Kerberos Authentication and WSE 3.0

Hi I have been trying hard to get the kerberos authentication work with
WSE 3.0

I have a hello world service protected by a Kerberos policy file using
WSE 3.0 tool

Based on some recommendations I have done the following

1) Change ASPNET account to run under SYSTEM in machine.config
2) Given Permission "Act as Part of Operating System" for ASPNET
account

On my ASP.NET 2.0 CLIENT app i write the following lines

Dim svProxy As New localhost.ServiceWse
Dim strTargetPrincipalName As String = "host/" +
System.Net.Dns.GetHostName
Dim tok As New
Microsoft.Web.Services3.Security.Tokens.KerberosToken(strTargetPrincipalName)
svProxy.SetClientCredential(tok)
Response.Write(svProxy.HelloWorld)

I get the following error. I have absolutely no idea to fix this, i
have tried so many things but nothing did the trick, any help would be
highly appreciated.

Error Details
*****************

Exception Details: System.Web.Services.Protocols.SoapHeaderException:
System.Web.Services.Protocols.SoapHeaderException: Server unavailable,
please try later ---> System.ApplicationException: WSE841: An error
occured processing an outgoing fault response. --->
System.Web.Services.Protocols.SoapHeaderException:
Microsoft.Web.Services3.Security.SecurityFault: SecurityContextToken is
expected but not present in the security header of the incoming
message.
at
Microsoft.Web.Services3.Security.SecureConversationServiceReceiveSecurityFilter.ValidateSecureConversationMessageSecurity(SoapEnvelope
envelope, Security security, MessageProtectionRequirements request)
at
Microsoft.Web.Services3.Security.SecureConversationServiceReceiveSecurityFilter.ValidateMessageSecurity(SoapEnvelope
envelope, Security security)
at
Microsoft.Web.Services3.Security.ReceiveSecurityFilter.ProcessMessage(SoapEnvelope
envelope)
at Microsoft.Web.Services3.Pipeline.ProcessInputMessage(SoapEnvelope
envelope)
at Microsoft.Web.Services3.WseProtocol.FilterRequest(SoapEnvelope
requestEnvelope)
at Microsoft.Web.Services3.WseProtocol.RouteRequest(SoapServerMessage
message)
at System.Web.Services.Protocols.SoapServerProtocol.Initialize()
at System.Web.Services.Protocols.ServerProtocolFactory.Create(Type
type, HttpContext context, HttpRequest request, HttpResponse response,
Boolean& abortProcessing)
--- End of inner exception stack trace ---
--- End of inner exception stack trace ---


Thanks in Advance
Murali

.

Relevant Pages

  • Re: DIME WSE 2.0 in .NET 2.0
    ... you can move it to a machine that has only .NET 2.0 installed(also WSE ... BTW, as for the custom SAML token manager, if you removed it or change to ... Microsoft MSDN Online Support Lead ... If we need only to maintain the custom security dlls in .NET ...
    (microsoft.public.dotnet.framework.webservices.enhancements)
  • Re: uh? security problem?
    ... Then you will have "Sharing And Security" in the ... context menu for files, folders, etc. in Windows Explorer. ... > granting access rights to the resource to the ASP.NET request identity. ... > eventArgument) +5 ...
    (microsoft.public.dotnet.framework.aspnet)
  • Re: uh? security problem?
    ... It appears that your IIS user account does not have access to that file. ... Try sharing the file and setting the security levels to allow everyone full ... > granting access rights to the resource to the ASP.NET request identity. ... > eventArgument) +5 ...
    (microsoft.public.dotnet.framework.aspnet)
  • [UNIX] Invision Power Board SQL Injection Vulnerability (sources/calendar.php)
    ... Get your security news from a reliable source. ... An SQL injection vulnerability in IPB's calendar support, ... We execute the following request: ... As it is a request of type SELECT, we can use for example the clause ...
    (Securiteam)
  • [NT] Gaining Root Access via PHP.exe
    ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... arbitrary code by inserting into the Apache log file a malicious PHP based ... Apache will then add this request line to the access.log file. ... Test that the file can be accessed via your browser by typing ...
    (Securiteam)