Archives by Tag 'Security'
WCF BasicHttpBinding equivalent CustomBinding
In real world , web service of WCF in basichttpbinding might not be flexible enough to meet enterprise application requirements. What programmers are looking at is a more robust way of developing web service application in WCF. CustomBinding as the name describes that it alllows users design their own web service binding. At the point, […]
WSE UsernameToken Password SendHashed – Crack
Using ServiceCapture, Ethereal, Charles or some SOAP sniffer software to inspect the XML sent on wire. Here is XML snippet in the SOAP header. <wsse:usernametoken wsu:id=”….” xmlns:wsu=”….”> <wsse:username>xxxxxx</wsse:username> <wsse:password type=”….”> fCQCp/A9wFD/Gku0L+yF/u+0leg= </wsse:password> <wsse:nonce>eSM7S/iT0KyA39vuWPQcPQ==</wsse:nonce> <wsu:created>1975-12-01T05:28:36Z</wsu:created> </wsse:usernametoken> [STAThread] static void Main() { […]