Skip to main content

Timestamp for a single method

No replies
Timestamp for a single method
February 12, 2012 - 13:42
vasiliyz
Offline
Joined: 2010-10-08
Points: 0

Hello, i have a web service and i want to enable security policy for some methods and disable for others.

But i do not understand how to enable timestamp only for some methods.

If i add <sp:IncludeTimestamp/> to binding policy then all methods on my web service requires the timestamp and signature token(for sign the timestamp).

If i remove <sp:IncludeTimestamp/> from binding policy then all methods on my service is not requires the timestamp. Signature works fine, but i want to add timestamp for this.

My binding policy is :

<sp:AsymmetricBinding>
<wsp:Policy>
<sp:AlgorithmSuite>
<wsp:Policy>
<sp:Basic128/>
</wsp:Policy>
</sp:AlgorithmSuite>
<sp:InitiatorToken>
<wsp:Policy>
<sp:X509Token
sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient">
<wsp:Policy>
<sp:WssX509V3Token10/>
</wsp:Policy>
</sp:X509Token>
</wsp:Policy>
</sp:InitiatorToken>
<sp:Layout>
<wsp:Policy>
<sp:Strict/>
</wsp:Policy>
</sp:Layout>
<sp:OnlySignEntireHeadersAndBody/>
<sp:RecipientToken>
<wsp:Policy>
<sp:X509Token
sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never">
<wsp:Policy>
<sp:RequireIssuerSerialReference/>
<sp:WssX509V3Token10/>
</wsp:Policy>
</sp:X509Token>
</wsp:Policy>
</sp:RecipientToken>
</wsp:Policy>
</sp:AsymmetricBinding>
<sp:Wss10>
<wsp:Policy>
<sp:MustSupportRefIssuerSerial/>
</wsp:Policy>
</sp:Wss10>
<sc:KeyStore ..... />
<sc:ValidatorConfiguration......./>
<wsam:Addressing/>
</wsp:Policy>

My request polycy is:

<wsp:Policy xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"
wsu:Id="SignOnly_Input_Policy">
<sp:SignedParts>
<sp:Body/>
</sp:SignedParts>
</wsp:Policy>

My WSDL binding is:

<binding name=""SOAP12Binding" type="ebo:TestPort">
<wsp:PolicyReference URI="#TestBindingPolicy"/>
<soap12:binding style="document" transport="http://schemas.xmlsoap.org/soap/http"/>
.....
<operation name="NoNeedSignature">
<soap12:operation style="document" soapAction="http://xmlns.test/NoNeedSignature "
soapActionRequired="false"/>
<input>
<soap12:body use="literal" parts=" NoNeedSignatureRequest"/>
</input>
.....
<operation name="NeedSignature">
<soap12:operation style="document" soapAction="http://xmlns.test/NeedSignature "
soapActionRequired="false"/>
<input><wsp:PolicyReference URI="#SignOnly_Input_Policy"/>
<soap12:body use="literal" parts=" NeedSignatureRequest"/ >
</input>

How can i add timestamp for NeedSignature method but disable all signature and timestamp processing for NoNeedSignature method ?

Thanks for help.

‹ Interoper Java client to call WCF services with binding (ws2007FederationHttpBinding) Using Metro inside an Eclipse plugin implementation ›