Categories

See More
Popular Forum

MBA (4887) B.Tech (1769) Engineering (1486) Class 12 (1030) Study Abroad (1004) Computer Science and Engineering (988) Business Management Studies (865) BBA (846) Diploma (746) CAT (651) B.Com (648) B.Sc (643) JEE Mains (618) Mechanical Engineering (574) Exam (525) India (462) Career (452) All Time Q&A (439) Mass Communication (427) BCA (417) Science (384) Computers & IT (Non-Engg) (383) Medicine & Health Sciences (381) Hotel Management (373) Civil Engineering (353) MCA (349) Tuteehub Top Questions (348) Distance (340) Colleges in India (334)
See More

WCF client certification

General Tech QA/Testing
Max. 2000 characters
Replies

usr_profile.png
Priya Roy

User

( 6 months ago )

 

I have a WCF service which uses basicHttpBinding. Now I want to secure my methods so that no one can create a proxy and use my method. I used WCF client certification from msdn. But cant move further. here is my web.config

 <system.serviceModel>
<client>
  <endpoint address="http://localhost:57246/Service1.svc" binding="basicHttpBinding"
    bindingConfiguration="BasicHttpBinding_IService1" contract="ServiceReference1.IService1"
    name="BasicHttpBinding_IService1" />
</client>
<services>
  <service name="Microsoft.ServiceModel.Samples.CalculatorService"
           behaviorConfiguration="DataServiceBehavior">
    <host>
      <baseAddresses>
        <add baseAddress="http://localhost:57246/Service1.svc"/>
      </baseAddresses>
    </host>
    <endpoint address=""
       binding="basicHttpBinding"
       bindingConfiguration="Binding1"
       contract="ServiceReference1.IService1" />

    <endpoint address="mex"
              binding="mexHttpBinding"
              contract="IMetadataExchange" />
  </service>
</services>

<bindings>
  <basicHttpBinding>
    <binding name="BasicHttpBinding_IService1">
      <security mode="Message">
        <transport realm="" />
        <message clientCredentialType="Certificate" />
      </security>
    </binding>
  </basicHttpBinding>
</bindings>


<behaviors>
  <serviceBehaviors>
    <behavior name="DataServiceBehavior">
      <serviceMetadata httpGetEnabled="True"/>
      <serviceDebug includeExceptionDetailInFaults="False" />

      <serviceCredentials>
        <serviceCertificate findValue="localhost" storeLocation="LocalMachine" storeName="My" x509FindType="FindBySubjectName" />
        <clientCertificate>

          <authentication certificateValidationMode="PeerOrChainTrust" />
        </clientCertificate>
      </serviceCredentials>
    </behavior>
  </serviceBehaviors>
</behaviors>

now what should pass call form the c sharp. I have a method in WCF named showGrid.

public DataSet showGrid()
    {
        SqlDataAdapter da = new SqlDataAdapter("Select * FROM Resources", con);
        DataSet ds = new DataSet();
        da.Fill(ds);
        return ds;
    }

and trying to call it like this on a button click

protected void btnShow_Click(object sender, EventArgs e)
    {
        var client = new ServiceReference1.Service1Client();


 client.ClientCredentials.ClientCertificate.SetCertificate(StoreLocation.CurrentUser, StoreName.My, X509FindType.FindBySubjectName, "localhost");
        client.showGrid();
        GridView1.DataSource = client.showGrid();
        
								 								 
							usr_profile.png
							
Harsh Vashishth

User

( 6 months ago )

Just add client certificate like this

client.ClientCredentials.ClientCertificate.Certificate = yourcert;

Edit:

        X509Certificate2 yourcert= null; 
        var store = new X509Store(storeName, storeLocation);

        store.Open(OpenFlags.OpenExistingOnly | OpenFlags.ReadOnly);
        var certCollection = store.Certificates.Find(findType, thumbprint, false);
        if (certCollection.Count>0)
            yourcert= certCollection[0];
        store.Close();

what's your interest