Re: WSE 3.0, usernameOverTransportSecurity, custom Token Manager w/ securityTokenManager,

Hey Pablo,
I've been playing around with this almost all day to no avail.(The
test class that you put out there) I keep getting "Server unavailable,
please try later" even though it is actually available. I'm pretty
sure that it has something to do with my attempt to add the new
assertion in to the pipeline. Either the class itself or my
configuration. But I'm leaning towards my configuration to be the
problem.

Any insight would be appreciated.

Here is the XML from the Policy config file. You'll see that I've
commented out the my original. Here is the XML:

<policies xmlns="http://schemas.microsoft.com/wse/2005/06/policy";>
<extensions>
<!--
<extension name="usernameOverTransportSecurity"
type="Microsoft.Web.Services3.Design.UsernameOverTransportAssertion,
Microsoft.Web.Services3, Version=3.0.0.0, Culture=neutral,
PublicKeyToken=31bf3856ad364e35" />
-->

<extension name="MyCustomAssertion"
type="WSEUsername.MyCustomAssertion,
MyCompany.MyProgram.UsernameTokenManager" />
<extension name="requireActionHeader"
type="Microsoft.Web.Services3.Design.RequireActionHeaderAssertion,
Microsoft.Web.Services3, Version=3.0.0.0, Culture=neutral,
PublicKeyToken=31bf3856ad364e35" />
</extensions>
<policy name="Policy1">
<usernameOverTransportSecurity />
<requireActionHeader />
</policy>
</policies>

Thanks again,
Frank V.
www.TheOpenSourceU.com
JawzX01[.@.]gmail.com

Frank V wrote:
Hey Pablo,

Thank you for the info and the code. I will give this a try and see
what I come up with.

Regards,
Frank V.


Pablo Cibraro wrote:
Hmm, that is really strange. If the username token is already added in the
message, the assertion should work without problems.

Try the following code, it is a custom UsernameOverTransport assertion (You
have to use this assertion instead of the WSE UsernameOverTransport
assertion)

namespace WSEUsername

{

public class MyCustomAssertion : UsernameOverTransportAssertion

{

public override Microsoft.Web.Services3.SoapFilter
CreateServiceInputFilter(FilterCreationContext context)

{

return new MyServiceInputFilter(this);

}

protected class MyServiceInputFilter : ServiceInputFilter

{

public MyServiceInputFilter(MyCustomAssertion assertion)

: base(assertion)

{

}

public override void
ValidateMessageSecurity(Microsoft.Web.Services3.SoapEnvelope envelope,
Microsoft.Web.Services3.Security.Security security)

{

UsernameToken utoken = null;

foreach (SecurityToken token in security.Tokens)

{

if (token is UsernameToken)

{

utoken = token;

break;

}

}

if (utoken == null)

{

throw new Exception("The username token is not present in the message");

}

base.ValidateMessageSecurity(envelope, security);

}

}

}

}

This assertion is only valid to see whether you are receiving the username
token in the service or not. (Test purposes)

Regards,
Pablo.


"Frank V" <jawzx01@xxxxxxxxx> wrote in message
news:1151354847.172572.132830@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Hey Pablo,
I've added the web service call directly to my Data binding method
(see code snippt) and I am now getting the user name and password
(among other things) in side the message. But I'm an still getting the
same error that I was previously.

In case it will help, I will add the Client and Server Output Trace and
INput trace, respetively.

----------------------------------------------------------------
Client, Output Trace:
----------------------------------------------------------------
<?xml version="1.0" encoding="utf-8"?>
<log>
<outputMessage utc="6/26/2006 8:25:26 PM"
messageId="urn:uuid:afb53a33-fd73-449e-989a-6d8dbcd38b16">
<processingStep description="Unprocessed message">
<soap:Envelope
xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/";
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
xmlns:xsd="http://www.w3.org/2001/XMLSchema";>
<soap:Body>
<ZipCodeSearch xmlns="http://www.MyCompany.com/WSImgVer/";>
<psZipCode>60606</psZipCode>
</ZipCodeSearch>
</soap:Body>
</soap:Envelope>
</processingStep>
<processingStep description="Entering SOAP filter
Microsoft.Web.Services3.Design.UsernameOverTransportAssertion+ClientOutputFilter"
/>
<processingStep description="Exited SOAP filter
Microsoft.Web.Services3.Design.UsernameOverTransportAssertion+ClientOutputFilter"
/>
<processingStep description="Processed message">
<soap:Envelope
xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/";
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
xmlns:xsd="http://www.w3.org/2001/XMLSchema";
xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing";
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";>
<soap:Header>

