Archives by Tag 'Security'

WCF BasicHttpBinding equivalent CustomBinding

By admin - Last updated: Wednesday, August 6, 2008

In real world , web service of WCF in basichttpbinding might not be flexible enough to meet enterprise application requirements. What programmers are looking at is a more robust way of developing web service application in WCF. CustomBinding as the name describes that it alllows users design their own web service binding. At the point, […]

WSE UsernameToken Password SendHashed – Crack

By admin - Last updated: Monday, November 12, 2007

Using ServiceCapture, Ethereal, Charles or some SOAP sniffer software to inspect the XML sent on wire. Here is XML snippet in the SOAP header. <wsse:usernametoken wsu:id=”….” xmlns:wsu=”….”>     <wsse:username>xxxxxx</wsse:username>     <wsse:password type=”….”>            fCQCp/A9wFD/Gku0L+yF/u+0leg=      </wsse:password>     <wsse:nonce>eSM7S/iT0KyA39vuWPQcPQ==</wsse:nonce>     <wsu:created>1975-12-01T05:28:36Z</wsu:created>  </wsse:usernametoken> [STAThread] static void Main() { […]