index > Windows Communication Foundation > Removing Timestamp and action tags using WSE 3.0

Removing Timestamp and action tags using WSE 3.0

hi!!

I'm developing a client web service consumer and I'm modifiyng security headers via WSE3.0 to avoid encrypt soap messages. I'm trying to consume a Java Web Service but my problem is I'm signing my soap messages with certificates using SecurityPolicyAssertion derived class, and java is generating a exception due to it's possible it doesn't recognize <wsu:TimeStamp token that .NET injects and maybe <wsa:Action token too. I don't know, but I need to remove these tokens or tags from outbound messages, how Can I Do that since I tried to do via ProcessMessage and SecureMessage overriden methods into SendSecurityFilter derived class but it was not possible.

Thanks for any help

accarvajal

Hi Accarvajal,

Since you are using WSE 3.0(with ASMX webservice), I've searched some webservice/WSE means and find the following thread mentioned the means for removing the certain Soap headers in WSE 3.0 client:

#Remove WS-Addressing/WS-Security sections from WSE 3.0 Client request
http://stackoverflow.com/questions/753327/remove-ws-addressing-ws-security-sections-from-wse-3-0-client-request

If you use WCF as the service client, here is a reference which mentioned how to disable Timestamps header in WCF message:

#Disabling Security Timestamps
http://blogs.msdn.com/drnick/archive/2007/01/26/disabling-security-timestamps.aspx

Please remember to mark the replies as answers if they help and unmark them if they provide no help.

Marked As Answer bySteven Cheng - MSFTMSFT, ModeratorTuesday, September 22, 2009 2:13 AM
Proposed As Answer bySteven Cheng - MSFTMSFT, ModeratorMonday, September 21, 2009 3:46 AM

Steven Cheng - MSFT

#Disabling Security Timestamps
http://blogs.msdn.com/drnick/archive/2007/01/26/disabling-security-timestamps.aspx

Please remember to mark the replies as answers if they help and unmark them if they provide no help.

Marked As Answer bySteven Cheng - MSFTMSFT, ModeratorTuesday, September 22, 2009 2:13 AM
Proposed As Answer bySteven Cheng - MSFTMSFT, ModeratorMonday, September 21, 2009 3:46 AM

Steven Cheng - MSFT

Thanks steven, I'm not using WCF because java server is set to SOAP 1.1 and basicHttpBinding not let me to customize plain soap messages, since it sends Encrypted messages when Security Mode is set to "Message", and when is set to "None" plain messages is sent but ws-security headers for certificates is not sent. So I need to send plain signed with certificate soap messages with security headers (username token, ...), that's why I'm using WSE3.0

Removing WS-Addressing/Ws-Security sections by link provided by you, remove all ws-security sections, and I need to remove only wsu:Timestamp token.

accarvajal

You can use google to search for other answers

Custom Search

More Threads

• The remote server returned an unexpected response: (405) Method not allowed.

• Passed null date coming across as #12:00:00 AM#

• MSMQ WCF - multiple readers for the queue

• What is the best way to send large data from WCF service to Client

• Huge Business Domain

• Return XML Enocded data using System.ServiceModel.Channels.Message

• Logging the Windows authenticated user for each service request

• WCF and ALSB common authentication without compatibility?

• Error when exposing a complex type which has a public delegate

• "object reference not set to an instance of an object" - Not "initialized" through WCF?