<wsa:Action>http://www.MyCompany.com/WSImgVer/ZipCodeSearch</wsa:Action>

<wsa:MessageID>urn:uuid:afb53a33-fd73-449e-989a-6d8dbcd38b16</wsa:MessageID>
<wsa:ReplyTo>

<wsa:Address>http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous</wsa:Address>
</wsa:ReplyTo>
<wsa:To>http://localhost:1346/WSImgVer/Service.asmx</wsa:To>
<wsse:Security soap:mustUnderstand="1">
<wsu:Timestamp
wsu:Id="Timestamp-a4b53d14-1c79-4fc4-99e5-363f4fb1fca9">
<wsu:Created>2006-06-26T20:25:26Z</wsu:Created>
<wsu:Expires>2006-06-26T20:30:26Z</wsu:Expires>
</wsu:Timestamp>
<wsse:UsernameToken
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
wsu:Id="SecurityToken-ec8ec540-596d-4b2a-9b60-e7cbc638ec59">
<wsse:Username>MyUserName</wsse:Username>
<wsse:Password
Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText";>ThePassword</wsse:Password>
<wsse:Nonce>imruhM3LhcjDJxU9mvZTmg==</wsse:Nonce>
<wsu:Created>2006-06-26T20:25:26Z</wsu:Created>
</wsse:UsernameToken>
</wsse:Security>
</soap:Header>
<soap:Body>
<ZipCodeSearch xmlns="http://www.MyCompany.com/WSImgVer/";>
<psZipCode>60606</psZipCode>
</ZipCodeSearch>
</soap:Body>
</soap:Envelope>
</processingStep>
</outputMessage>
</log>


----------------------------------------------------------------
Web Service - Server Input:
----------------------------------------------------------------
<?xml version="1.0" encoding="utf-8"?>
<log>
<inputMessage utc="6/26/2006 8:25:26 PM"
messageId="urn:uuid:afb53a33-fd73-449e-989a-6d8dbcd38b16">
<processingStep description="Unprocessed message">
<soap:Envelope
xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/";
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
xmlns:xsd="http://www.w3.org/2001/XMLSchema";
xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing";
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";>
<soap:Header>

<wsa:Action>http://www.MyCompany.com/WSImgVer/ZipCodeSearch</wsa:Action>

<wsa:MessageID>urn:uuid:afb53a33-fd73-449e-989a-6d8dbcd38b16</wsa:MessageID>
<wsa:ReplyTo>

<wsa:Address>http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous</wsa:Address>
</wsa:ReplyTo>
<wsa:To>http://localhost:1346/WSImgVer/Service.asmx</wsa:To>
<wsse:Security soap:mustUnderstand="1">
<wsu:Timestamp
wsu:Id="Timestamp-a4b53d14-1c79-4fc4-99e5-363f4fb1fca9">
<wsu:Created>2006-06-26T20:25:26Z</wsu:Created>
<wsu:Expires>2006-06-26T20:30:26Z</wsu:Expires>
</wsu:Timestamp>
<wsse:UsernameToken
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
wsu:Id="SecurityToken-ec8ec540-596d-4b2a-9b60-e7cbc638ec59">
<wsse:Username>MyUserName</wsse:Username>
<wsse:Password
Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText";>ThePassword</wsse:Password>
<wsse:Nonce>imruhM3LhcjDJxU9mvZTmg==</wsse:Nonce>
<wsu:Created>2006-06-26T20:25:26Z</wsu:Created>
</wsse:UsernameToken>
</wsse:Security>
</soap:Header>
<soap:Body>
<ZipCodeSearch xmlns="http://www.MyCompany.com/WSImgVer/";>
<psZipCode>60606</psZipCode>
</ZipCodeSearch>
</soap:Body>
</soap:Envelope>
</processingStep>
<processingStep description="Entering SOAP filter
Microsoft.Web.Services3.Design.RequireSoapHeaderAssertion+RequireSoapHeaderFilter"
/>
<processingStep description="Exited SOAP filter
Microsoft.Web.Services3.Design.RequireSoapHeaderAssertion+RequireSoapHeaderFilter"
/>
<processingStep description="Entering SOAP filter
Microsoft.Web.Services3.Design.UsernameOverTransportAssertion+ServiceInputFilter"
/>
<processingStep description="Exception thrown: UsernameToken is
expected but not present in the security header of the incoming
message."> at
Microsoft.Web.Services3.Design.UsernameOverTransportAssertion.ServiceInputFilter.ValidateMessageSecurity(SoapEnvelope
envelope, Security security)
at
Microsoft.Web.Services3.Security.ReceiveSecurityFilter.ProcessMessage(SoapEnvelope
envelope)
at Microsoft.Web.Services3.Pipeline.ProcessInputMessage(SoapEnvelope
envelope)</processingStep>
</inputMessage>
</log>

