I am attempting to create a WCF .NET service secured using a STS IssuedToken. STS is secured by X509.
I developed a client with .NET framework and it works.
I conducted research online and I discovered there is no support for WCF message security in .NET Core yet.
My app.config is
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<system.diagnostics>
</system.diagnostics>
<system.serviceModel>
<behaviors>
<endpointBehaviors>
<behavior name="ClientCert">
<clientCredentials>
<clientCertificate storeLocation="LocalMachine" storeName="My" x509FindType="FindBySubjectDistinguishedName" findValue="CN=XXX, OU=TNB, O=TNB, L=XX, S=XX, C=TR"/>
</clientCredentials>
</behavior>
</endpointBehaviors>
</behaviors>
<bindings>
<customBinding>
<binding name="contextSoap12Binding">
<textMessageEncoding messageVersion="Soap11"/>
<security authenticationMode="IssuedTokenOverTransport" securityHeaderLayout="Lax" includeTimestamp="true">
<secureConversationBootstrap enableUnsecuredResponse="false" requireSecurityContextCancellation="false"/>
<issuedTokenParameters keyType="SymmetricKey" tokenType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1">
<claimTypeRequirements>
<add claimType="http://wso2.org/claims/userid"/>
<add claimType="http://wso2.org/claims/cn"/>
</claimTypeRequirements>
<issuer address="https://XXXX/services/wso2carbon-sts" binding="customBinding" bindingConfiguration="StsBinding"/>
<issuerMetadata address="https://XXXX/services/wso2carbon-sts?wsdl"/>
</issuedTokenParameters>
</security>
<context contextManagementEnabled="false"/>
<httpsTransport maxReceivedMessageSize="104857600" requireClientCertificate="true"/>
</binding>
<binding name="StsBinding">
<textMessageEncoding messageVersion="Default"/>
<security defaultAlgorithmSuite="Default" authenticationMode="UserNameOverTransport" securityHeaderLayout="Lax" includeTimestamp="true" keyEntropyMode="ServerEntropy"/>
<httpsTransport authenticationScheme="Basic" requireClientCertificate="true"/>
</binding>
</customBinding>
</bindings>
<client>
<endpoint address="https://XXXXX/services/Secured" binding="customBinding" bindingConfiguration="contextSoap12Binding" contract="GuvenliOdemeServis.Servis" name="ServisSoap11" behaviorConfiguration="ClientCert"/>
</client>
</system.serviceModel>
</configuration>
static void Main(string[] args)
{
var cert = new X509Certificate2(@"XXX.pfx", "123");
using (var svc = new ServisClient())
{
svc.ClientCredentials.UserName.UserName = username;
svc.ClientCredentials.UserName.Password = password;
svc.ClientCredentials.ServiceCertificate.DefaultCertificate = cert;
ServicePointManager.Expect100Continue = true;
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;
var resp = svc.EOdemeSaticiKaydet(req);
}
}
I wanted to know if anyone found a way to connect to WCF services through .NET Core.
Thank you for your help
In.NET core, WCF is no longer applicable, replaced by CoreWCF. It is a port of WCF to.NET core. If you want to use WCF on.NET core, you need to use CoreWCF.
Now CoreWCF only supports x509 certs with TransportWithMessageCredentials and not full message security. It may meet some of your needs but it may not meet all of them. But the good news is it's still being updated.
And you may check out the following two links for more info :
CoreWCF 1.0 has been Released, WCF for .NET Core and .NET 5+.