4. Creating the WCF Test Client
Now that the orchestration
has been configured, we can focus on creating a client that uses the
certificate to encrypt the data when calling the service. To do this,
create a console application in Visual Studio 2008. After creating a
console application, connect to the BizTalk WCF endpoint by doing the
following:
Right-click the References node in Solution Explorer.
Select Add Service Reference.
Enter the URI to the WCF endpoint, and click GO.
Change the namespace to a meaningful name.
Click OK to add the reference.
Once the service has been added, your App.config file should look something like the following:
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<system.serviceModel>
<bindings>
<wsHttpBinding>
<binding name="WSHttpBinding_ITwoWayAsync">
<security mode="Message">
<transport clientCredentialType="Windows"/>
<message
clientCredentialType="Certificate"
negotiateServiceCredential="true"
..........algorithmSuite="Default"
establishSecurityContext="true" />
</security>
</binding>
</wsHttpBinding>
</bindings>
<client>
<endpoint address="http://bts2009rc/Math/
BTS2009_WCFDemo_Math_AddOrchestration_AddReceivePort.svc"
binding="wsHttpBinding"
bindingConfiguration="WSHttpBinding_ITwoWayAsync"
contract="MathService.BTS2009_WCFDemo_Math_AddOrchestration_AddReceivePort"
name="WSHttpBinding_ITwoWayAsync">
<identity>
<certificate encodedValue="AwAAAAEAAAAUAAAAV....
" />
</identity>
</endpoint>
</client>
</system.serviceModel>
</configuration>
The Add Service Reference
feature detected that a certificate is required, but there is still
additional work necessary before the service can be called. The
application needs to be told what certificate to use. To do this, there
is additional configuration necessary. The following bold code shows the
additional code added to the App.config file:
<system.serviceModel>
<behaviors>
<endpointBehaviors>
<behavior name="MathBehavior">
<clientCredentials>
<clientCertificate
findValue="certsample"
storeLocation="LocalMachine"
x509FindType="FindBySubjectName" />
<serviceCertificate>
<authentication revocationMode="NoCheck" />
</serviceCertificate>
</clientCredentials>
</behavior>
</endpointBehaviors>
</behaviors>
<bindings>
<wsHttpBinding>
<binding name="WSHttpBinding_ITwoWayAsync">
<security mode="Message">
<transport clientCredentialType="Windows"
proxyCredentialType="None"
realm="" />
<message clientCredentialType="Certificate"
negotiateServiceCredential="true"
algorithmSuite="Default"
establishSecurityContext="true" />
</security>
</binding>
</wsHttpBinding>
</bindings>
<client>
<endpoint address="http://bts2009rc/Math/
BTS2009_WCFDemo_Math_AddOrchestration_AddReceivePort.svc"
behaviorConfiguration="MathBehavior"
binding="wsHttpBinding"
bindingConfiguration="WSHttpBinding_ITwoWayAsync"
contract="MathService.BTS2009_
WCFDemo_Math_AddOrchestration_AddReceivePort"
name="WSHttpBinding_ITwoWayAsync">
<identity>
<certificate
encodedValue="AwAAAAEAAAAUAAAAVYAae3Zx..." />
</identity>
</endpoint>
</client>
</system.serviceModel>
The behavior named MathBehavior tells WCF two important items:
Instead of modifying the
App.config file by hand, use the WCF Service Configuration Editor as
part of the Windows SDK. To access this, select Tools WCF Service Configuration Editor within Visual Studio, or right-click the App.config file and select Edit WCF Configuration.
|
|
Once the application
configuration has been set up, we can write the following few lines of
code to call the service. The result is a working application that uses
message-level certificate encryption.
static void Main(string[] args)
{
MathService.AddOrchestrationPort client =
new MathService. AddOrchestrationPort ();
MathService.Add request = new MathService.Add();
request.Number1 = 100;
request.Number2 = 200;
MathService.MathResult response = client.AddOperation(request);
Console.WriteLine(response.Result.ToString());
Console.ReadLine();
}
If we enable the
diagnostics features of WCF to trace messages, the WCF Service Trace
Viewer application will show that the data being sent over the wire from
the BizTalk service is now encrypted. You can see this in Figure 4.