----------------------------------------------------------------
Finally, the Output Trace from the Server (in case it will help)
----------------------------------------------------------------
<?xml version="1.0" encoding="utf-8"?>
<log>
<inputMessage utc="6/26/2006 8:25:26 PM"
messageId="urn:uuid:afb53a33-fd73-449e-989a-6d8dbcd38b16">
<processingStep description="Unprocessed message">
<soap:Envelope
xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/";
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
xmlns:xsd="http://www.w3.org/2001/XMLSchema";
xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing";
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";>
<soap:Header>

<wsa:Action>http://www.MyCompany.com/WSImgVer/ZipCodeSearch</wsa:Action>

<wsa:MessageID>urn:uuid:afb53a33-fd73-449e-989a-6d8dbcd38b16</wsa:MessageID>
<wsa:ReplyTo>

<wsa:Address>http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous</wsa:Address>
</wsa:ReplyTo>
<wsa:To>http://localhost:1346/WSImgVer/Service.asmx</wsa:To>
<wsse:Security soap:mustUnderstand="1">
<wsu:Timestamp
wsu:Id="Timestamp-a4b53d14-1c79-4fc4-99e5-363f4fb1fca9">
<wsu:Created>2006-06-26T20:25:26Z</wsu:Created>
<wsu:Expires>2006-06-26T20:30:26Z</wsu:Expires>
</wsu:Timestamp>
<wsse:UsernameToken
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
wsu:Id="SecurityToken-ec8ec540-596d-4b2a-9b60-e7cbc638ec59">
<wsse:Username>MyUserName</wsse:Username>
<wsse:Password
Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText";>ThePassword</wsse:Password>
<wsse:Nonce>imruhM3LhcjDJxU9mvZTmg==</wsse:Nonce>
<wsu:Created>2006-06-26T20:25:26Z</wsu:Created>
</wsse:UsernameToken>
</wsse:Security>
</soap:Header>
<soap:Body>
<ZipCodeSearch xmlns="http://www.MyCompany.com/WSImgVer/";>
<psZipCode>60606</psZipCode>
</ZipCodeSearch>
</soap:Body>
</soap:Envelope>
</processingStep>
<processingStep description="Entering SOAP filter
Microsoft.Web.Services3.Design.RequireSoapHeaderAssertion+RequireSoapHeaderFilter"
/>
<processingStep description="Exited SOAP filter
Microsoft.Web.Services3.Design.RequireSoapHeaderAssertion+RequireSoapHeaderFilter"
/>
<processingStep description="Entering SOAP filter
Microsoft.Web.Services3.Design.UsernameOverTransportAssertion+ServiceInputFilter"
/>
<processingStep description="Exception thrown: UsernameToken is
expected but not present in the security header of the incoming
message."> at
Microsoft.Web.Services3.Design.UsernameOverTransportAssertion.ServiceInputFilter.ValidateMessageSecurity(SoapEnvelope
envelope, Security security)
at
Microsoft.Web.Services3.Security.ReceiveSecurityFilter.ProcessMessage(SoapEnvelope
envelope)
at Microsoft.Web.Services3.Pipeline.ProcessInputMessage(SoapEnvelope
envelope)</processingStep>
</inputMessage>
</log>


Frank
jawzx01[.at.]gmail.com


Pablo Cibraro wrote:
Hi Frank,

Are the lines below being executed ?.

