Gautham Janardhan
asked on
Allow insecure transport in Silverlight 4.0
Hi,
I'm trying to use UserNamePasswordValidator for custom validation of user name and password in a wcf service call from Silverlight 4.0 by using custom binding, Http transport with TransportSecurityBindingEl ement.Crea teUserName OverTransp ortBinding Element and Allow insecure transport set to ture.
Is this possible in SL 4.0? I know this can be done between a windows console application and the service. But in SL i cant find the Allow insecure transport attribute on TransportSecurityBindingEl ement
Server Config
<bindings>
<customBinding>
<binding name="InsecureCredentials" >
<security authenticationMode="UserNa meOverTran sport" allowInsecureTransport="tr ue" />
<textMessageEncoding messageVersion="Soap11" />
<httpTransport />
</binding>
</customBinding>
</bindings>
Client Custom Binding
public class CustomHttpMessageInspector Binding : CustomBinding
{
public CustomHttpMessageInspector Binding()
{
}
public CustomHttpMessageInspector Binding(IC lientMessa geInspecto r messageInspector)
{
ChannelBindingElement = newMessageInspectorBinding Element();
ChannelBindingElement.Mess ageInspect or = messageInspector;
}
publicMessageInspectorBind ingElement ChannelBindingElement
{
get;
set;
}
publicoverrideBindingEleme ntCollecti on CreateBindingElements()
{
BindingElementCollection bindingElements = base.CreateBindingElements ();
bindingElements.Add(Channe lBindingEl ement);
HttpTransportBindingElemen t transport = newMyPseudoHttpsTransportB indingElem ent();
transport.MaxReceivedMessa geSize = 2147483647;
transport.MaxBufferSize = 2147483647;
TransportSecurityBindingEl ement security = TransportSecurityBindingEl ement.Crea teUserName OverTransp ortBinding Element();
security.IncludeTimestamp = true;
TextMessageEncodingBinding Element element = newTextMessageEncodingBind ingElement ();
bindingElements.Add(securi ty);
bindingElements.Add(elemen t);
bindingElements.Add(transp ort);
return
bindingElements;
}
}
Thanks
Gautham
I'm trying to use UserNamePasswordValidator for custom validation of user name and password in a wcf service call from Silverlight 4.0 by using custom binding, Http transport with TransportSecurityBindingEl
Is this possible in SL 4.0? I know this can be done between a windows console application and the service. But in SL i cant find the Allow insecure transport attribute on TransportSecurityBindingEl
Server Config
<bindings>
<customBinding>
<binding name="InsecureCredentials"
<security authenticationMode="UserNa
<textMessageEncoding messageVersion="Soap11" />
<httpTransport />
</binding>
</customBinding>
</bindings>
Client Custom Binding
public class CustomHttpMessageInspector
{
public CustomHttpMessageInspector
{
}
public CustomHttpMessageInspector
{
ChannelBindingElement = newMessageInspectorBinding
ChannelBindingElement.Mess
}
publicMessageInspectorBind
{
get;
set;
}
publicoverrideBindingEleme
{
BindingElementCollection bindingElements = base.CreateBindingElements
bindingElements.Add(Channe
HttpTransportBindingElemen
transport.MaxReceivedMessa
transport.MaxBufferSize = 2147483647;
TransportSecurityBindingEl
security.IncludeTimestamp = true;
TextMessageEncodingBinding
bindingElements.Add(securi
bindingElements.Add(elemen
bindingElements.Add(transp
return
bindingElements;
}
}
Thanks
Gautham
Hi, as i know insecure transport is default for silverlight (securityMode=None), so you don't need any special parameter.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
for this behavior in silverlight's BasicHttpSecurityMode is
"TransportCredentialOnly" - This mode provides only HTTP-based client authentication. It does not provide message integrity or confidentiality.msdn
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
This cant be done in SL