October 03, 2003

WS-Trust and WS-SecureConversation Sample

I've just finished up a sample that illustrates the WSE 2.0 Tech Preview support for WS-Trust and WS-SecureConversation. It does some things that the samples in the product don't fully illustrate including:


  • inheriting from the SecurityContextTokenService to create a service that is it's own token issuer,
  • inheriting from the SecurityContextTokenServiceClient to build a custom SoapClient for the service,
  • using two DerivedKeyTokens for each request and response to generate new signature and encryption keys for each exchange
  • implementing all the above using TCP as the transport

Of course, it's just a sample and doesn't include everything that would be needed for a production implementation, for example full authentication and authorization. You'll need Visual Studio 2003 and the WSE 2.0 Tech Preview installed to build and run right out of the gate; if you don't have VS 2003, it should be possible for you to compile the code from the command line or use your favourite tool. I hope to talk a little more about some aspects of the code in future posts.

Posted by herveyw at October 3, 2003 01:52 AM
Comments

Hervey,

Do you have an updated sample that uses HTTP transport? this one uses the soap.tcp. i could get soap.inproc to work as well. but am stuck trying to split the sample into server/client that uses HTTP.

thanks,
dims

Posted by: Davanum Srinivas at December 24, 2003 09:25 AM