"Techno_Dex" <nospamchurst@osi-corp.com> wrote in message
news:%23Ds6xRG$GHA.4316@TK2MSFTNGP03.phx.gbl...
> Has anyone had to go through the process of down grading a WSE 3.0 project
> down to WSE 2.0? I have an assembly which makes remote calls to WS's at
> various client sites. All the WSs on the Client sites are the same, but
> located at different URLs and use different X509 Certs via
> mutualCertificate11Security. I do a lookup in a DB to determine what the
> URL and the Cert Serial Number is in order to communicate with each
> particular client. This means my WSE policy is configured in code as I
> need to set certain Policy details after performing the lookup.
> Everything works great in WSE 3.0, but due to business needs to be able to
> call the assembly from from ASP.NET 1.1. application, my WSE 3.0 using
> .NET 2.0 will not work and thus I must down grade. I understand the
> mutualCertificate11Security is part of the WS Security 1.1 spec and WSE
> 2.0 only supports the WS Security 1.0 spec. Does anyone have suggestions
> on proceeding with the downgrade? With .NET 1.1 I loose the generics
> functionality so I can't use anything like MSBee to compile down to 1.1
> assemblies. Currently I have hobbled together code to extract Service and
> Client Tokens from the Certificate Store and add them to the
> Security.Tokens collection and add MessageSignature and EncryptedData to
> the Security Elements collection but I'm starting to get lost in the
> rabbit hole. WSE 3.0 is clean and well explained, WSE 2.0 documentation
> so far is crappy and messy. I'm not able to easily read the
> PolicyCache.config file and understand what is there and what I can
> change. I have also not be able to find the Policy details in WSE 2.0,
> which I am guessing is hidden under the hood in some of these
> RequestSoapContext collections.
>
> I guess my big questions are:
> Where/How do I deal with Policies in WSE 2.0?
> Which elements do I need to add to the Security.Elements Collection and in
> which order?
> How do I add the ServiceCredentials (Identity Token?) of an X509 Cert to
> the proxy?
>
> TIA
>

"Pablo Cibraro [MVP]" <pcibraro@hotmail.com> wrote in message
news:uCgf0FQ$GHA.1220@TK2MSFTNGP05.phx.gbl...
> Hi,
>
> 1.Where/How do I deal with Policies in WSE 2.0?
>
> The policy model in WSE 2.0 is completely different from the model in WSE
> 3.0.
> In WSE 2.0, there is only one global policy per Application Domain, that
> policy contains a long switch based on URLs and SOAP:Actions. (If you do
> not specify any URL or Action, the policy applies to all web services in
> that virtual directory, there is no way to specify the policy by means of
> attributes on the web service). If you take a look to that policy, it
> looks horrible, someting really hard to configure.
> The WSE 2.0 Configuration Tool is the simplest way to create that policy.
>
> 2. Which elements do I need to add to the Security.Elements Collection and
> in which order?
>
> If you are using the Mutual Certificate scenario, the policy will
> automatically add the necessary element in the Security.Elements
> collection. You only have to create the policy in your client application
> and your web application using the tool.
>
> 3. How do I add the ServiceCredentials (Identity Token?) of an X509 Cert
> to the proxy?
>
> Same as previous answer, the identity token is automatically added by the
> WSE.
>
> Regards,
> Pablo Cibraro.
>
> "Techno_Dex" <nospamchurst@osi-corp.com> wrote in message
> news:%23Ds6xRG$GHA.4316@TK2MSFTNGP03.phx.gbl...
>> Has anyone had to go through the process of down grading a WSE 3.0
>> project down to WSE 2.0? I have an assembly which makes remote calls to
>> WS's at various client sites. All the WSs on the Client sites are the
>> same, but located at different URLs and use different X509 Certs via
>> mutualCertificate11Security. I do a lookup in a DB to determine what the
>> URL and the Cert Serial Number is in order to communicate with each
>> particular client. This means my WSE policy is configured in code as I
>> need to set certain Policy details after performing the lookup.
>> Everything works great in WSE 3.0, but due to business needs to be able
>> to call the assembly from from ASP.NET 1.1. application, my WSE 3.0 using
>> .NET 2.0 will not work and thus I must down grade. I understand the
>> mutualCertificate11Security is part of the WS Security 1.1 spec and WSE
>> 2.0 only supports the WS Security 1.0 spec. Does anyone have suggestions
>> on proceeding with the downgrade? With .NET 1.1 I loose the generics
>> functionality so I can't use anything like MSBee to compile down to 1.1
>> assemblies. Currently I have hobbled together code to extract Service
>> and Client Tokens from the Certificate Store and add them to the
>> Security.Tokens collection and add MessageSignature and EncryptedData to
>> the Security Elements collection but I'm starting to get lost in the
>> rabbit hole. WSE 3.0 is clean and well explained, WSE 2.0 documentation
>> so far is crappy and messy. I'm not able to easily read the
>> PolicyCache.config file and understand what is there and what I can
>> change. I have also not be able to find the Policy details in WSE 2.0,
>> which I am guessing is hidden under the hood in some of these
>> RequestSoapContext collections.
>>
>> I guess my big questions are:
>> Where/How do I deal with Policies in WSE 2.0?
>> Which elements do I need to add to the Security.Elements Collection and
>> in which order?
>> How do I add the ServiceCredentials (Identity Token?) of an X509 Cert to
>> the proxy?
>>
>> TIA
>>
>
>