Security requirements are not satisfied because the security header is not present in the incoming message
- From: jackmadeja@xxxxxxxxxxx
- Date: 30 Nov 2005 08:38:54 -0800
I get following exception every time I run my service thru ordinary IIS
instead of Default IIS in VS.NET Studio. My service is a simple
'Hello World with certificate policy. My client is simple ASP.NET Web
Site with one button and textbox. I use Certificate Policy
(mutualCertificate11Security) on both server and client. (I have tried
this with anonymousForCertificateSecurity and got same bad result).
Everything works fine if my service and webclient is in same solution
and I run everything thru VS.NET studio build in IIS. But If I create a
virtual directory in my computer IIS, run my service there, change my
web reference to this service I get this exception:
WSE910: An error happened during the processing of a response message,
and you can find the error in the inner exception. You can also find
the response message in the Response property.
at
Microsoft.Web.Services3.Xml.SoapEnvelopeReaderWrapper..ctor(SoapClientMessage
message, String messageContentType)
at
Microsoft.Web.Services3.WebServicesClientProtocol.GetReaderForMessage(SoapClientMessage
message, Int32 bufferSize)
at
System.Web.Services.Protocols.SoapHttpClientProtocol.ReadResponse(SoapClientMessage
message, WebResponse response, Stream responseStream, Boolean
asyncCall)
at
System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String
methodName, Object[] parameters)
at localhost.ServiceWse.HelloWorld() in
e:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET
Files\website10\b15bc141\c8235faa\App_WebReferences.qqc4zbev.0.cs:line
46
at _Default.Button1_Click(Object sender, EventArgs e) in
S:\Security\WSEbasic\WSEbasic10\WebSite10\Default.aspx.vb:line 11
--------------Inner Exception ----------------------------
Security requirements are not satisfied because the security header is
not present in the incoming message.
at
Microsoft.Web.Services3.Security.SecureConversationClientReceiveSecurityFilter.ValidateMessageSecurity(SoapEnvelope
envelope, Security security)
at
Microsoft.Web.Services3.Security.ReceiveSecurityFilter.ProcessMessage(SoapEnvelope
envelope)
at Microsoft.Web.Services3.Pipeline.ProcessInputMessage(SoapEnvelope
envelope)
at
Microsoft.Web.Services3.Xml.SoapEnvelopeReaderWrapper..ctor(SoapClientMessage
message, String messageContentType)
Here is my service code:
Imports System.Web
Imports System.Web.Services
Imports System.Web.Services.Protocols
Imports System.Security.Principal
Imports Microsoft.Web.Services3
Imports Microsoft.Web.Services3.Design
<WebService(Namespace:="http://tempuri.org/";)> _
<WebServiceBinding(ConformsTo:=WsiProfiles.BasicProfile1_1)> _
<Global.Microsoft.VisualBasic.CompilerServices.DesignerGenerated()> _
<Policy("ServerCertPolicy")> _
Public Class xService
Inherits System.Web.Services.WebService
<WebMethod()> _
Public Function HelloWorld() As String
Return "Hello World from xWebService 5"
End Function
End Class
My service web.config looks like that:
<?xml version="1.0" encoding="utf-8"?>
<configuration
xmlns="http://schemas.microsoft.com/.NetConfiguration/v2.0";>
<configSections>
<section name="microsoft.web.services3"
type="Microsoft.Web.Services3.Configuration.WebServicesConfiguration,
Microsoft.Web.Services3, Version=3.0.0.0, Culture=neutral,
PublicKeyToken=31bf3856ad364e35" />
</configSections>
<appSettings />
<connectionStrings />
<system.web>
<compilation debug="true" strict="false" explicit="true">
<assemblies>
<add assembly="Microsoft.Web.Services3, Version=3.0.0.0,
Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
</assemblies>
</compilation>
<pages>
<namespaces>
<clear />
<add namespace="System" />
<add namespace="System.Collections" />
<add namespace="System.Collections.Specialized" />
<add namespace="System.Configuration" />
<add namespace="System.Text" />
<add namespace="System.Text.RegularExpressions" />
<add namespace="System.Web" />
<add namespace="System.Web.Caching" />
<add namespace="System.Web.SessionState" />
<add namespace="System.Web.Security" />
<add namespace="System.Web.Profile" />
<add namespace="System.Web.UI" />
<add namespace="System.Web.UI.WebControls" />
<add namespace="System.Web.UI.WebControls.WebParts" />
<add namespace="System.Web.UI.HtmlControls" />
</namespaces>
</pages>
<webServices>
<soapExtensionImporterTypes>
<add
type="Microsoft.Web.Services3.Description.WseExtensionImporter,
Microsoft.Web.Services3, Version=3.0.0.0, Culture=neutral,
PublicKeyToken=31bf3856ad364e35" />
</soapExtensionImporterTypes>
<soapServerProtocolFactory
type="Microsoft.Web.Services3.WseProtocolFactory,
Microsoft.Web.Services3, Version=3.0.0.0, Culture=neutral,
PublicKeyToken=31bf3856ad364e35" />
</webServices>
</system.web>
<microsoft.web.services3>
<security>
<x509 allowTestRoot="false" storeLocation="LocalMachine" />
</security>
<policy fileName="wse3policyCache.config" />
<diagnostics>
<trace enabled="true" input="logs\InputTrace.webinfo"
output="logs\OutputTrace.webinfo" />
</diagnostics>
</microsoft.web.services3>
</configuration>
.... and my service policy looks like that:
<policies xmlns="http://schemas.microsoft.com/wse/2005/06/policy";>
<extensions>
<extension name="mutualCertificate11Security"
type="Microsoft.Web.Services3.Design.MutualCertificate11Assertion,
Microsoft.Web.Services3, Version=3.0.0.0, Culture=neutral,
PublicKeyToken=31bf3856ad364e35" />
<extension name="x509"
type="Microsoft.Web.Services3.Design.X509TokenProvider,
Microsoft.Web.Services3, Version=3.0.0.0, Culture=neutral,
PublicKeyToken=31bf3856ad364e35" />
<extension name="requireActionHeader"
type="Microsoft.Web.Services3.Design.RequireActionHeaderAssertion,
Microsoft.Web.Services3, Version=3.0.0.0, Culture=neutral,
PublicKeyToken=31bf3856ad364e35" />
</extensions>
<policy name="ServerCertPolicy">
<mutualCertificate11Security establishSecurityContext="false"
renewExpiredSecurityContext="true" requireSignatureConfirmation="true"
messageProtectionOrder="SignBeforeEncrypt" requireDerivedKeys="true"
ttlInSeconds="300">
<serviceToken>
<x509 storeLocation="LocalMachine" storeName="My"
findValue="CN=WSE2QuickStartServer"
findType="FindBySubjectDistinguishedName" />
</serviceToken>
<protection>
<request signatureOptions="IncludeAddressing, IncludeTimestamp,
IncludeSoapBody" encryptBody="true" />
<response signatureOptions="IncludeAddressing,
IncludeTimestamp, IncludeSoapBody" encryptBody="true" />
<fault signatureOptions="IncludeAddressing, IncludeTimestamp,
IncludeSoapBody" encryptBody="false" />
</protection>
</mutualCertificate11Security>
<requireActionHeader />
</policy>
</policies>
My client looks like that:
<%@ Page Language="VB" AutoEventWireup="false"
CodeFile="Default.aspx.vb" Inherits="_Default" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd";>
<html xmlns="http://www.w3.org/1999/xhtml"; >
<head runat="server">
<title>WebSite11</title>
</head>
<body>
<form id="form1" runat="server">
<div>
<asp:Button ID="Button1" runat="server" Text="WSEservice 2"
Width="160px" /><asp:TextBox
ID="TextBox1" runat="server" Height="440px"
TextMode="MultiLine" Width="800px"></asp:TextBox> </div>
