2.0 (WS-Trust) -- dotnet web services enhancements

dotnet web services enhancements : challenge/respons in WSE 2.0 (WS-Trust)

hittapeter NO[at]SPAM hotmail.com
8/18/2004 12:36:23 AM

WS-Trust defines a syntax for performing challenges.
An example:
Client sends <RequestSecurityToken>
Server sends <SignChallenge>
Client sends <SignChallengeRespons>
Server sends <RequestSecurityTokenRespons>

My question is if WSE 2.0 has an implementation for the
challenge/respons mechanism. And in that case what class and functions
are to be used?

: )

Lucien
8/20/2004 1:08:53 PM

There's no implementation. There are support methods that you have to define
how you want the mechanism to look like (it's restricted/defined in
WS-Trust).

[quoted text, click to view]

daniel_hegner NO[at]SPAM fastmail.fm
9/6/2004 12:33:25 PM

Hi Lucien,

I've been working on this too, and I've tried to figure out the best
approach.

I haven't been that deep into WSE 2.0 yet so I don't know what you had
in mind when you mentioned those support methods. Do you have any more
specific pointers?

One of my ideas for implementing the protocol is to subclass the
SecurityContextTokenService but I have failed to find a detailed
description of how that class actually works. Would it be better to
subclass it's superclass SecurityTokenService instead and try to
implement the mentioned challenge-response protocol that way?

--
Daniel Hegner

[quoted text, click to view]

Got something to say? Click here to post a reply to this thread.

Don't see what you're looking for? Try a search.

View other messages about dotnet web services enhancements

home · blog · groups

Questions? Comments? Contact the dn