Solved

Allow insecure transport in Silverlight 4.0

Posted on 2011-03-23
5
1,033 Views
Last Modified: 2013-11-12
Hi,

I'm trying to use UserNamePasswordValidator for custom validation of user name and password in a wcf service call from Silverlight 4.0 by using custom binding, Http transport with TransportSecurityBindingElement.CreateUserNameOverTransportBindingElement  and Allow insecure transport set to ture.

Is this possible in SL 4.0?  I know this can be done between a windows console application and the service. But in SL i cant find the Allow insecure transport attribute on TransportSecurityBindingElement

Server Config

    <bindings>
      <customBinding>
        <binding name="InsecureCredentials">
          <security authenticationMode="UserNameOverTransport" allowInsecureTransport="true" />
          <textMessageEncoding messageVersion="Soap11" />
          <httpTransport />
        </binding>
      </customBinding>
    </bindings>


Client Custom Binding


public class CustomHttpMessageInspectorBinding : CustomBinding
    {
 
        public CustomHttpMessageInspectorBinding()
        {
 
        }
 
        public CustomHttpMessageInspectorBinding(IClientMessageInspector messageInspector)
        {
            ChannelBindingElement = newMessageInspectorBindingElement();
            ChannelBindingElement.MessageInspector = messageInspector;
        }
 
        publicMessageInspectorBindingElement ChannelBindingElement
        {
            get;
            set;
        }
 
        publicoverrideBindingElementCollection CreateBindingElements()
        {
            BindingElementCollection bindingElements = base.CreateBindingElements();
            bindingElements.Add(ChannelBindingElement);
            HttpTransportBindingElement transport = newMyPseudoHttpsTransportBindingElement();
 
            transport.MaxReceivedMessageSize = 2147483647;
            transport.MaxBufferSize = 2147483647;
 
            TransportSecurityBindingElement security = TransportSecurityBindingElement.CreateUserNameOverTransportBindingElement();
            security.IncludeTimestamp = true;
           
            TextMessageEncodingBindingElement element = newTextMessageEncodingBindingElement();
            bindingElements.Add(security);
            bindingElements.Add(element);
            bindingElements.Add(transport);
            return
 bindingElements;
        }
    }


Thanks

Gautham
0
Comment
Question by:Gautham Janardhan
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 3

Expert Comment

by:politex
ID: 35227657
Hi, as i know insecure transport is default for  silverlight (securityMode=None), so you don't need any special parameter.
0
 
LVL 29

Assisted Solution

by:Gautham Janardhan
Gautham Janardhan earned 0 total points
ID: 35229408
thats true , but if you security is user name over transport, this needs an https transport,
In this scrnario in windows/console application there is a option to set AllowInsecureTransport to true so we can use user name over transport using an http transport.

Hope i'm clear
0
 
LVL 3

Expert Comment

by:politex
ID: 35229549
for this behavior in silverlight's BasicHttpSecurityMode is
"TransportCredentialOnly" - This mode provides only HTTP-based client authentication. It does not provide message integrity or confidentiality.
msdn
0
 
LVL 29

Accepted Solution

by:
Gautham Janardhan earned 0 total points
ID: 35229595
if i'm correct TransportWithMessageCredential works with Windows Authentication and not with Custom user name validator.
0
 
LVL 29

Author Closing Comment

by:Gautham Janardhan
ID: 35499750
This cant be done in SL
0

Featured Post

Instantly Create Instructional Tutorials

Contextual Guidance at the moment of need helps your employees adopt to new software or processes instantly. Boost knowledge retention and employee engagement step-by-step with one easy solution.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

For a while now I'v been searching for a circular progress control, much like the one you get when first starting your Silverlight application. I found a couple that were written in WPF and there were a few written in Silverlight, but all appeared o…
Exception Handling is in the core of any application that is able to dignify its name. In this article, I'll guide you through the process of writing a DRY (Don't Repeat Yourself) Exception Handling mechanism, using Aspect Oriented Programming.
This is Part 3 in a 3-part series on Experts Exchange to discuss error handling in VBA code written for Excel. Part 1 of this series discussed basic error handling code using VBA. http://www.experts-exchange.com/videos/1478/Excel-Error-Handlin…
Finding and deleting duplicate (picture) files can be a time consuming task. My wife and I, our three kids and their families all share one dilemma: Managing our pictures. Between desktops, laptops, phones, tablets, and cameras; over the last decade…

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question