2

I'm currently updating a few very old web Services and came upon a Situation where I'm unsure.

I've got a web Service with the following method Header:

public string MyService(string data1, string data2, int subdatalength, short internalTimeout)

The data provided for the Parameters Comes via SOAP. So far I get it how I could achieve the same with the current ASP.NET Versions. What I'm unsure about is that inside that method Webservice.Server.UrlDecode is used to extract data from the URL itself.

Thus I got Soap filled Parameters AND at the same time data in the URL. Normally nowadays as I understand you got only data in the message OR data in the URL and not both at the same time.

As I can't modify the data senders I have to let it stay that way.

So I'm wondering if the modern ways to create web applications (MCV4, ...) Support such a construct?

Improve this question
0

1 Answer 1

Reset to default
1

SAML supports both:

Mappings from SAML request-response message exchanges into standard messaging or communication protocols are called SAML protocol bindings. For instance, the SAML SOAP Binding defines how SAML protocol messages can be communicated within SOAP messages, whilst the HTTP Redirect binding defines how to pass protocol messages through HTTP redirection.

For example, it is a SOAP message for delegated authentication:

<?xml version="1.0" encoding="UTF-8" ?> <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"> <soapenv:Body> <Authenticate xmlns="urn:authentication.soap.sforce.com"> <username>[email protected]</username> <password>myPassword99</password> <sourceIp>1.2.3.4</sourceIp> </Authenticate> </soapenv:Body> </soapenv:Envelope>

and a SAML assertion with embedded query parameters for portal authentication:

<samlp:Response ID="_f97faa927f54ab2c1fef230eee27cba21245264205456" IssueInstant="2009-06-17T18:43:25.456Z" Version="2.0"> <saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity"> https://www.salesforce.com</saml:Issuer> <samlp:Status> <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/> </samlp:Status> <saml:Assertion ID="_f690da2480a8df7fcc1cbee5dc67dbbb1245264205456" IssueInstant="2009-06-17T18:45:10.738Z" Version="2.0"> <saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity"> https://www.salesforce.com </saml:Issuer> <saml:Signature> <saml:SignedInfo> <saml:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> <saml:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> <saml:Reference URI="#_f690da2480a8df7fcc1cbee5dc67dbbb1245264205456"> <saml:Transforms> <saml:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/> <saml:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"> <ec:InclusiveNamespaces PrefixList="ds saml xs"/> </saml:Transform> </saml:Transforms> <saml:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> <saml:DigestValue>vzR9Hfp8d16576tEDeq/zhpmLoo= </saml:DigestValue> </saml:Reference> </saml:SignedInfo> <saml:SignatureValue> AzID5hhJeJlG2llUDvZswNUrlrPtR7S37QYH2W+Un1n8c6kTC Xr/lihEKPcA2PZt86eBntFBVDWTRlh/W3yUgGOqQBJMFOVbhK M/CbLHbBUVT5TcxIqvsNvIFdjIGNkf1W0SBqRKZOJ6tzxCcLo 9dXqAyAUkqDpX5+AyltwrdCPNmncUM4dtRPjI05CL1rRaGeyX 3kkqOL8p0vjm0fazU5tCAJLbYuYgU1LivPSahWNcpvRSlCI4e Pn2oiVDyrcc4et12inPMTc2lGIWWWWJyHOPSiXRSkEAIwQVjf Qm5cpli44Pv8FCrdGWpEE0yXsPBvDkM9jIzwCYGG2fKaLBag== </saml:SignatureValue> <saml:KeyInfo> <saml:X509Data> <saml:X509Certificate> MIIEATCCAumgAwIBAgIBBTANBgkqhkiG9w0BAQ0FADCBgzELM Certificate truncated for readability... </saml:X509Certificate> </saml:X509Data> </saml:KeyInfo> </saml:Signature> <saml:Subject> <saml:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified">null </saml:NameID> <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer"> <saml:SubjectConfirmationData NotOnOrAfter="2009-06-17T18:48:25.456Z" Recipient="https://login.salesforce.com/?saml=02HKiPoin4f49GRMsOdFmhTgi _0nR7BBAflopdnD3gtixujECWpxr9klAw"/> </saml:SubjectConfirmation> </saml:Subject> <saml:Conditions NotBefore="2009-06-17T18:43:25.456Z" NotOnOrAfter="2009-06-17T18:48:25.456Z"> <saml:AudienceRestriction> <saml:Audience>https://saml.salesforce.com</saml:Audience> </saml:AudienceRestriction> </saml:Conditions> <saml:AuthnStatement AuthnInstant="2009-06-17T18:43:25.456Z"> <saml:AuthnContext> <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified </saml:AuthnContextClassRef> </saml:AuthnContext> </saml:AuthnStatement> <saml:AttributeStatement> <saml:Attribute FriendlyName="Friendly Name" Name="federationId" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified"> <saml:AttributeValue xsi:type="xs:string">saml_portal_user_federation_id </saml:AttributeValue> <saml:AttributeValue xsi:type="xs:string">SomeOtherValue </saml:AttributeValue> </saml:Attribute> <saml:Attribute Name="portal_id"> <saml:AttributeValue xsi:type="xs:anyType">060D00000000SHZ </saml:AttributeValue> </saml:Attribute> <saml:Attribute Name="organization_id"> <saml:AttributeValue xsi:type="xs:anyType">00DD0000000F7Z5 </saml:AttributeValue> </saml:Attribute> <saml:Attribute Name="ssostartpage" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified"> <saml:AttributeValue xsi:type="xs:anyType"> http://www.salesforce.com/qa/security/saml/saml20-gen.jsp </saml:AttributeValue> </saml:Attribute> <saml:Attribute Name="logouturl" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"> <saml:AttributeValue xsi:type="xs:string"> http://www.salesforce.com/qa/security/del_auth/SsoLogoutPage.html </saml:AttributeValue> </saml:Attribute> </saml:AttributeStatement> </saml:Assertion> </samlp:Response>

References

Improve this answer

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.