Re: Encrypt/Decrypt Username Password using Public Key

---

• From: sachdeva.rajesh@xxxxxxxxx
• Date: 7 Sep 2006 06:01:50 -0700

---

Our requirements are that we have to encrypt the user name and the
password before creating the user token, Yes! I am using WSE3.0.


Basically we are doing double encryption.

We will usertoken later to access the webservices.


Any idea or help is appreciated.



Dominick Baier wrote:

Why do you want to encrypt? Why decrypt?

WSE has all the mechanics for creating tokens based on username/password
- and if you run over SSL that's totally fine.

I guess you are looking for a WSE UsernameToken.

---
Dominick Baier, DevelopMentor
http://www.leastprivilege.com

Sorry! If I was not too clear on the requirements. basically the
client will send username and password on SSL. We take the user name
and password encrypt the user name and password using public key and
then create the auth token.

I also need help creating the auth token usinf
microsoft.web.service3.security.token.
Any help is very much appreciated.

Valery Pryamikov wrote:

Hi,
Since you told us nothing about the requirements, then how about: USE
SSL!
Wtih SSL, the information is transmitted from client to server (and
back) in encrypted form.
-Valery.
http://www.harper.no/valery
sachdeva.rajesh@xxxxxxxxx wrote:

I want to encrypt the username and password using public key.
Decrypt it using private key. Any help or code is very helpful.

Thanks in advance for your help.

.

---

• Follow-Ups:
  • Re: Encrypt/Decrypt Username Password using Public Key
    • From: Valery Pryamikov
  • Re: Encrypt/Decrypt Username Password using Public Key
    • From: Dominick Baier

• References:
  • Re: Encrypt/Decrypt Username Password using Public Key
    • From: sachdeva . rajesh
  • Re: Encrypt/Decrypt Username Password using Public Key
    • From: Dominick Baier

• Prev by Date: Re: Generating RSA key with different public exponent
• Next by Date: Re: Encrypt/Decrypt Username Password using Public Key
• Previous by thread: Re: Encrypt/Decrypt Username Password using Public Key
• Next by thread: Re: Encrypt/Decrypt Username Password using Public Key
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: Encrypt/Decrypt Username Password using Public Key ... Why do you want to encrypt? ... WSE has all the mechanics for creating tokens based on username/password - and if you run over SSL that's totally fine. ... (microsoft.public.dotnet.security) Re: WS Security issues ... the UsernameToken to encrypt and sign your messages with. ... you only use it for authentication and then let SSL handle the rest? ... have to specify username/password? ... (microsoft.public.dotnet.framework.webservices.enhancements) Re: How do you secure a web service? ... what is the best method of securing the web service? ... Encrypt the username/password? ... SSL is the easiest. ... (microsoft.public.dotnet.framework.webservices) Re: Encrypting the response ... encrypt the response with the token that was used to sign the request. ... You should encrypt the response with the token that was used to encrypt the ... encrypting tokens in separate functions. ... (microsoft.public.dotnet.framework.webservices.enhancements) Re: How can WSE2 work in the real world? ... It's fair enough for the server to have a ... > certificate (as for SSL), but you can't expect this of every user. ... > user tokens only appear to work in WSE only if you use plain text (very ... the SCT is linked back to the ... (microsoft.public.dotnet.framework.webservices.enhancements)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(18)