SetWebServiceUserToken();
_WebServiceWse.SetPolicy( "Policy1" );

The code looks fine at first glance and these lines are responsible to
add
the username token to the message.

My advice is to use the sample provided by the Pattern & Practices team
in
this gotdotnet workspace, (They already provide a working sample of
username
authentication using a dabatabase).
http://www.gotdotnet.com/codegallery/codegallery.aspx?id=67f659f6-9457-4860-80ff-0535dffed5e6

The name of the sample is DirectAuthenticationWithDatabase and you can
find
it in the zip file WSSP.zip

Let me know if I can help you with something else regarding this problem.

Regards,
Pablo Cibraro
http://weblogs.asp.net/cibrax


"Frank Villasenor" <jawzx01@xxxxxxxxx> wrote in message
news:1151341641.515599.207770@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Hello all,
I'm attempting to learn how to use WSE 3.0 with Visual Studio 2005.
I've read a lot of material about WSE 3.0 and I've started to grasp how
this libarary works.

Although, much closer than I was a few days ago I'm not in at a point
where I believe everything is configured properly, but since my
solution isn't working it must not be. I really could use some help....

My using:
Visual Studio 2005,
WSE 3.0
usernameOverTransportSecurity
A custom UsernameTokenManager. (I want to authenticate against an
existing database)

In the UsernameTokenManager i've derived a class and have overridden
the AuthenticateToken method. I'm still developing the method and have
not "finished it." On my validCreditials variable, I've simply set it
to true. Which should allow me to authenticate any user that I throw at
it. (Please note, I've put this code in a separate project with it's
own namespace.)

Below is my code:
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
protected override string AuthenticateToken( UsernameToken token )
{
System.Diagnostics.Debug.WriteLine( "Starting:
RmsTokenManager.AuthenticateToken(...)" );

string userName = token.Username;
string sPassword = token.Password;

bool validCreditials = true; // Validate creditionals with some
method. (SQL Wrapper and stored proc.)

if (!validCreditials)
{
System.Diagnostics.Debug.WriteLine( "Auth Failed.
RmsTokenManager.AuthenticateToken(...)" );
OnLogonUserFailed( token );
}
else
{
System.Diagnostics.Debug.WriteLine( "Auth succeeded.
RmsTokenManager.AuthenticateToken(...)" );
GenericIdentity oIdentity = new GenericIdentity( token.Username
);
GenericPrincipal oPrincipal = new GenericPrincipal( oIdentity,
new string[] { "User" } );

token.Principal = oPrincipal;
}

//
// Return token.Password like the base (overriden function)
return token.Password;
}
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-


For my Web.Config file, for my web serivce I have:
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
<!--
START: Configuration for the WSE.
-->
<microsoft.web.services3>
<policy fileName="wse3policyCache.config" />
<security>
<securityTokenManager>
<!-- <clear /> -->
<add localName="UsernameToken"
type="Company.ImageVerification.Security.RmsTokenManager,
Company.ImageVerification.Security"
namespace="http://docs.oasisopen.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
/>
</securityTokenManager>
</security>
<diagnostics>
<trace enabled="true" input="InputTrace.webinfo"
output="OutputTrace.webinfo" />
<detailedErrors enabled="true" />
</diagnostics>
</microsoft.web.services3>
<!--
END: Configruation for the WSE.
-->
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-


For my Policy file, for the web service I have:
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
<policies xmlns="http://schemas.microsoft.com/wse/2005/06/policy";>
<extensions>
<extension name="usernameOverTransportSecurity"
type="Microsoft.Web.Services3.Design.UsernameOverTransportAssertion,
Microsoft.Web.Services3, Version=3.0.0.0, Culture=neutral,
PublicKeyToken=31bf3856ad364e35" />
<extension name="requireActionHeader"
type="Microsoft.Web.Services3.Design.RequireActionHeaderAssertion,
Microsoft.Web.Services3, Version=3.0.0.0, Culture=neutral,
PublicKeyToken=31bf3856ad364e35" />
</extensions>
<policy name="Policy1">
<authorization>
<allow role="User" />
<deny role="*" />
</authorization>
<usernameOverTransportSecurity />
<!--
<requireActionHeader />
-->
</policy>
</policies>
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-




Now for the client. The client is to be a smart client application.
(Windows Forms). I had the client application working against the web
service without any WSE. It was working great. But, I needed the
security so I added WSE in to the mix.

