Usernametoken can't beused inweb services that are invoked bywebcl

This is my Web service Client. The filename is MathService.apsx. I use web
client to invoke my web service.The coding is below:

Public Class Math
Inherits System.Web.UI.Page
Dim obj As New LoginForm
Public Token As UsernameToken = Nothing
Private Sub cmdAdd_Click(ByVal sender As System.Object, ByVal e As
System.EventArgs) Handles cmdAdd.Click

Dim aa As String
Dim bb As String

aa = "hcti"
bb = "ching123"

Dim proxy As New SimpleMathWse

Token = New UsernameToken(aa, bb, PasswordOption.SendPlainText)
proxy.RequestSoapContext.Security.Tokens.Add(Token)
Dim iOp1 As Integer
Dim iOp2 As Integer
Dim iResult As Integer

iOp1 = CInt(txtOperand1.Text)
iOp2 = CInt(txtOperand2.Text)

iResult = proxy.Add(iOp1, iOp2)
txtResults.Text = iResult.ToString()
End Sub
End Class


This is my web service file SimpleMath.asmx
<WebMethod()> _
Public Function Add(ByVal x As Integer, ByVal y As Integer) As Integer
Dim tok As UsernameToken =
WseSecurityHelpers.GetUsernameToken(RequestSoapContext.Current)

If Not tok.Principal.IsInRole("Allow") Then
Throw New Exception("Access Denied")
End If
Add = x + y
End Function

This is the WSESecurityHelper file I used in my web service.

Public Class WseSecurityHelpers

Public Shared Function GetUsernameToken(ByVal context As SoapContext) As
UsernameToken

If context Is Nothing Then
Throw New Exception("Only SOAP requests are permitted.")
End If

If context.Security.Tokens.Count = 0 Then
Throw New SoapException("Missing security token",
SoapException.ClientFaultCode)
Else
Dim tok As UsernameToken
For Each tok In context.Security.Tokens
Return tok
Next tok
Throw New Exception("UsernameToken not supplied")
End If

End Function


End Class

Public Class MyUsernameTokenManager
Inherits UsernameTokenManager

Protected Overrides Function AuthenticateToken(ByVal token _
As UsernameToken) As String

Dim roles As New ArrayList
Dim result As Integer

Dim myConnection As SqlConnection

' Grab encrypted connection string from web.config
myConnection = New SqlConnection(ConfigurationSettings.AppSettings("cnn"))

myConnection.Open()

Dim sqlComm As New SqlCommand
sqlComm.Connection = myConnection

sqlComm.CommandText = "SELECT ID FROM WSUser WHERE Username = '" &
token.Username & "' and Password = '" & token.Password & "'"
result = CInt(sqlComm.ExecuteScalar())

result = 1

If result > 0 Then

roles.Add("Allow")
token.Principal = New GenericPrincipal(New GenericIdentity(token.Username),
roles.ToArray(GetType(String)))

Else
MyBase.AuthenticateToken(token)

End If

Return token.Password

End Function 'AuthenticateToken
End Class

I got advice from Mr Bromberg on the SQL commands in my post previously and
have coded it. Is it correct? Then i use web client to invoke the web
service. But I always get this error as stated below. Please do help me.I
really stuck with this problem for 2 months. I tried by using windows
application and without using database and it works fine. But my boss wants
to use database n use web client. How???????? I'm going to go crazy. Everyday
I do for 2 months n read and ask in forum but no solution to my error. Please
help needed urgently before I go crazy and have to be admitted in a mental
hospital.

Server Error in '/UserValidation' Application.
________________________________________
Microsoft.Web.Services2.Security.SecurityFault: The security token could not
be authenticated or authorized at
Microsoft.Web.Services2.Security.Tokens.UsernameTokenManager.OnLogonUserFailed(UsernameToken
token) at
Microsoft.Web.Services2.Security.Tokens.UsernameTokenManager.LogonUser(UsernameToken
token) at
Microsoft.Web.Services2.Security.Tokens.UsernameTokenManager.AuthenticateToken(UsernameToken
token) at
Microsoft.Web.Services2.Security.Tokens.UsernameTokenManager.VerifyToken(SecurityToken
securityToken) at
Microsoft.Web.Services2.Security.Tokens.SecurityTokenManager.LoadXmlSecurityToken(XmlElement
element) at
Microsoft.Web.Services2.Security.Tokens.SecurityTokenManager.GetTokenFromXml(XmlElement
element) at Microsoft.Web.Services2.Security.Security.LoadToken(XmlElement
element, SecurityConfiguration configuration, Int32& tokenCount) at
Microsoft.Web.Services2.Security.Security.LoadXml(XmlElement element) at
Microsoft.Web.Services2.Security.SecurityInputFilter.ProcessMessage(SoapEnvelope
envelope) at
Microsoft.Web.Services2.Pipeline.ProcessInputMessage(SoapEnvelope envelope)
at
Microsoft.Web.Services2.WebServicesExtension.BeforeDeserializeServer(SoapServerMessage message)
Description: An unhandled exception occurred during the execution of the
current web request. Please review the stack trace for more information about
the error and where it originated in the code.

