Custom UsernameTokenManager's AuthenticateToken method is not called.

From: APA <buddy__a@xxxxxxxxxxx>
Date: Wed, 17 Jan 2007 17:12:32 -0600

The web service will not call my custom AuthenticateToken. Here's my config setup:

<webServices>
<soapExtensionImporterTypes>
<add type="Microsoft.Web.Services3.Description.WseExtensionImporter, Microsoft.Web.Services3, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
</soapExtensionImporterTypes>
<soapServerProtocolFactory type="Microsoft.Web.Services3.WseProtocolFactory, Microsoft.Web.Services3, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
</webServices>

<microsoft.web.services3>
<security>
<securityTokenManager>
<add type="MyWebProject.CustomUsernameTokenManager" namespace="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"; localName="UsernameToken" />
</securityTokenManager>
</security>
<diagnostics />
<policy fileName="wse3policyCache.config" />
</microsoft.web.services3>

I have removed all policy configuration because that was causing a whole raft of other issues:

<policies xmlns="http://schemas.microsoft.com/wse/2005/06/policy";></policies>

I've put a breakpoint in the custom AuthenticateToken method but it never executes, it does execute the web service method though (of course it bombs out because their is no application User object being created in AuthenticateToken ).

I am at my wits end with this, I don't know what to check.
.

Prev by Date: RE: SoapFormatException, http content
Next by Date: Deploying certificates in a ClickOnce application
Previous by thread: RE: SoapFormatException, http content
Next by thread: Deploying certificates in a ClickOnce application
Index(es):
- Date
- Thread

Relevant Pages

Re: WSE 3.0, usernameOverTransportSecurity, custom Token Manager w/ securityTokenManager,
... I've added the web service call directly to my Data binding method ... expected but not present in the security header of the incoming ... the username token to the message. ... protected override string AuthenticateToken(UsernameToken token) ...
(microsoft.public.dotnet.framework.webservices.enhancements)
Re: Cannot read a Security Log from ASP.net web service
... it's a very bad idea to grant that permission to the ASPNET ... Here's the error I get after adding the ASPNET account to the Admin group: ... Cannot open log Security on machine .. ... > a web form that calls a web service. ...
(microsoft.public.dotnet.framework.aspnet.security)
RE: Recommendations for securing a local webservice.
... You seem to be trying to secure a web service interface to only those ... protocol that was intended to be caller agnostic to implement a caller ... Install a special certificate as part of the ... Combine #2 with token based security. ...
(microsoft.public.dotnet.framework.aspnet.webservices)
RE: Web Service Implementation Security Question
... As for the security problems regarding on using TypedDAtaset in asp.net ... Web Service Implementation Security Question ... | enable the %windir%\Temp directory so the schema can compile. ... Have the process that тАЬcompilesтА?the schema files use another ...
(microsoft.public.inetserver.iis.security)
RE: WSE 2.0, smart client, Username authentication, no x.509
... web services WSE 3.0 hosts them without a web server for you (read the WSE ... To perform authentication, because your database does not contain user ... the implementation William Stacey has uses Security ... > server where my web service is ...
(microsoft.public.dotnet.framework.webservices.enhancements)