Certificate Information from WCF Using Transport Security Mode

Question

Certificate Information from WCF Using Transport Security Mode

Is there a way to extract information about which client certificate was used in my web service method when used <security mode="Transport>? I sifted through OperationContext.Current, but could not find anything obvious.

My server configuration is as follows:

  <basicHttpBinding>
    <binding name="SecuredBasicBindingCert">
      <security mode="Transport">
        <message clientCredentialType="Certificate" />
      </security>
    </binding>
  </basicHttpBinding>

I work with a third-party pub / subsystem, which unfortunately uses DataPower for authentication. It looks like if I use WCF with this configuration, then I can’t get the caller information (since no credentials have been sent).

Somehow I need to be able to find out who is calling my service without changing my configuration, or ask them to change their payload.

+5

wcf ibm-datapower wcf-security

Langdon 27 '10 17:38

1

luksan · Accepted Answer · 2010-06-03T01:39:21+0000

, .

-, , System.IdentityModel .

- , :

// Find the certificate ClaimSet associated with the client
foreach (ClaimSet claimSet in OperationContext.Current.ServiceSecurityContext.AuthorizationContext.ClaimSets)
{
    X509CertificateClaimSet certificateClaimSet = claimSet as X509CertificateClaimSet;
    if (certificateClaimSet != null)
    {
        // We found the ClaimSet, now extract the certificate
        X509Certificate2 certificate = certificateClaimSet.X509Certificate;

        // Do something interesting with information contained in the certificate
        Debug.Print("Certificate Subject: " + certificate.Subject);
    }
}

, !

Certificate Information from WCF Using Transport Security Mode

More articles: