Click here to Skip to main content
15,885,278 members
Search within:


C# - passing certificates using SOAP and WS-TRUST to generate authorization tokens
Please Sign up or sign in to vote.
0.00/5 (No votes)
See more:
C#
WCF
SOAP
WSDL
I am working on a project that would consume a 3rd party web service for certain functionality. We have got 2 WSDL files 1) WSDL file related to security token service 2) WSDL file related to certain functionality that our application uses. We are also provided with client certificate in PKCS-12 format, which they say is used by Security Token Service system to generate run time tokens for accessing their service.

We have also been informed that during run time the authorization token issued by Security Token Service system should be requested by our application using SOAP libraries and WS-TRUST protocols and also they mention some SOAP libraries will automatically request this token and pass it to service using WS-TRUST protocols.

Can anyone please suggest on below questions and help me understand concepts on certificate file and authorization tokens.

1) As per their documentation, is there any SOAP library which can automatically request service token and pass into actual service.? 2) How should the certificate be passed using SOAP to generate security token?

What I have tried:

Since am new to security concepts, I have been trying to research on this for quite a long time but couldn't find relevant information.
Posted
Updated 10-Jan-17 0:51am
Add a Solution

1 solution

Hope you are calling the third party web service from your server end, your integration should look like;

[Browser] ---[your server]---when token not present---[third party security toke service]
[Browser] ---[your server]---when token present---[third party service]

your server should use a http-client to call the third party service, where you should add the certificate when calling the security token service. This should return a token which should be set in your browser cookies.

code snippet:
WebRequestHandler handler = new WebRequestHandler();
X509Certificate2 certificate = GetMyX509Certificate();
handler.ClientCertificates.Add(certificate);
HttpClient client = new HttpClient(handler);
 
Share this answer
 
Posted
Comments
AbishekAlva 10-Jan-17 7:02am    
Thank you for your response Anup. My application is a windows based application which is integrated with 3rd party application for certain functionality. Since the 3rd party has come up with hosted service, we need to modify our design to handle this hosted service. So we need to pass in the certificate provided by them, that is installed in our system to get the authorization token which in turn is used to access their service for desired functionality.
anup.bhunia 10-Jan-17 7:35am    
in that case you could keep the security token, once generated in your application memory to avoid overhead of generating it everytime you call the actual service.
Add a Solution

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

  Print Answers RSS
Top Experts
Last 24hrsThis month
Related Questions
How to generate username token id in a soap request in C#?
JWT bearer token not authorizing
How to add username token in SOAP request in C#?
The solution provided for authorization using access token is not useful for me, can u provide a new solution based on the description?
Trying to do linkedin authorization code flow (3-legged oauth) but I keep getting this error 'unable to retrieve access token
Passing certificate to netcfsvcutil.exe
I want to pass windows NT token to other application in SOAP format in C++
Error: SSL certificate problem: unable to get local issuer certificate
Oauth confusion about token generation
Codeigniter 4 restful api return CORS error when using authorization bearer token

Advertise
Privacy
Cookies
Terms of Use
Last Updated 10 Jan 2017
Layout: fixed | fluid
Copyright © CodeProject, 1999-2024
All Rights Reserved.

Web02 2.8:2024-04-02:1

CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900