-
Notifications
You must be signed in to change notification settings - Fork 562
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
SecurityBindingElement.CreateMutualCertificateDuplexBindingElement in DotNetCore #2265
Comments
@hmdhasani, as message security is not supported in WCF on .NET Core, this code won't work. The only workaround at this point is to change your service to use transport security and not message security. I understand this is not always an option... WCF is not able to support message security currently is because underlying key functionalities (mostly in System.IdentityModel) is not available on .NET Core. FYI, this is tracked in #3, #4, #8. |
Thank you @zhenlan for response. |
I won't say no hope for future :), but at this point we don't have any concrete plan yet. |
Hi @zhenlan |
@hmdhasani I'm afraid that we don't have further update on this at this point. |
We are also hitting this same road block. Hopefully support for message security can be made a priority soon! |
@fulghumd @sudilravindranpk , unfortunately, the status hasn't changed. Due to the underlying System.IdentityModel is not supported on .NET Core, this item is blocked. |
It's not completely obvious to me whether your usage scenario falls under MessageSecurity of TransportWithMessageCredentials. I suspect it's the former as your endpoint address is using http and not https. TransportWithMessageCredentials requires the transport layer to provide the secrecy and integrity part of security and this is generally provided by TLS over https. As you are using http, I believe this means you require full MessageSecurity which encrypts and signs the payload to provide secrecy and integrity. This capability is provided by System.IdentityModel on .NET Framework. We simply don't have the resources to take ownership of this code on .NET Core, we're a small team. The team which does own it has decided not to port and support it on .NET Core. I was able to get TransportWithMessageCredentials to work as there is actually two implementations of SignedXml in the .NET Framework. One is in System.IdentityModel and is internal (and used by WCF on .NET Framework), the other lives in the System.Security.Cryptography.Xml and is public. There is sufficient implementation of various signed xml standards in the public implementation that I was able to refactor WCF to use that instead. Unfortunately it doesn't implement enough of the signed xml standards to be able to use it for full MessageSecurity. |
@mconnew Any news on this? |
I'm sorry, not yet. |
Is this implemented in .NET 5.0? |
Doubt it, wcf isn't part of the framework anymore - it's separate. |
Any updates on this? Are we forever stuck in .Net with no way to move to core/5? |
@HongGit, any updates on this? It would be great, if you have anything on this. |
@birojnayak from AWS is currently working on adding support for full Message security for CoreWCF. Once that work is complete, we should be able to reuse a lot of what he implements to bring the same functionality to the WCF client. No schedule or concrete plan yet, but it is forward progress. |
I am trying to use a WSDL service in dot net core that works fine in previous version of dotnet.
As I described in #2259 and #2258 first I tried the 'Microsoft WCF Web Service Reference Provider' Extension that result to some errors. then I tried 'SvcUtil.exe' and put generated source and config file in a DotNetFramework Console App and was able to successfully connect to the service. but as DotNetCore does not support config file I tried to turn my App.config '<system.serviceModel>' section into code that finally results in this:
And It works properly
then I copied this code into a DotNetCore Console App but it seems somethings must be changed as there is no "CreateMutualCertificateDuplexBindingElement" and no "SecurityAlgorithmSuite"
What is the equivalent of this code in DotNetCore?
The text was updated successfully, but these errors were encountered: