Re: WSE 2.0 - Security token could not be authenticated or authorized

From: Paul (nospam_at_msnews.microsoft.com)
Date: 05/20/04

Next message: Tricia: "Re: SOMEBODY TO GUILD ME THROUGH AND BE MY FRIEND"
Previous message: kurttrail: "Re: SOMEBODY TO GUILD ME THROUGH AND BE MY FRIEND"
In reply to: ElCid: "Re: WSE 2.0 - Security token could not be authenticated or authorized"
Next in thread: Sami Vaaraniemi: "Re: WSE 2.0 - Security token could not be authenticated or authorized"
Reply: Sami Vaaraniemi: "Re: WSE 2.0 - Security token could not be authenticated or authorized"
Messages sorted by: [ date ] [ thread ]

Date: Thu, 20 May 2004 08:07:23 -0400

Been there, done that, bought the t-shirt... No dice... Very
frustrating...

Thanks for the reply though!

- Paul

"ElCid" <ElCid@hotmail.com> wrote in message
news:%23KsqSyePEHA.1512@TK2MSFTNGP10.phx.gbl...
> Paul, it might be that you have the username wrong. Sometimes you might
need
> to set the username to DOMAIN\username as the username. Could you give
this
> a try?
>
> You are correct in assuming that WSE will try and authenticate the
Username
> token for you by trying to log on, however, this only happens if the
> username token is sent in plain text.
>
> "Paul" <nospam@msnews.microsoft.com> wrote in message
> news:eh%23fWldPEHA.1048@tk2msftngp13.phx.gbl...
> > I mean that the user account and the password from the SOAP header
> > (<wsse:Username>jdoe</wsse:Username> <wsse:Password
> > Type="wsse:PasswordText">password</wsse:Password>) represent a existing
> > account in the Windows SAM. I can log on to the server as this user.
The
> > account is valid, yet when a web service client tries to send a request
> with
> > these credentials, I get the "security token could not be authenticated
or
> > authorized" error... It is my presumption, from everything I've read,
> that
> > if you do not use your own function, the credentials will be
authenticated
> > against the local account db. I'm obviously missing something...
> >
> > I'll look at the sample you suggested, but I'm not really interested in
> > overriding the AuthenticateToken function until I have the default
> behavior
> > working. I've already written and configured my own custom function,
but
> it
> > didn't work either so I pulled it out and I'm trying to the basic stuff
> > working first then I'll go back to debugging my custom auth function.
> >
> > - Paul
> >
> >
> > "Lucien" <Xlucienen X@hotmail.com> wrote in message
> > news:40ab79cd$1@news.microsoft.com...
> > > I'm not sure what you mean with exists and are valid (you mean windows
> > > authentication?). Check out the usernameSigning sample (it has a
custom
> > > STM).
> > >
> > > "Paul" <nospam@msnews.microsoft.com> wrote in message
> > > news:eBEq3oQPEHA.3264@tk2msftngp13.phx.gbl...
> > > > From my original post...
> > > >
> > > > "The user name and password from the SOAP header exist and are valid
> on
> > > the
> > > > server"
> > > >
> > > > - Paul
> > > >
> > > >
> > > >
> > > > "DAN" <anonymous@discussions.microsoft.com> wrote in message
> > > > news:94292DED-021B-46CD-A70F-B84FD47CEF05@microsoft.com...
> > > > > ----- Paul wrote: -----
> > > > >
> > > > > I'm trying to use a UserToken (PasswordOption.SendPlainText)
in
> > WSE
> > > > 2.0 with
> > > > > the default "AuthenticateToken" behavior (i.e. I'm not
> overriding
> > > the
> > > > > function in a custom token manager). The user name and
> password
> > > from
> > > > the
> > > > > SOAP header exist and are valid on the server but I'm still
> > getting
> > > > > "security token could not be authenticated or authorized"
when
> I
> > > try
> > > > to POST
> > > > > to the web service...
> > > > >
> > > > > My guess is:
> > > > > Because usernametoken with plaintext password is automatically
> mapped
> > to
> > > > windows account
> > > > > check whether you have corresponding account on machine hosting
web
> > > > service.
> > > > >
> > > > > DAN
> > > >
> > > >
> > >
> > >
> >
> >
>
>

Next message: Tricia: "Re: SOMEBODY TO GUILD ME THROUGH AND BE MY FRIEND"
Previous message: kurttrail: "Re: SOMEBODY TO GUILD ME THROUGH AND BE MY FRIEND"
In reply to: ElCid: "Re: WSE 2.0 - Security token could not be authenticated or authorized"
Next in thread: Sami Vaaraniemi: "Re: WSE 2.0 - Security token could not be authenticated or authorized"
Reply: Sami Vaaraniemi: "Re: WSE 2.0 - Security token could not be authenticated or authorized"
Messages sorted by: [ date ] [ thread ]

Relevant Pages

Re: WSE 2.0 - Security token could not be authenticated or authorized
... Paul, it might be that you have the username wrong. ... You are correct in assuming that WSE will try and authenticate the Username ... > account in the Windows SAM. ...
(microsoft.public.dotnet.framework.webservices.enhancements)
RE: cannot log on to user account following password change
... cannot log on to user account following password change ... I changed the username on the account in ... | on the sbs box. ...
(microsoft.public.windows.server.sbs)
Re: logon failure
... MSSQLServer service after you change the username of administrator account. ... username for the SQL Server startup service account or the SQL Server Agent ... Microsoft SQL Server service account on the SQL Server host computer. ...
(microsoft.public.windows.server.sbs)
RE: cannot log on to user account following password change
... home box with an existing local profile in conjunction with the sbs account. ... a local profile on the xp home box called Fiona Bavester had a username ...
(microsoft.public.windows.server.sbs)
Re: Is it decnet problem or Thruway problem ?
... >> enable me to simulate the other user id's less priv. ... > the USERNAME and the PASSWORD. ... > Identifiers, Default Directory, and Login procedures as the user having ... > Owner Username UIC Account Privs Pri Directory ...
(comp.os.vms)