problem implementing usernameForCertificateSecurity assertion

---

• From: rameezwazirali@xxxxxxxxxxx
• Date: 13 Mar 2006 05:16:52 -0800

---

I made a web service and have implemented
usernameForCertificateSecurity assertion in it. If I put both the
webservice and client on same PC , then its running absolutely fine.
But when i tried to connect to webservice from remote machine
(different machine on same LAN), then it is giving me following error

An error happened during the processing of a response message, and you
can find the error in the inner exception. You can also find the
response message in the Response property."} System.Exception
{Microsoft.Web.Services3.ResponseProcessingException}

by digging into inner exception I am getting
Message "Security requirements are not satisfied because the security
header is not present in the incoming message." string

stack trace of inner exception is

StackTrace " at
Microsoft.Web.Services3.Security.SecureConversationClientReceiveSecurityFilter.ValidateMessageSecurity(SoapEnvelope
envelope, Security security)\r\n at
Microsoft.Web.Services3.Security.ReceiveSecurityFilter.ProcessMessage(SoapEnvelope
envelope)\r\n at
Microsoft.Web.Services3.Pipeline.ProcessInputMessage(SoapEnvelope
envelope)\r\n at
Microsoft.Web.Services3.Messaging.SoapClient.SendRequestResponse(String
methodname, SoapEnvelope envelope)" string

stack trace of exception itself is

StackTrace " at
Microsoft.Web.Services3.Messaging.SoapClient.SendRequestResponse(String
methodname, SoapEnvelope envelope)\r\n at
Microsoft.Web.Services3.Security.SecurityTokenServiceClient.RequestSecurityToken(SecurityTokenMessage
request, String methodName)\r\n at
Microsoft.Web.Services3.Security.SecurityContextTokenServiceClient.RequestSecurityContextToken(AppliesTo
appliesTo)\r\n at
Microsoft.Web.Services3.Security.SecurityContextTokenServiceClient.IssueSecurityContextToken(AppliesTo
appliesTo)\r\n at
Microsoft.Web.Services3.Security.Tokens.SecurityContextTokenManager.RequestTokenFromIssuer(EndpointReference
tokenIssuer, String tokenType, AppliesTo appliesTo, Policy policy,
SoapProtocolVersion soapVersion, StateManager messageState,
StateManager operationState, StateManager sessionState)\r\n at
Microsoft.Web.Services3.Security.SecureConversationClientSendSecurityFilter.EstablishSecureConversation(SoapEnvelope
envelope)\r\n at
Microsoft.Web.Services3.Security.SecureConversationClientSendSecurityFilter.SecureMessage(SoapEnvelope
envelope, Security security)\r\n at
Microsoft.Web.Services3.Security.SendSecurityFilter.ProcessMessage(SoapEnvelope
envelope)\r\n at
Microsoft.Web.Services3.Pipeline.ProcessOutputMessage(SoapEnvelope
envelope)\r\n at
Microsoft.Web.Services3.Xml.SoapEnvelopeWriter.Finish()\r\n at
Microsoft.Web.Services3.Xml.XmlWrappingWriter.Flush()\r\n at
System.Web.Services.Protocols.SoapHttpClientProtocol.Serialize(SoapClientMessage
message)\r\n at
System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String
methodName, Object[] parameters)\r\n at
RecruitmentManager.ServiceWse.HelloWorld() in
c:\\WINDOWS\\Microsoft.NET\\Framework\\v2.0.50727\\Temporary ASP.NET
Files\\jamna\\d81f1553\\1d587e01\\App_WebReferences.fyodzmlu.0.cs:line
297\r\n at _Default.Button1_Click(Object sender, EventArgs e) in
d:\\Sample Applications\\jamna\\Default.aspx.cs:line 106" string

Response property of exception shows following
{"System.Web.Services.Protocols.SoapHeaderException: Server
unavailable, please try later ---> System.ApplicationException: WSE841:
An error occured processing an outgoing fault response. --->
System.Web.Services.Protocols.SoapHeaderException: Referenced security
token could not be retrieved ---> WSE590: Failed to resolve the
following Key Info <KeyInfo
xmlns=\"http://www.w3.org/2000/09/xmldsig#\";><wsse:SecurityTokenReference
xmlns:wsse=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd\";><wsse:KeyIdentifier
ValueType=\"http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#ThumbprintSHA1\";
EncodingType=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary\";>c2LOnVZbej9cXpPTGSOJCZ8ZWqE=</wsse:KeyIdentifier></wsse:SecurityTokenReference></KeyInfo>.\r\n
--- End of inner exception stack trace ---\r\n --- End of inner
exception stack trace ---"}

I think it is some security rights problem as service works fine if
client is on the same machine as service ... I tried to give right to
Aspnet user on certificated private key , plus i put aspnet user on
"Log on locally" policy also but nothing seems to be working for me...

please can any body help me in this.... is there any other rights which
i am missing .. for information I am using
customUsernameTokenManager...

thanks in advance

.

---

• Prev by Date: decrypting
• Next by Date: FileLoadException when running app with Impersonate from network folder.
• Previous by thread: decrypting
• Next by thread: FileLoadException when running app with Impersonate from network folder.
• Index(es):
  • Date
  • Thread

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Newsgroups  > microsoft.public.dotnet.security  > 2006-03