How to save encrypted and signed messages in WCF for audit

Question

We are building a highly sensitive system, you can think of it as a banking system, where you have a client with a certificate that calls a WCF service to send a transaction to the server.

staying in the example of the banking system, that transaction can be a wire order or a debit. So for audit and in case of litigation by the client we need to be able to provide the originally sent encrypted and signed (stream) by the client to show that the order originated from them.

My problem is, I can't find a way to intercept the stream before it's deserialized and unencrypted.

Or is there another way other than intercepting the stream to be able to save the object as it was sent by the client.

Thank you!

Answer 1

Read up about WCF Tracing - you can log both at the transport level (the bytes going over the wire - will be encrypted) and at the service level - after decryption.

You also get a nice Service Trace Viewer Tool to inspect the trace information logged (to e.g. an XML file, SQL Server table etc.)