</form>
</body>
</html>
.... and client code:
Imports Microsoft.VisualBasic.ControlChars
Partial Class _Default
Inherits System.Web.UI.Page
Protected Sub Button1_Click(ByVal sender As Object, ByVal e As
System.EventArgs) Handles Button1.Click
Try
TextBox1.Text = String.Empty
Dim proxy As New localhost.ServiceWse
proxy.SetPolicy("ClientCertPolicy")
TextBox1.Text = proxy.HelloWorld
Catch ex As Exception
Dim strMsg As String = ex.Message & CrLf & CrLf &
ex.StackTrace
Dim exIn As Exception = ex
Do
exIn = exIn.InnerException
If Not exIn Is Nothing Then
strMsg += CrLf & "--------------Inner Exception
----------------------------" & CrLf
strMsg += exIn.Message & CrLf & CrLf &
exIn.StackTrace
Else
Exit Do
End If
Loop
TextBox1.Text = "----- WSEservice 2 Exception --------" &
CrLf & strMsg
End Try
End Sub
End Class
....with client policy like this:
<policies xmlns="http://schemas.microsoft.com/wse/2005/06/policy";>
<extensions>
<extension name="mutualCertificate11Security"
type="Microsoft.Web.Services3.Design.MutualCertificate11Assertion,
Microsoft.Web.Services3, Version=3.0.0.0, Culture=neutral,
PublicKeyToken=31bf3856ad364e35" />
<extension name="x509"
type="Microsoft.Web.Services3.Design.X509TokenProvider,
Microsoft.Web.Services3, Version=3.0.0.0, Culture=neutral,
PublicKeyToken=31bf3856ad364e35" />
<extension name="requireActionHeader"
type="Microsoft.Web.Services3.Design.RequireActionHeaderAssertion,
Microsoft.Web.Services3, Version=3.0.0.0, Culture=neutral,
PublicKeyToken=31bf3856ad364e35" />
</extensions>
<policy name="ClientCertPolicy">
<mutualCertificate11Security establishSecurityContext="false"
renewExpiredSecurityContext="true" requireSignatureConfirmation="true"
messageProtectionOrder="SignBeforeEncrypt" requireDerivedKeys="true"
ttlInSeconds="300">
<clientToken>
<x509 storeLocation="CurrentUser" storeName="My"
findValue="CN=WSE2QuickStartClient"
findType="FindBySubjectDistinguishedName" />
</clientToken>
<serviceToken>
<x509 storeLocation="CurrentUser" storeName="AddressBook"
findValue="CN=WSE2QuickStartServer"
findType="FindBySubjectDistinguishedName" />
</serviceToken>
<protection>
<request signatureOptions="IncludeAddressing, IncludeTimestamp,
IncludeSoapBody" encryptBody="true" />
<response signatureOptions="IncludeAddressing,
IncludeTimestamp, IncludeSoapBody" encryptBody="true" />
<fault signatureOptions="IncludeAddressing, IncludeTimestamp,
IncludeSoapBody" encryptBody="false" />
</protection>
</mutualCertificate11Security>
<requireActionHeader />
</policy>
</policies>
Authentications methods in IIS "Anonymous access" are on and
"Intergrated Windows authentication" is on. My ASP.NET version is
2.0.50727 and I use Visual Studio 2005 Team Suite vers: 8.0.50727.42
I use WSE 3.0 version 3.0.5305.0
I have tried this problem with many different solution - both Windows
Forms client and different configuration in ASP.NET client and it just
won't work. As far as I know message "Security requirements are not
satisfied because the security header is not present in the incoming
message" means that soap envelope for the request dosen't contain
the security header. Why does my standard IIS fail with adding that
header to the client? Anybody have answer to this problem?
Jack
.
- Follow-Ups:
- Prev by Date: Re: What WSE2 offers for this problem?
- Next by Date: Re: What WSE2 offers for this problem?
- Previous by thread: Re: What WSE2 offers for this problem?
- Next by thread: Re:Security requirements are not satisfied because the security header is not present in the incoming message
- Index(es):
Relevant Pages
|
