0





315
1

Using Ws2007HttpBinding and securing the service, the WSDL file generated shows in the policy section that all the ws-addressing headers and the body will be signed, and that the body will be encrypted.

<sp:SignedParts>
  <sp:Body /> 
  <sp:Header Name="To" Namespace="http://www.w3.org/2005/08/addressing" /> 
  <sp:Header Name="From" Namespace="http://www.w3.org/2005/08/addressing" /> 
  <sp:Header Name="FaultTo" Namespace="http://www.w3.org/2005/08/addressing" /> 
  <sp:Header Name="ReplyTo" Namespace="http://www.w3.org/2005/08/addressing" /> 
  <sp:Header Name="MessageID" Namespace="http://www.w3.org/2005/08/addressing" /> 
  <sp:Header Name="RelatesTo" Namespace="http://www.w3.org/2005/08/addressing" /> 
  <sp:Header Name="Action" Namespace="http://www.w3.org/2005/08/addressing" /> 
</sp:SignedParts>
<sp:EncryptedParts>
  <sp:Body /> 
</sp:EncryptedParts>

We would like to specify which headers have to be signed and/or encrypted, like it is possible in Apache rampart. For custom header or body elements, it is possible using annotations in the code, but for these elements that are added by the binding itself, is is possible?

Question author Philippe | Source

0


1

Nevermind, after a few days I found an answer over here: http://blogs.msdn.com/drnick/archive/2007/01/19/securing-custom-headers-version-2.aspx

Answer author Philippe

Ask about this question here!