BizTalk Utilities CV ,   Jobs ,   Code library
 
Go to the front page to continue learning about XML or select below:

Contents

ReBlogger Contents

Previous posts in WSE

 
 
Page 16606 of 21350

Encrypting message fragments in a soap:body : Evidence and Feedback needed !

Blogger : Softwaremaker (WSE)
All posts : All posts by Softwaremaker (WSE)
Category : WSE
Blogged date : 2005 Oct 24

In _WSE_ 2.0, one could exercise some control over what one xml element/fragments wants to encrypt within a soap:Body. Therefore, if I wanted to encrypt the account string in my credit card type, I could do something like this:

[At your Service Side]


Public Class SecuredCreditCard
  _
  Public Type As String
  _
  Public Account As SecuredString
End Class

Public Class SecuredString
  `Set the Oasis Id that our security reference will point to
  Namespace:=".../2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd")> _
  Public ID As String
  _
  Public Data As String
End Class

[At your Calling side]


Dim a As localhost.IndexWse = New localhost.IndexWse
Dim b As localhost.SecuredCreditCard = New localhost.SecuredCreditCard
Dim z As localhost.SecuredString = New localhost.SecuredString

Dim c As SoapContext = a.RequestSoapContext

b.CreditCardType = "VISA"
z.Id = "uri:demoId.softwaremaker.net" `or some guid
z.Value = "123-456-789"
b.CreditCardAccount = z

c.Security.Elements.Add(New EncryptedData(tok, "#uri:demoId.softwaremaker.net"))

Note: To reduce headache-inducing typo bugs, you may want to use some WSE Constants such as
WSUtility.Prefix
WSUtility.AttributeNames.Id
WSUtility.NamespaceURI

The end result of this is a soap:Body on the wire looks like this:



 VISA
 
  
  
  
  FRFCiq...+0W5oS4
  

  

 

While I dont know how much of performance benefits this has over one that has the entire SecureCreditCard encrypted (since it is an symmetric-key encryption at its core), I think in terms of latency and throughput, it does offer some benefits especially with a sizable payload (>20-30 kb, for instance )

_WCF_ does not currently have that feature build in at the moment (Sept05-CTP or known as the PDC-bits). In other words, in WCF today, you encrypt the entire contents of the soap:Body, lock-stock-barrel. I would still love that WSE feature in there: To be able to exercise finer grain control over what I want to or not to encrypt within a soap:Body.

Would really like to find out if I am the only odd one out there. Any users using that existing WSE feature out there that would love to see the same in WCF or do you have other better ideas Leave a comment or email me via the contact link on the side. Thank you.

BTW: Whether you encrypt certain elements of the contents or encrypt the entire contents of the soap:Body, both are _WS-Security_ compliant.
 


Read comments or post a reply to : Encrypting message fragments in a soap:body : Evidence and Feedback needed !
Page 16606 of 21350

Newest posts
 

    Email TopXML