public override void SecureMessage(SoapEnvelope envelope, WSE.Security security)
{
// get server password from database
string password = parentAssertion.Password;
if (password == null)
return;
// hash password
password = SHA1(password);
// create username token
UsernameToken userToken = new UsernameToken(parentAssertion.ServerId.ToString(), password,
PasswordOption.SendNone);
if (parentAssertion.signRequest || parentAssertion.encryptRequest)
{
// Add the token to the SOAP header.
security.Tokens.Add(userToken);
}
if (parentAssertion.signRequest)
{
// Sign the SOAP message by using the UsernameToken.
MessageSignature sig = new MessageSignature(userToken);
security.Elements.Add(sig);
}
if (parentAssertion.encryptRequest)
{
// we don't return any custom SOAP headers
// so, just encrypt a message Body
EncryptedData data = new EncryptedData(userToken);
// encrypt custom headers
for (int index = 0; index < envelope.Header.ChildNodes.Count; index++)
{
XmlElement child = envelope.Header.ChildNodes[index] as XmlElement;
// find all SecureSoapHeader headers marked with a special attribute
if (child != null && child.NamespaceURI == "http://smbsaas/websitepanel/server/")
{
// create ID attribute for referencing purposes
string id = Guid.NewGuid().ToString();
child.SetAttribute("Id", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd", id);
// Create an encryption reference for the custom SOAP header.
data.AddReference(new EncryptionReference("#" + id));
}
}
security.Elements.Add(data);
}
}
public override void SecureMessage(SoapEnvelope envelope, WSE.Security security)
{
// get server password from database
string password = parentAssertion.Password;
if (password == null)
{
return;
}
// hash password
password = CryptoUtils.SHA1(password);
// create username token
UsernameToken userToken = new UsernameToken(parentAssertion.ServerId.ToString(), password,
PasswordOption.SendNone);
if (parentAssertion.signRequest || parentAssertion.encryptRequest)
{
// Add the token to the SOAP header.
security.Tokens.Add(userToken);
}
if (parentAssertion.signRequest)
{
// Sign the SOAP message by using the UsernameToken.
MessageSignature sig = new MessageSignature(userToken);
security.Elements.Add(sig);
}
if (parentAssertion.encryptRequest)
{
// we don't return any custom SOAP headers
// so, just encrypt a message Body
EncryptedData data = new EncryptedData(userToken);
// encrypt custom headers
for (int index = 0; index < envelope.Header.ChildNodes.Count; index++)
{
XmlElement child = envelope.Header.ChildNodes[index] as XmlElement;
// find all SecureSoapHeader headers marked with a special attribute
if (child != null && child.NamespaceURI == "http://com/SolidCP/server/")
{
// create ID attribute for referencing purposes
string id = Guid.NewGuid().ToString();
child.SetAttribute("Id", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd", id);
// Create an encryption reference for the custom SOAP header.
data.AddReference(new EncryptionReference("#" + id));
}
}
security.Elements.Add(data);
}
}
public override void SecureMessage(SoapEnvelope envelope, Security security)
{
UsernameToken userToken = new UsernameToken(
parentAssertion.username,
parentAssertion.password,
PasswordOption.SendNone); // we don't send password over network
// but we just use username/password to sign/encrypt message
// Add the token to the SOAP header.
security.Tokens.Add(userToken);
// Sign the SOAP message by using the UsernameToken.
MessageSignature sig = new MessageSignature(userToken);
security.Elements.Add(sig);
// encrypt BODY
EncryptedData data = new EncryptedData(userToken);
// encrypt custom headers
for (int index = 0; index < envelope.Header.ChildNodes.Count; index++)
{
XmlElement child = envelope.Header.ChildNodes[index] as XmlElement;
// find all SecureSoapHeader headers marked with a special attribute
if (child != null && child.NamespaceURI == "http://company.com/samples/wse/")
{
// create ID attribute for referencing purposes
string id = Guid.NewGuid().ToString();
child.SetAttribute("Id", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd", id);
// Create an encryption reference for the custom SOAP header.
data.AddReference(new EncryptionReference("#" + id));
}
}
// add ancrypted data to the security context
security.Elements.Add(data);
}
