AppPool + secureConversation
- From: "Phil Lee" <phil.lee@xxxxxxxxxxxxxxxxx>
- Date: Tue, 8 May 2007 11:38:42 +0100
Hi,
I have just been trying to get a WSE3 web service configured to use userNameOverCertificatesecurity and establishSecurityContext='true' to work in a separate app pool on W2K3.
The web service works in the default app pool, and in a new app pool with the default identity (NETWORK SERVICE).
It failed when the new app poll was given a different identity (I have added identity to local group IIS_WPG and configured security on the certificate's private key).
The event log contained:
Error 2 (Server)
System.ApplicationException: WSE841: An error occured processing an outgoing fault response. ---> System.Web.Services.Protocols.SoapException: Server was unable to process request. ---> The system cannot find the file specified.
Error 1 (Server)
Details of the error causing the processing failure:
System.InvalidOperationException: Cannot secure outgoing message from the service. The security context token cannot be retrieved from the session state.
at Microsoft.Web.Services3.Security.SecureConversationServiceSendSecurityFilter.SecureSecurityConversationMessage(SoapEnvelope envelope, Security security, MessageProtectionRequirements response)
at Microsoft.Web.Services3.Security.SecureConversationServiceSendSecurityFilter.SecureMessage(SoapEnvelope envelope, Security security)
at Microsoft.Web.Services3.Security.SendSecurityFilter.ProcessMessage(SoapEnvelope envelope)
at Microsoft.Web.Services3.Pipeline.ProcessOutputMessage(SoapEnvelope envelope)
at Microsoft.Web.Services3.WseProtocol.GetFilteredResponseEnvelope(SoapEnvelope outputEnvelope)
The SOAP fault that was being processed follows:
<soap:Envelope xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing"; xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/";>
<soap:Header>
<wsa:Action> http://schemas.xmlsoap.org/ws/2004/08/addressing/fault </wsa:Action>
<wsa:MessageID>urn:uuid:68a328cd-b635-4ff8-8c6c-f0aa75767d2f</wsa:MessageID>
<wsa:RelatesTo>urn:uuid:1704d62a-abb9-4ea9-b4e2-9790f480b83b</wsa:RelatesTo>
<wsa:To> http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous </wsa:To>
</soap:Header>
<soap:Body>
<soap:Fault>
<faultcode>soap:Server</faultcode>
<faultstring>System.Web.Services.Protocols.SoapException: Server was unable to process request. ---> The system cannot find the file specified.</faultstring>
<faultactor> http://lightning/VantageWS2.3/VantageWS.asmx</faultactor>
<detail />
</soap:Fault>
</soap:Body>
</soap:Envelope>
Searching the web revealed this article: http://msdn2.microsoft.com/en-us/library/ms996470.aspx regarding using secureConversation (in WSE2) on web farms so I set "establishSecurityContext='false'" and this fixed the problem.
However WSE3 is supposed to allow secureConversation to work with web farms so why am I getting this error? Is there a way to fix the problem without disabling secureConverstation?
Regards
Phil Lee
.
- Follow-Ups:
- RE: AppPool + secureConversation
- From: Steven Cheng[MSFT]
- RE: AppPool + secureConversation
- Prev by Date: Re: Wse3 through firewall (WSE816)
- Next by Date: WSE003: The input was not a valid SOAP message while attempting basic router for SQL 2005 Reporting Services
- Previous by thread: Re: Wse3 through firewall (WSE816)
- Next by thread: RE: AppPool + secureConversation
- Index(es):
Relevant Pages
|
