Re: WSE 2.0 - The security token could not be authenticated or authorized
From: dm_dal (REMOVE_THIS.dmy75252_at_yahoo.com)
Date: 06/10/04
- Previous message: dm_dal: "Re: WSE 2.0 - The security token could not be authenticated or authorized"
- In reply to: dm_dal: "Re: WSE 2.0 - The security token could not be authenticated or authorized"
- Next in thread: dm_dal: "Re: WSE 2.0 - The security token could not be authenticated or authorized"
- Messages sorted by: [ date ] [ thread ]
Date: Thu, 10 Jun 2004 11:20:45 -0500
I'll add this as well.
When use the admin account to login, select the first invoice in the grid
and hit the Approve button. (it throws the exception) When I look at the
event viewer (Security log) I dont see a failure audit entry in the log (as
I would expect to see if Windows Authentication failed). I do see processes
being created and exited under my domain account name and the ASPNET
account.
dmy
"dm_dal" <REMOVE_THIS.dmy75252@yahoo.com> wrote in message
news:eJhAmJwTEHA.3660@tk2msftngp13.phx.gbl...
> I don't know if anyone is still looking at this post or not, but I'll add
> this.
>
> I downloaded the Hands-On-Lab (HOLDEVL34: WSE 2.0 Security and Policy) and
> tried running the SecureInvoiceA solution. I added the groups and
accounts
> as instructed and followed the instructions to a "T". But it still does
not
> work. I keep getting the same error stack as previously posted.
>
> <soap:Fault>
> <faultcode
>
xmlns:code="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecuri
> ty-secext-1.0.xsd">code:FailedAuthentication</faultcode>
> <faultstring>Microsoft.Web.Services2.Security.SecurityFault: The
> security token could not be authenticated or authorized
> at
>
Microsoft.Web.Services2.Security.Tokens.UsernameTokenManager.OnLogonUserFail
> ed(UsernameToken token)
> at
>
Microsoft.Web.Services2.Security.Tokens.UsernameTokenManager.LogonUser(Usern
> ameToken token)
> at
>
Microsoft.Web.Services2.Security.Tokens.UsernameTokenManager.AuthenticateTok
> en(UsernameToken token)
> at
>
Microsoft.Web.Services2.Security.Tokens.UsernameTokenManager.VerifyToken(Sec
> urityToken securityToken)
> at
>
Microsoft.Web.Services2.Security.Tokens.SecurityTokenManager.LoadXmlSecurity
> Token(XmlElement element)
> at
>
Microsoft.Web.Services2.Security.Tokens.SecurityTokenManager.GetTokenFromXml
> (XmlElement element)
> at Microsoft.Web.Services2.Security.Security.LoadXml(XmlElement
element)
> at
>
Microsoft.Web.Services2.Security.SecurityInputFilter.ProcessMessage(SoapEnve
> lope envelope)
> at Microsoft.Web.Services2.Pipeline.ProcessInputMessage(SoapEnvelope
> envelope)
> at
>
Microsoft.Web.Services2.WebServicesExtension.BeforeDeserializeServer(SoapSer
> verMessage message)</faultstring>
>
>
<faultactor>http://localhost/SecureInvoiceServiceA/ApproveInvoice.asmx
> tactor>
> </soap:Fault>
>
> So, what's the trick to get this to work? Oh...and for all of you masters
> of the obvious out there.... I already know that Windows Authentication
> failed. I have already tried (username, password) (MachineName\username,
> password). I have verified through the InputTrace.webinfo file that the
> username and password are being sent. I have verfied that those usernames
> and password are correct by logging in locally with each.
>
> dmy
>
>
> "dm_dal" <REMOVE_THIS.dmy75252@yahoo.com> wrote in message
> news:um12GdWTEHA.1472@TK2MSFTNGP12.phx.gbl...
> > I've seen similar post, but no real solutions. Can someone help me
> > understand what I need to do.
