SOAP Header in a Dot Net 2.0 Web Service Client Consuming a WCF 3.0 service.

[Curt K]

I have been successful consuming a WCF 3.0 service from a 2.0 client. I
would like to embed a token (GUID as string) in the header so I can check
the
token with a session on the server side.

We have a requirement to run on Windows 2000 professional so we have to use
a .net 2.0 client (WCF basicHttpBinding). Changing the server or the client
to make this work is no problem so I do
not have the requirement of changing only the client.

I have a server side authenticate operation that has username and password
params, which returns a token if authenticated, this process starts a very
light weight client side session. I do NOT want to have the token on every
exposed contract method so a SOAP header is the answer.

Now what I want to do is pass this token in the SOAP header with every call
from the client to the server, extract it from the header on the server and
do a security check to ensure the method they have called is accessible by
the client (the client the token belongs to).

I have found a way to extract (or add as far as that goes) the header on the
server, here's some example
code:

int index =
OperationContext.Current.IncomingMessageHeaders.FindHeader("token", "");
string token =
OperationContext.Current.IncomingMessageHeaders.GetHeader<string>(index);

What I do not know how to do is create a 2.0 client that can see this token.

I am familiar with the ASP.Net 1.1 way of creating a soap header.

Any examples out there?

thanks in advance,
Curt

 

[John Saunders [MVP]]

I have been successful consuming a WCF 3.0 service from a 2.0 client. I
would like to embed a token (GUID as string) in the header so I can check
the
token with a session on the server side.

We have a requirement to run on Windows 2000 professional so we have to
use a .net 2.0 client (WCF basicHttpBinding). Changing the server or the
client to make this work is no problem so I do
not have the requirement of changing only the client.

I have a server side authenticate operation that has username and password
params, which returns a token if authenticated, this process starts a very
light weight client side session. I do NOT want to have the token on
every exposed contract method so a SOAP header is the answer.

Now what I want to do is pass this token in the SOAP header with every
call from the client to the server, extract it from the header on the
server and
do a security check to ensure the method they have called is accessible by
the client (the client the token belongs to).

I have found a way to extract (or add as far as that goes) the header on
the server, here's some example
code:

int index =
OperationContext.Current.IncomingMessageHeaders.FindHeader("token", "");
string token =
OperationContext.Current.IncomingMessageHeaders.GetHeader<string>(index);

What I do not know how to do is create a 2.0 client that can see this
token.

I am familiar with the ASP.Net 1.1 way of creating a soap header.

Any examples out there?

Are you having a problem creating such a client? What are you trying, and
what result are you seeing?

There hasn't been much change in this area from 1.1 to 2.0, except the whole
nonsense of "web sites" in 2.0. Please tell us what you're trying so we can
figure out how to help.

 

[Curt K]

There hasn't been much change in this area from 1.1 to 2.0, except the
whole nonsense of "web sites" in 2.0. Please tell us what you're trying so
we can figure out how to help.

I need to use a .net 2.0 web service client with a WCF (.net 3.0) Server.
I'm using basicHttpbinding. The web service works fine.

I want to add a SOAP Header that is a string that will hold a token (GUID as
a string). I want to be able to put the token/string in the SOAP header
from the client and use it for session management on the Server.

The client will call an "Authenticate" method on the WCF service. It'll
return a token/guid if successful. That token will be used during all
further calls on the web service offered up by the WCF Service. I do not
want to put the token on every service contract call, I would like to use
the SOAP header to send this token with every request.

Because I need to be compatible with Windows 2000 Professional as the
client, I need to stick to basicHttpBinding. I can not use Windows
Authentication for this application.

How do I from the WCF perspective add a SOAP header so that it is imported
into the proxy object and shows up as a SOAP header object on the 2.0 client
side proxy?

I basically need to decorate all of my Service Contract/Operation Contract
calls with the equivalent 3.0 version of this on the WCF side (or modify the
SOAP header before it is sent to the client).

[SoapHeader("tokenHeader", Direction = SoapHeaderDirection.In)]

So how do I add a SOAP header on the WCF side that can be consumed by a dot
net 2.0 web service client?

Hopefully that clears it up?

Thanks!
Curt

 

[John Saunders [MVP]]

There hasn't been much change in this area from 1.1 to 2.0, except the
whole nonsense of "web sites" in 2.0. Please tell us what you're trying
so we can figure out how to help.

....
How do I from the WCF perspective add a SOAP header so that it is imported
into the proxy object and shows up as a SOAP header object on the 2.0
client side proxy?

I basically need to decorate all of my Service Contract/Operation Contract
calls with the equivalent 3.0 version of this on the WCF side (or modify
the SOAP header before it is sent to the client).

[SoapHeader("tokenHeader", Direction = SoapHeaderDirection.In)]

So how do I add a SOAP header on the WCF side that can be consumed by a
dot net 2.0 web service client?

Hopefully that clears it up?

Yes, it does. Unfortunately, I haven't had a chance to learn WCF yet, so I
can't answer your question. :-(