The configuration for the client application:
I use a proxy to wrap the generated proxy. The "proxy" class simply
performs authentication tasks and allows me to pass the web service
variable around to different parts of my program. I can't post the
entire part of the program because there would be too much code. But
the initialization of the web service is:


=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
//
// Class fields.
private string sUrl;
private localhost.ServiceWse _WebServiceWse;
private string sUserName;
private string sPassword;

public WebServiceProxy( string psWebServiceURL, string psUserName,
string psPassword )
: this()
{
if (psWebServiceURL.Length == 0 || psUserName.Length == 0 ||
psPassword.Length == 0 )
{
throw new ApplicationException( "psWebServiceURL can not be a
blank string!" );
}

sUrl = psWebServiceURL;
sUserName = psUserName;
sPassword = psPassword;

_WebServiceWse = new
Company.ImageVerification.localhost.ServiceWse();
_WebServiceWse.Url = sUrl;
_WebServiceWse.UseDefaultCredentials = false;

_WebServiceWse.PreAuthenticate = true;
SetWebServiceUserToken();
_WebServiceWse.SetPolicy( "Policy1" );
}

private void SetWebServiceUserToken()
{
if (sUserName == null)
{
throw new ArgumentNullException( "UserName" );
}
if (sPassword == null)
{
throw new ArgumentNullException( "Password" );
}

UsernameToken _unt = new UsernameToken( sUserName, sPassword,
PasswordOption.SendPlainText );
_WebServiceWse.SetClientCredential( _unt );
}

public bool ValidateImage( int piReservationID, string psImageGUID,
string psClientSpecs )
{
psClientSpecs = HttpUtility.HtmlEncode( psClientSpecs );
return _WebServiceWse.ValidateImage( piReservationID,
psImageGUID, psClientSpecs );
}
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

Once initialized, I can call any web service method from the
WebServiceProxy instance. My client configuration is as follows:

app.config:
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
<microsoft.web.services3>
<policy fileName="wse3policyCache.config" />
<diagnostics>
<trace enabled="true" input="InputTrace.webinfo"
output="OutputTrace.webinfo" />
<detailedErrors enabled="true" />
</diagnostics>
</microsoft.web.services3>
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

Policy:
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
<policies xmlns="http://schemas.microsoft.com/wse/2005/06/policy";>
<extensions>
<extension name="usernameOverTransportSecurity"
type="Microsoft.Web.Services3.Design.UsernameOverTransportAssertion,
Microsoft.Web.Services3, Version=3.0.0.0, Culture=neutral,
PublicKeyToken=31bf3856ad364e35" />
</extensions>
<policy name="Policy1">
<!--
Need to use SSL here for message Integrity, Confidentiality and
security.
-->
<usernameOverTransportSecurity />
</policy>
</policies>
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-


