How to: Encrypt a SOAP Message
WSE allows you to encrypt SOAP messages by writing code in the SecureMessage method of an output custom filter for a custom policy assertion. For more information about creating custom policy assertions, see How to: Create a Custom Policy Assertion that Secures SOAP Messages.
The procedure that encrypts a SOAP message using user code outlines just the steps to encrypt the SOAP message and does not include the steps it takes to obtain a specific security token or send the SOAP message. For step-by-step procedures for the specific type of security token you are using, see Discrete Security Operations Supported By the Built-in Security Tokens.
To write code to encrypt a SOAP message
Create a custom policy assertion.
For more information about creating custom policy assertions, see How to: Create a Custom Policy Assertion that Secures SOAP Messages.
Override the SecureMessage method in the output SOAP filter for the client or the Web service that signs SOAP messages.
The following code example overrides the SecureMessage method for the client output SOAP filter.
Public Overrides Sub SecureMessage(ByVal envelope As SoapEnvelope, ByVal security As Security)
public override void SecureMessage(SoapEnvelope envelope, Security security)
Obtain the security token that you want to encrypt the SOAP message with.
The following code example creates a new instance of a KerberosToken security token.
Dim kerbToken As New KerberosToken("host/" & hostname & _ "@" & domainName)
KerberosToken kerbToken = new KerberosToken("host/" + hostname + "@" + domainName);
Create a new instance of the EncryptedData class using the security token you want to encrypt the SOAP message with.
Note
The security token does not need to be added to the SOAP message.
Dim enc As New EncryptedData(kerbToken)
EncryptedData enc = new EncryptedData(kerbToken);
Add the EncryptedData to the WS-Security SOAP header.
security.Elements.Add(enc)
security.Elements.Add(enc);
Example
The following code example creates a KerberosToken security token, and then encrypts a SOAP request by using the token.
Public Overrides Sub SecureMessage(ByVal envelope As SoapEnvelope, ByVal security As Security)
Dim kerbToken As New KerberosToken("host/" & hostname & _
"@" & domainName)
' Add the security token.
security.Tokens.Add(kerbToken)
' Encrypt the SOAP request by using the Kerberos ticket.
Dim enc As New EncryptedData(kerbToken)
security.Elements.Add(enc)
End Sub 'SecureMessage
public override void SecureMessage(SoapEnvelope envelope, Security security)
{
KerberosToken kerbToken = new KerberosToken("host/" + hostname +
"@" + domainName);
// Encrypt the SOAP request by using the Kerberos ticket.
EncryptedData enc = new EncryptedData(kerbToken);
security.Elements.Add(enc);
}