Exception Details: System.Web.Services.Protocols.SoapHeaderException:
Microsoft.Web.Services2.Security.SecurityFault: The security token could not
be authenticated or authorized at
Microsoft.Web.Services2.Security.Tokens.UsernameTokenManager.OnLogonUserFailed(UsernameToken
token) at
Microsoft.Web.Services2.Security.Tokens.UsernameTokenManager.LogonUser(UsernameToken
token) at
Microsoft.Web.Services2.Security.Tokens.UsernameTokenManager.AuthenticateToken(UsernameToken
token) at
Microsoft.Web.Services2.Security.Tokens.UsernameTokenManager.VerifyToken(SecurityToken
securityToken) at
Microsoft.Web.Services2.Security.Tokens.SecurityTokenManager.LoadXmlSecurityToken(XmlElement
element) at
Microsoft.Web.Services2.Security.Tokens.SecurityTokenManager.GetTokenFromXml(XmlElement
element) at Microsoft.Web.Services2.Security.Security.LoadToken(XmlElement
element, SecurityConfiguration configuration, Int32& tokenCount) at
Microsoft.Web.Services2.Security.Security.LoadXml(XmlElement element) at
Microsoft.Web.Services2.Security.SecurityInputFilter.ProcessMessage(SoapEnvelope
envelope) at
Microsoft.Web.Services2.Pipeline.ProcessInputMessage(SoapEnvelope envelope)
at
Microsoft.Web.Services2.WebServicesExtension.BeforeDeserializeServer(SoapServerMessage message)

Source Error:

Line 40:
<System.Web.Services.Protocols.SoapDocumentMethodAttribute("http://tempuri.org/Math/SimpleMath/Add";,
RequestNamespace:="http://tempuri.org/Math/SimpleMath";,
ResponseNamespace:="http://tempuri.org/Math/SimpleMath";,
Use:=System.Web.Services.Description.SoapBindingUse.Literal,
ParameterStyle:=System.Web.Services.Protocols.SoapParameterStyle.Wrapped)> _
Line 41: Public Function Add(ByVal x As Integer, ByVal y As Integer) As
Integer
Line 42: Dim results() As Object = Me.Invoke("Add", New Object() {x, y})
Line 43: Return CType(results(0),Integer)
Line 44: End Function

Source File: C:\Inetpub\wwwroot\UserValidation\Web
References\localhost\Reference.vb Line: 42

Stack Trace:

[SoapHeaderException: Microsoft.Web.Services2.Security.SecurityFault: The
security token could not be authenticated or authorized
at
Microsoft.Web.Services2.Security.Tokens.UsernameTokenManager.OnLogonUserFailed(UsernameToken token)
at
Microsoft.Web.Services2.Security.Tokens.UsernameTokenManager.LogonUser(UsernameToken token)
at
Microsoft.Web.Services2.Security.Tokens.UsernameTokenManager.AuthenticateToken(UsernameToken token)
at
Microsoft.Web.Services2.Security.Tokens.UsernameTokenManager.VerifyToken(SecurityToken securityToken)
at
Microsoft.Web.Services2.Security.Tokens.SecurityTokenManager.LoadXmlSecurityToken(XmlElement element)
at
Microsoft.Web.Services2.Security.Tokens.SecurityTokenManager.GetTokenFromXml(XmlElement element)
at Microsoft.Web.Services2.Security.Security.LoadToken(XmlElement element,
SecurityConfiguration configuration, Int32& tokenCount)
at Microsoft.Web.Services2.Security.Security.LoadXml(XmlElement element)
at
Microsoft.Web.Services2.Security.SecurityInputFilter.ProcessMessage(SoapEnvelope envelope)
at Microsoft.Web.Services2.Pipeline.ProcessInputMessage(SoapEnvelope
envelope)
at
Microsoft.Web.Services2.WebServicesExtension.BeforeDeserializeServer(SoapServerMessage message)]
System.Web.Services.Protocols.SoapHttpClientProtocol.ReadResponse(SoapClientMessage
message, WebResponse response, Stream responseStream, Boolean asyncCall)
System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String
methodName, Object[] parameters)
UserValidation.localhost.SimpleMathWse.Add(Int32 x, Int32 y) in
C:\Inetpub\wwwroot\UserValidation\Web References\localhost\Reference.vb:42
UserValidation.Math.cmdAdd_Click(Object sender, EventArgs e) in
C:\Inetpub\wwwroot\UserValidation\MathService.aspx.vb:74
System.Web.UI.WebControls.Button.OnClick(EventArgs e)
System.Web.UI.WebControls.Button.System.Web.UI.IPostBackEventHandler.RaisePostBackEvent(String eventArgument)
System.Web.UI.Page.RaisePostBackEvent(IPostBackEventHandler sourceControl,
String eventArgument)
System.Web.UI.Page.RaisePostBackEvent(NameValueCollection postData)
System.Web.UI.Page.ProcessRequestMain()


.