Signing Custom SOAP Headers
The Web Services Enhancements for Microsoft .NET (WSE) allows a developer to control which portions of the SOAP message are signed. When you don't specify the portions of the SOAP message to digitally sign, WSE signs the entire contents of the <Body> element, the <Timestamp> element of the Security header, and all addressing headers.
This default work for the majority of the cases; however, you might add a SOAP header to the SOAP message that contains values that must be secured. For example, a SOAP header containing a business transaction ID that impacts processing by the message recipient might require that its value be signed; so if it is changed, the recipient knows. Besides adding additional elements to be signed, WSE allows you to override the defaults using the SignatureOptions property of the MessageSignature class.
WSE also allows a SOAP message recipient to programmatically determine the portions of the SOAP message that were signed or encrypted. For details, see How to: Determine Which Parts of a SOAP Message Were Signed or Encrypted.
In This Section
Topic | Description |
---|---|
To digitally sign a custom SOAP header, the header must have an Id attribute. This topic details how to add that Id attribute to a custom header. |
|
Details how to digitally sign a custom SOAP header. |