> >
> > I'm using the example given in the "Programming with Web Services
> > Enhancements 2.0" from the MS site. Heres the exception stack:
> >
> > Additional information: Microsoft.Web.Services2.Security.SecurityFault:
> The
> > security token could not be authenticated or authorized
> > at
> >
>
Microsoft.Web.Services2.Security.Tokens.UsernameTokenManager.OnLogonUserFail
> > ed(UsernameToken token)
> > at
> >
>
Microsoft.Web.Services2.Security.Tokens.UsernameTokenManager.LogonUser(Usern
> > ameToken token)
> > at
> >
>
Microsoft.Web.Services2.Security.Tokens.UsernameTokenManager.AuthenticateTok
> > en(UsernameToken token)
> > at
> >
>
Microsoft.Web.Services2.Security.Tokens.UsernameTokenManager.VerifyToken(Sec
> > urityToken securityToken)
> > at
> >
>
Microsoft.Web.Services2.Security.Tokens.SecurityTokenManager.LoadXmlSecurity
> > Token(XmlElement element)
> > at
> >
>
Microsoft.Web.Services2.Security.Tokens.SecurityTokenManager.GetTokenFromXml
> > (XmlElement element)
> > at Microsoft.Web.Services2.Security.Security.LoadXml(XmlElement
> element)
> > at
> >
>
Microsoft.Web.Services2.Security.SecurityInputFilter.ProcessMessage(SoapEnve
> > lope envelope)
> > at Microsoft.Web.Services2.Pipeline.ProcessInputMessage(SoapEnvelope
> > envelope)
> > at
> >
>
Microsoft.Web.Services2.WebServicesExtension.BeforeDeserializeServer(SoapSer
> > verMessage message)
> >
> >
> > Here's the code:
> >
> > Web Service
> > SimpleWseServer.ServicesMain.asmx
> >
> > [WebMethod]
> > public string AuthenticateUser(string username)
> > {
> > SoapContext ctxt = RequestSoapContext.Current;
> > foreach(SecurityToken token in ctxt.Security.Tokens)
> > {
> > if(token is UsernameToken)
> > {
> > UsernameToken user = (UsernameToken)token;
> > if(user.Username==username)
> > {
> > if(user.Principal.IsInRole(System.Net.Dns.GetHostName() +
@"\Kings"))
> > return "Hello, King " + username;
> > return "Hello, " + username;
> > }
> > }
> > }
> > return "Hello, Liar";
> > }
> >
> > Client App (windows form)
> >
> > private void btn_login_Click(object sender, System.EventArgs e)
> > {
> > string username = txt_username.Text;
> > string password = txt_password.Text;
> > SimpleWseClient.localhost.ServicesMainWse proxy = new
> > SimpleWseClient.localhost.ServicesMainWse();
> > proxy.Url = "http://localhost/SimpleWseServer/ServicesMain.asmx";
> > proxy.RequestSoapContext.Security.Tokens.Add(new
UsernameToken(username,
> > password, PasswordOption.SendPlainText));
> > txt_response.Text = proxy.AuthenticateUser(username);
> > }
> >
> > The username and password combination is setup on my local system and is
> > functioning properly. What have I missed?
> >
> > dmy
> >
> >
>
>
Relevant Pages
... C2 security whereby accounts are never deleted to prevent reuse of UIDs, ... Subject: ADDENDUM: Synchronizing passwd file with Enhanced Security ... The deleted account is ... The renamed account shows the new username in the passwd file ...
(Tru64-UNIX-Managers)
... security token could not be authenticated or authorized ... I already know that Windows Authentication ... username and password are being sent. ...
(microsoft.public.dotnet.framework.webservices.enhancements)
... And of course you have to restart IIS afterward. ... >> security token could not be authenticated or authorized ... The input shows the correct username ... >> The account I'm using is a local account and the group is local as well. ...
(microsoft.public.dotnet.framework.aspnet.webservices)
... And make sure the account isn't getting locked out on the computer ... There's also an XP security newsgroup here where you might get more answers ... > pc_name is name of computer that you are trying to connect to and username ... >> one xp pc can connect to other, but second pc requests user name and ...
(microsoft.public.security)
... > I can't figure out why Windows Authentication is failing? ... The input shows the correct username ... > The account I'm using is a local account and the group is local as well. ...
(microsoft.public.dotnet.framework.aspnet.webservices)
