Here we go again, more WSE fun!
I am in the process of writing a wizard for helping our support people
in making changes to the web.config for supporting WSE configuration
and have encountered an issue with the <securityTokenManager> node when
using a custom user token manager.
Below is a very standard web.config excerpt. The element <UTM ... >,
defines a custom user token manager class, that in this case uses an
XML file for validating user/id password combinations (this
configuration is solely for internal testing, in production it will be
configured to whatever our customers use for user validation.
<microsoft.web.services3>
<policy fileName="C:\InterfaceWS\wse3policy.config"/>
<tokenIssuer>
<statefulSecurityContextToken enabled="false"/>
</tokenIssuer>
<security>
<securityTokenManager>
<add type="My.UTM, TokenManager"
namespace="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" localName="UsernameToken">
<UTM securityMode="FILE"
securityTokenFile="C:\Authorized\UserAuth.xml"/>
</add>
</securityTokenManager>
</security>
</microsoft.web.services3>
I am completely stumped in finding a way to use the
ConfigurationManager and WSE classes to allow me to examine the
securityTokenManager settings.
More specifically, I use the following code to read the section:
ConfigurationSection section =
(ConfigurationSection)ConfigurationManager.GetSection("microsoft.web.services3");
This causes my custom user token manager constructor to fire (I can
tell this via breakpoints). I can then do the following call to get
some (but not all) the <security> settings.
Microsoft.Web.Services3.Security.Configuration.SecurityConfiguration
securityConfig =
Microsoft.Web.Services3.Configuration.WebServicesConfiguration.SecurityConfiguration;
The properties of the SecurityConfiguration class include things like
AllowTestRoot, DefaultTtlInSeconds, etc. What is missing, and what I
really searching for is how to examine the securityTokenManager
information.
There is a class, securityTokenManagerCollection that appears to be the
correct class to contain the security token manager information as a
collection, but there is no property off the securityConfig class to
get to the collection (the only constructor for the
securityTokenManagerCollection is for a new, empty collection).
Question 1: Does anyone know how to get the securityTokenManager
information using the WSE ConfigurationManager classes? At the moment,
I am opening the web.config and scanning for the UTM node, a truly
crappy solution.
Question 2 : I can via breakpoints, and file openings, that when I read
in the WSE3 section, my custom user token manager is instantiated. I
really need to get a reference to that object. There does not seem to
e a static method for gaining access to the object that the
configuration manager has created for me, and I am currently forced
into creating a second instance of the custom token manager. This is a
really big problem.
Any help is deeply appreciated,
--george
