Public Account As SecuredString
Public Class SecuredString
`Set the Oasis Id that our security reference will point to
Public ID As String
Public Data As String
[At your Calling side]
Dim a As localhost.IndexWse = New localhost.IndexWse
Dim b As localhost.SecuredCreditCard = New localhost.SecuredCreditCard
Dim z As localhost.SecuredString = New localhost.SecuredString
Dim c As SoapContext = a.RequestSoapContext
b.CreditCardType = "VISA"
z.Id = "uri:demoId.softwaremaker.net" `or some guid
z.Value = "123-456-789"
b.CreditCardAccount = z
c.Security.Elements.Add(New EncryptedData(tok, "#uri:demoId.softwaremaker.net"))
Note: To reduce headache-inducing typo bugs, you may want to use some WSE Constants
The end result of this is a soap:Body on the wire looks like this:
While I dont know how much of performance benefits this has over one that has the
entire SecureCreditCard encrypted (since it is an symmetric-key encryption at its
core), I think in terms of latency and throughput, it does offer some benefits especially
with a sizable payload (>20-30 kb, for instance )
_WCF_ does not currently have that feature build in at the moment (Sept05-CTP or known
as the PDC-bits). In other words, in WCF today, you encrypt the entire contents of
the soap:Body, lock-stock-barrel. I would still love that WSE feature
in there: To be able to exercise finer grain control over what I want to or not to
encrypt within a soap:Body.
Would really like to find out if I am the only odd one out there. Any users using
that existing WSE feature out there that would love to see the same in WCF or do you
have other better ideas Leave a comment or email me via the contact link on the
side. Thank you.
BTW: Whether you encrypt certain elements of the
contents or encrypt the entire contents of the soap:Body, both are _WS-Security_