NOTE: I was writing code with .NET today (June 15th, 2010) for Alfresco and saw the documentation was pretty bad, so I am creating some. This will take a few days to get up.
Web Services API
WCF Examples - .NET 3.0 and Above
You will need to add a reference to each of the services you require. For example, it's not possible to perform authentication without 'AuthenticationService'. You can access the service by using the following URLs (of course, replace 'server.name' and 'PORT' with your server name and port):
This section describes configuration of simple WCF security based on:
'basicHttpBinding' bindings configuration;
'security' with 'mode' equal to 'TransportWithMessageCredential';
'clientCredentialType' equal to 'UserName' that will allow WCF generate SOAP WSS headers for 'text' password type;
'timestamp' headers as one of the approaches of preventing replay attacks.
NOTE: Currently, Alfresco WEB Services support password type 'text' only! Additionally, 'timestamp' headers sending is required.
WCF requires secured connections for messages transferring with password type â€˜digestâ€™ or â€˜textâ€™ using 'HTTPS' protocol by default. This leads WCF validating server sertificates. This example will use 'hack return true' implementation of certificate validation callback for simplification:
NOTE: 'AuthenticationService' doesn't require 'security' element configuration for its binding.
Sometimes, buffer sizes configured by default for messages exchanging are not enough. In this case application will crash with errors connected with buffer size and buffer read/write operations. For more information about configuration to avoid these problems and about WCF security configuration see oficial documentation for 'basicHttpBinding' configuration in MSDN.
Alfresco client endpoints
It's necessary to configure client endpoints pointing to your Alfresco server. All services which requre authentication should be configured against an HTTPS URL by default:
Don't forget to enable SSL/TLS in your WEB Application Server!
All Alfresco services except 'AuthenticationService' require authentication credentials for generating SOAP WSS headers. Currently, authentication for Alfresco WEB services performs through Alfresco tickets. It's necessary to start a session to receive a ticket:
AlfrescoAuthenticationService.AuthenticationServiceSoapPortClient authenticationService = new AlfrescoAuthenticationService.AuthenticationServiceSoapPortClient(); AlfrescoAuthenticationService.AuthenticationResult ticket = authenticationService.startSession('admin', 'admin');
Each other service may be configured to authenticate with received ticket:
RepositoryService.RepositoryServiceSoapPortClient repositoryService = new RepositoryService.RepositoryServiceSoapPortClient(); repositoryService.ClientCredentials.UserName.UserName = ticket.username; repositoryService.ClientCredentials.UserName.Password = ticket.ticket; // Actions with 'repositoryService'...
Started session should be ended after finishing work with services which require user authentication:
// Actions with services which require user authentication... authenticationService.endSession(ticket.ticket);
It's necessary to keep in mind that tickets have an expiration period.
Note, that 'AuthenticaionService' and 'RepositoryService' are namespaces specified during adding service references in VisualStudio using 'Add Service Reference' dialog.
WSE 2.0 and 3.0 Examples - .NET 2.0 and Above
WSE configuration may be accessed with right mouse click on the project name in â€˜Solution Explorerâ€™ tree and choosing â€˜WSE Settings 3.0â€¦â€™ menu item. Check 'Enable this project for Web Services Enhancements' on the 'General' tab. Click â€˜Okâ€™ button after all required configurations will be changed.
Note, that it's necessary to configure .NET 2.0 in VisualStudio 2008 and above as target framework which will allow adding WEB references compatible with WSE framework for each service. It's possible to return to newer version of .NET framework afterwards.
Itâ€™s necessary to modify each WEB reference added into the project to enable WSE framework:
open â€˜Reference.csâ€™ source file (e.g. <project_root>\Web References\AuthenticationService\Reference.cs);
find and replace all 'System.Web.Services.Protocols.SoapHttpClientProtocol' with 'Microsoft.Web.Services3.WebServicesClientProtocol'.
Security configuration (programmatic)
The approach of session starting is such the same as in WCF framework. The difference is in configuring credentials for services which require authentication: