WCF fails to deserialize correct(?) response message security headers (Security header is empty)
Posted
by Soeteman
on Stack Overflow
See other posts from Stack Overflow
or by Soeteman
Published on 2010-04-01T09:57:28Z
Indexed on
2010/04/08
13:43 UTC
Read the original article
Hit count: 624
I'm communicating with an OC4J webservice, using a WCF client. The client is configured as follows:
<basicHttpBinding>
<binding name="MyBinding">
<security mode="TransportWithMessageCredential">
<transport clientCredentialType="None" proxyCredentialType="None" realm=""/>
<message clientCredentialType="UserName" algorithmSuite="Default"/>
</security>
</binding>
My clientcode looks as follows:
ServicePointManager.CertificatePolicy = new AcceptAllCertificatePolicy();
string username = ConfigurationManager.AppSettings["user"];
string password = ConfigurationManager.AppSettings["pass"];
// client instance maken
WebserviceClient client = new WebserviceClient();
client.Endpoint.Binding = new BasicHttpBinding("MyBinding");
// credentials toevoegen
client.ClientCredentials.UserName.UserName = username;
client.ClientCredentials.UserName.Password = password;
//uitvoeren request
var response = client.Ping();
I've altered the CertificatePolicy to accept all certificates, because I need to insert Charles (ssl proxy) in between client and server to intercept the actual Xml that is sent across te wire.
My request looks as follows:
<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<s:Header>
<o:Security s:mustUnderstand="1" xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<u:Timestamp u:Id="_0">
<u:Created>2010-04-01T09:47:01.161Z</u:Created>
<u:Expires>2010-04-01T09:52:01.161Z</u:Expires>
</u:Timestamp>
<o:UsernameToken u:Id="uuid-9b39760f-d504-4e53-908d-6125a1827aea-21">
<o:Username>user</o:Username>
<o:Password o:Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username- token-profile-1.0#PasswordText">pass</o:Password>
</o:UsernameToken>
</o:Security>
</s:Header>
<s:Body>
<getPrdStatus xmlns="http://mynamespace.org/wsdl">
<request xmlns="" xmlns:a="http://mynamespace.org/wsdl" xmlns:i="http://www.w3.org/2001/XMLSchema-instance">
<a:IsgrStsRequestTypeUser>
<a:prdCode>LEPTO</a:prdCode>
<a:sequenceNumber i:nil="true" />
<a:productionType i:nil="true" />
<a:statusDate>2010-04-01T11:47:01.1617641+02:00</a:statusDate>
<a:ubn>123456</a:ubn>
<a:animalSpeciesCode>RU</a:animalSpeciesCode>
</a:IsgrStsRequestTypeUser>
</request>
</getPrdStatus>
</s:Body>
</s:Envelope>
In return, I receive the following response:
<env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:ns0="http://mynamespace.org/wsdl">
<env:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:env="http://schemas.xmlsoap.org/soap/envelope/" env:mustUnderstand="1" />
</env:Header>
<env:Body>
<ns0:getPrdStatusResponse>
<result>
<ns0:IsgrStsResponseTypeUser>
<ns0:prdCode>LEPTO</ns0:prdCode>
<ns0:color>green</ns0:color>
<ns0:stsCode>LEP1</ns0:stsCode>
<ns0:sequenceNumber xsi:nil="1" />
<ns0:productionType xsi:nil="1" />
<ns0:IAndRCode>00</ns0:IAndRCode>
<ns0:statusDate>2010-04-01T00:00:00.000+02:00</ns0:statusDate>
<ns0:description>Gecertificeerd vrij</ns0:description>
<ns0:ubn>123456</ns0:ubn>
<ns0:animalSpeciesCode>RU</ns0:animalSpeciesCode>
<ns0:name>gecertificeerd vrij</ns0:name>
<ns0:ranking>17</ns0:ranking>
</ns0:IsgrStsResponseTypeUser>
</result>
</ns0:getPrdStatusResponse>
</env:Body>
</env:Envelope>
Why can't WCF deserialize this response header? I'm getting a "Security header is empty" exception:
Server stack trace:
at System.ServiceModel.Security.ReceiveSecurityHeader.Process(TimeSpan timeout)
at System.ServiceModel.Security.TransportSecurityProtocol.VerifyIncomingMessageCore(Message& message, TimeSpan timeout)
at System.ServiceModel.Security.TransportSecurityProtocol.VerifyIncomingMessage(Message& message, TimeSpan timeout)
at System.ServiceModel.Security.SecurityProtocol.VerifyIncomingMessage(Message& message, TimeSpan timeout, SecurityProtocolCorrelationState[] correlationStates)
at System.ServiceModel.Channels.SecurityChannelFactory`1.SecurityRequestChannel.ProcessReply(Message reply, SecurityProtocolCorrelationState correlationState, TimeSpan timeout)
at System.ServiceModel.Channels.SecurityChannelFactory`1.SecurityRequestChannel.Request(Message message, TimeSpan timeout)
at System.ServiceModel.Dispatcher.RequestChannelBinder.Request(Message message, TimeSpan timeout)
at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)
at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs)
at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)
at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)
Who knows what is going on here? I've already tried Rick Strahl's suggestion and removed the timestamp from the request header. Any help greatly appreciated!
© Stack Overflow or respective owner
