We have some WSE 2.0 secured Web Services that we are migrating to a new data center. As part of this migration effort I needed to write some automated tests to make sure everything was working. In addition to working with the WSE 2.0 clients our customers have, I also wanted to see what was needed to make the services consumable by WCF clients. After finding this article on WSE 2.0 Interoperability on http://wcf.netfx3.com, it was pretty easy.
The main problem I was having was issues with the username token. In WCF some basic concepts were changed, such the removal of password encryption (instead recurring the transport, https for example to handle encryption), and replay detection.
Here is the config section from the WSE 2.0 server piece (the diagnostic piece is optional)
<microsoft.web.services2> <security> <securityTokenManager xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" qname="wsse:UsernameToken"> <replayDetection enabled="false"/> </securityTokenManager> </security> <diagnostics> <trace enabled="true" input="logs\InputTrace.webinfo" output="logs\OutputTrace.webinfo" /> </diagnostics> </microsoft.web.services2>
Here is a sample configuration section for the WCF Client:
<system.serviceModel> <bindings> <basicHttpBinding> <binding name="InventorySoap" closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00" allowCookies="false" bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard" maxBufferSize="65536" maxBufferPoolSize="524288" maxReceivedMessageSize="65536" messageEncoding="Text" textEncoding="utf-8" transferMode="Buffered" useDefaultWebProxy="true"> <readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384" maxBytesPerRead="4096" maxNameTableCharCount="16384" /> <security mode="TransportWithMessageCredential"> <message clientCredentialType="UserName" algorithmSuite="Default" /> </security> </binding> </basicHttpBinding> </bindings> <client> <endpoint address="https://Server/Directory/Service.asmx" binding="basicHttpBinding" bindingConfiguration="InventorySoap" contract="MonitoringServices.Inventory.Wcf.InventorySoap" name="InventorySoap" /> </client> </system.serviceModel>
Most of the client configuration was created for me when I added a service reference to my project. The key part is the mode=TransportWithMessageCredential and clientCredntialType = “UserName”.
We have another project underway were we want to rewrite the WSE 2.0 services with WCF while maintaining full compatibility with deployed WSE 2.0 clients. The netfx3 article covers this scenario as well, and it seems like we will be able to accomplish our task. Look for a future post on that endeavor.