Adding Security Credentials to SOAP

The WSE 3.0 for .NET enables the developers for creating one or more security credentials that can be added to the SOAP Message.

The following procedure describes how to add one or more security credentials to a SOAP Message.A computer must be configured to accept the SOAP Messages embedded with the security credentials.

Two types of security credentials that can be setup for the computer

  1. X.509 certificate.
  2. Username and Password.

You can configure the computer for X.509 certificate by reading the  SOAP Messages signed by an X.509 Certificate.

You can also configure the computer for Username Token by validating SOAP Messages signed by Username Token.

Following procedure is To Add a security token to SOAP

1.  Open the Web Service Client project

2.Add references to the Microsoft.Web.Services3 and System.Web.Services assemblies. 

3. Add a Web Reference to the Web service that is to receive the SOAP message signed with the UsernameToken.

4. Add the folllowing user directives

using System;
using System.Collections.Generic;
using System.Text;
using System.Security.Cryptography.X509Certificates;

using Microsoft.Web.Services3;
using Microsoft.Web.Services3.Design;
using Microsoft.Web.Services3.Security;
using Microsoft.Web.Services3.Security.Tokens;

 5. Write the following code by overriding the SecureMessage Method  in web  service.

public override void SecureMessage(SoapEnvelope envelope, Security security)
UsernameToken userToken;
userToken = new UsernameToken(userName, userPasswordEquivalent,
// Adds the token to the SOAP header.

%d bloggers like this: