Digest Authentication

This article is in a draft stage.

This article provides more information on the new features of the .NET Stack Version 3.3 and up releases.

Digest Authentication with the LDS .NET Stack

After installing the Stack in any new Visual Studio Project, follow these steps to enable Digest Authentication with a web service:

Configuration Based Implementation

a) Add a service reference to the web service that requires Digest Authentication.
Service Reference.png
Digest Authentication.jpg
b) In the App.config or Web.config of your project, you will need to make some changes within the system.ServiceModel configuration element.
i) Add or modify a bindings and customBinding elements as shown. For SSL connections you will use httpTransport instead (substitute the name as it fits your project).
     <binding name="CustomBinding_IDigestAuthenticationEndpoint">
       <textMessageEncoding messageVersion="Soap12" />
       <httpTransport />
ii) Add the following to extensions and behaviorExtensions:
   <add name="stackPasswordDigestBehavior"
        type="Lds.Stack.Security.PasswordDigestBehaviorExtension, Lds.Stack" />
iii) Add the following behaviors and endpointBehavior elements. Substitute the name as it fits your project. Specify the username and password that the server will need for Digest Authentication.
   <behavior name="PasswordDigestBehavior">
             UserName="[Username for Digest Authentication]"
             Password="[Password for Digest Authentication]" />
iv) Modify the auto-generated client and endpoint tags as follows. You will likely not have to modify all attributes, depending on what was auto-generated with your service reference.
 <endpoint address="http://localhost:52884/DigestAuthenticationEndpoint.svc/Digest..."
           name="DigestAuthenticationEndpoint" />
v) Now your service can be called as so:
DigestAuthenticationEndpointClient client = new DigestAuthenticationEndpointClient();
c) You are done! Now when you access the web service in your code, the configured username and password will be passed in.

Programmatic Implementation

Sometimes you may not want to put the username and password credentials in a configuration file or perhaps you need to load different credentials at run-time depending on the current context of your application. You can implement password digest binding programmatically by following these steps.

a) You'll need to start with already having a service client object of some sort. You can implement the Stack's digest binding on any service, which service you may have referenced through a different set of code or a configuration. If you already set it up in a configuration file (or if you plan to) then this is the minimum configuration for the service client that will work. You shouldn't need to set up anything else in your configuration related to services.
   <!-- Digest endpoint configuration -->
   <endpoint address="{Your Service Endpoint Address}"
             name="{SampleServiceClient}" />
b) Create an instance of your client object and a PasswordDigestBehavior object, specifying the username and password.
SampleServiceClient client = new SampleServiceClient();

string username = "{username}";
string password = "{password}";
PasswordDigestBehavior digestBehavior = new PasswordDigestBehavior(username, password);
c) Add the behavior to the client endpoint.
d) Add a new StackDigestBinding object to the endpoint. Specify true or false to use SSL.
client.Endpoint.Binding = new StackDigestBinding(true);
e) Now you can use your service.

On the StackDigestBinding class you can programmatically change the following properties at any time.

Property Name Default Value Description
MessageVersion MessageVersion.Soap12 Specifies the version of SOAP and WS-Addressing.
UseSsl false Whether or not to use SSL for transport.
WriteEncoding Encoding.UTF8 (System.Text.UTF8Encoding) Specifies the write encoding.
MaxReceivedMessageSize 65535 The maximum allowable message size in bytes that can be received for the http transport

Installing examples from a NuGet Package

a) Open your NuGet Package Manager, and select the package "LDS Stack Digest Authentication Configuration Settings."
NuGet Package.png
b) Samples will be installed in a folder called DigestExamples. One for programmatic binding and one for configuration based binding. This will also automatically install the Stack itself.
Digest Examples.png

Adding custom HTTP Headers through Digest Authentication

The HTTP Headers are added to the PasswordDigestBehavior object, where they will ultimately be passed on to the outgoing HTTP request when it is made.

Adding HTTP Headers programmatically

string username = "{UserName}";
string password = "{Password}";
string url = "http://url";

Dictionary<String, String> httpHeaders = new Dictionary<string, string>();
httpHeaders.Add("Header 1", "value for header 1");
httpHeaders.Add("Header 2", "value for header 2");

Lds.Stack.Security.PasswordDigestBehavior digestBehavior
   = new PasswordDigestBehavior(username, password, httpHeaders);

Adding HTTP Headers by configuration

Create your HTTP Headers inside the stackPasswordDigestBehavior element in your App.config or Web.config files:

   <behavior name="PasswordDigestBehavior">
     <stackPasswordDigestBehavior UserName="{UserName}" Password="{Password}">
         <add key="test" value="123456" />
         <add key="Bob" value="Job" />
This page was last modified on 6 December 2012, at 16:07.

Note: Content found in this wiki may not always reflect official Church information. See Terms of Use.