NOW FOR THE ACTUAL PROBLEM. When I run this code I'm getting an
exception. The exception is as follows:
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
System.Web.Services.Protocols.SoapHeaderException was unhandled
Message="Microsoft.Web.Services3.Security.SecurityFault:
UsernameToken is expected but not present in the security header of the
incoming message.\r\n at
Microsoft.Web.Services3.Design.UsernameOverTransportAssertion.ServiceInputFilter.ValidateMessageSecurity(SoapEnvelope
envelope, Security security)\r\n at
Microsoft.Web.Services3.Security.ReceiveSecurityFilter.ProcessMessage(SoapEnvelope
envelope)\r\n at
Microsoft.Web.Services3.Pipeline.ProcessInputMessage(SoapEnvelope
envelope)\r\n at
Microsoft.Web.Services3.WseProtocol.FilterRequest(SoapEnvelope
requestEnvelope)\r\n at
Microsoft.Web.Services3.WseProtocol.RouteRequest(SoapServerMessage
message)\r\n at
System.Web.Services.Protocols.SoapServerProtocol.Initialize()\r\n at
System.Web.Services.Protocols.ServerProtocolFactory.Create(Type type,
HttpContext context, HttpRequest request, HttpResponse response,
Boolean& abortProcessing)"
Source="System.Web.Services"
Actor="http://localhost:1346/WSImgVer/Service.asmx";
Lang=""
Node="http://localhost:1346/WSImgVer/Service.asmx";
Role=""
StackTrace:
at
System.Web.Services.Protocols.SoapHttpClientProtocol.ReadResponse(SoapClientMessage
message, WebResponse response, Stream responseStream, Boolean
asyncCall)
at
System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String
methodName, Object[] parameters)
at
Company.ImageVerification.localhost.ServiceWse.ZipCodeSearch(String
psZipCode) in C:\Company
(Net2.0)\ImageVerification\ImageVerification\Web
References\localhost\Reference.cs:line 127
at
Company.ImageVerification.Proxy.WebServiceProxy.ZipCodeSearch(String
psZipCode) in C:\Company
(Net2.0)\ImageVerification\ImageVerification\WebServiceProxy.cs:line 87
at Company.ImageVerification.Controls.ucFacilityList.FillList()
in C:\Company
(Net2.0)\ImageVerification\ImageVerification\Controls\ucFacilityList.cs:line
47
at
Company.ImageVerification.Controls.ucFacilityList.set_sZipCode(String
value) in C:\Company
(Net2.0)\ImageVerification\ImageVerification\Controls\ucFacilityList.cs:line
81
at Company.ImageVerification.frmMain2.ChangeStepView() in
C:\Company
(Net2.0)\ImageVerification\ImageVerification\frmMain2.cs:line 199
at Company.ImageVerification.frmMain2.btnNext_Click(Object
sender, EventArgs e) in C:\Company
(Net2.0)\ImageVerification\ImageVerification\frmMain2.cs:line 73
at System.Windows.Forms.Control.OnClick(EventArgs e)
at System.Windows.Forms.Button.OnClick(EventArgs e)
at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)
at System.Windows.Forms.Control.WmMouseUp(Message& m,
MouseButtons button, Int32 clicks)
at System.Windows.Forms.Control.WndProc(Message& m)
at System.Windows.Forms.ButtonBase.WndProc(Message& m)
at System.Windows.Forms.Button.WndProc(Message& m)
at
System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)
at
System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)
at System.Windows.Forms.NativeWindow.DebuggableCallback(IntPtr
hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)
at
System.Windows.Forms.UnsafeNativeMethods.DispatchMessageW(MSG& msg)
at
System.Windows.Forms.Application.ComponentManager.System.Windows.Forms.UnsafeNativeMethods.IMsoComponentManager.FPushMessageLoop(Int32
dwComponentID, Int32 reason, Int32 pvLoopData)
at
System.Windows.Forms.Application.ThreadContext.RunMessageLoopInner(Int32
reason, ApplicationContext context)
at
System.Windows.Forms.Application.ThreadContext.RunMessageLoop(Int32
reason, ApplicationContext context)
at System.Windows.Forms.Application.Run(Form mainForm)
at Company.ImageVerification.Program.Main() in C:\Company
(Net2.0)\ImageVerification\ImageVerification\Program.cs:line 17
at System.AppDomain.nExecuteAssembly(Assembly assembly, String[]
args)
at System.Runtime.Hosting.ManifestRunner.Run(Boolean
checkAptModel)
at System.Runtime.Hosting.ManifestRunner.ExecuteAsAssembly()
at
System.Runtime.Hosting.ApplicationActivator.CreateInstance(ActivationContext
activationContext, String[] activationCustomData)
at
System.Runtime.Hosting.ApplicationActivator.CreateInstance(ActivationContext
activationContext)
at
Microsoft.VisualStudio.HostingProcess.HostProc.RunUsersAssemblyDebugInZone()
at System.Threading.ThreadHelper.ThreadStart_Context(Object
state)
at System.Threading.ExecutionContext.Run(ExecutionContext
executionContext, ContextCallback callback, Object state)
at System.Threading.ThreadHelper.ThreadStart()
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-


Thank you for reading all this and thank you for any help you (all of
you can provide) I realize this that this is a lot of info but I wanted
to be as detailed as possible so that this problem can be found
quickly. Again thank you and if you need any more info feel free to
ask. I'm desperate to get this problem solved. It is driving me
insane...

Thank you again!
Frank V.
JawzX01[.at.]gmail.com
http://www.TheOpenSourceU.com



.