I'm trying to connect to a Java service via WCF. The service expects that the body, and only the body of the SOAP message were signed.
I'm making a custom binding with MutualCertificate security, but it seems that this signs not only the body but also the header (or a part of it).
Is that true?
And if it is, How can I make to only sign the body?
Thanks
I would think that you can use:
[MessageBodyMember(ProtectionLevel=ProtectionLevel.EncryptAndSign)]
or
[MessageBodyMember(ProtectionLevel=ProtectionLevel.Sign)]
to highlight what you want signed/encrypted?
SignAndEncrypt
'd. Because that is the default. To make this work he would have to first set ProtectionLevel=ProtectionLevel.None
at the top of the contract interface level and then override it to Sign
at each individual message body as per your decorator example. And he is using transport security so there is no need for encryption, just signing - Amit Naidu 2012-12-05 23:17