I have to create a WCF proxy of a web service hosted on Weblogic server.
The specs I have to implement (rather urgently I'm afraid) are:
- use SOAP, WS-Security,
- use SSL (but not mutualSSL)
- sign the message body
- timestamp it
- sign the timestamp.
- The server will authenticate the client ensuring it has a cert with a specific CN.
Could someone suggest where to start?
Muddling around I think so far I have to do the following:
- create endpoint
- referencing a [customBinding|httpBidning|?] binding
If the binding were a httpBinding the SSL would be probably: security@mode=transport security@clientCredentialType=certificate (not sure how to define message and transport security via customConfig)
The signing of the body is done by (in httpBinding) security@mode=message security@clientCredentialType=certificate that in turn references a client side cert definined in a behavior.
The timestamp? when tracing, I notice it is applied, but I don't know exactly how it was applied.
The signing of the timestamp has me totally stumped.
The cert is attached to the endpoint's identity. I think that if it is identity, it won't be used for encryption of any kind (ie not for message or transport) but just sent somewhere in the doc (header?) so server can read the cert's CN.
How far off am I??!?
Thanks for any and all help with his headache...