Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > ASP .Net > ASP .Net Web Services > WSE 2.0 - The security token could not be authenticated or authori

Reply
Thread Tools

WSE 2.0 - The security token could not be authenticated or authori

 
 
David M. Young
Guest
Posts: n/a
 
      06-11-2004
I posted this to microsoft.public.dotnet.framework.webservices.enha ncements a few days ago, but I'm not getting any helpful responses. I hope someone can help.

Here's my code for the Web Service (SimpleWseServer.ServicesMain.asmx)
[WebMethod]
public string HelloWorld(string username)
{
SoapContext ctxt = RequestSoapContext.Current;
foreach(SecurityToken token in ctxt.Security.Tokens)
{
if(token is UsernameToken)
{
UsernameToken user = (UsernameToken)token;
if(user.Username==username)
{
if(user.Principal.IsInRole(System.Net.Dns.GetHostN ame() + @"\Kings"))
return "Hello, King " + username;
return "Hello, " + username;
}
}
}
return "Hello, Liar";
}

Here the client code (it's a button click event in a WindowsForm)
private void btn_login_Click(object sender, System.EventArgs e)
{
string username = txt_username.Text;
string password = txt_password.Text;
SimpleWseClient.localhost.ServicesMainWse proxy = new
SimpleWseClient.localhost.ServicesMainWse();
proxy.Url = "http://localhost/SimpleWseServer/ServicesMain.asmx";
proxy.RequestSoapContext.Security.Tokens.Add(new UsernameToken(username,
password, PasswordOption.SendPlainText));
txt_response.Text = proxy.HelloWorld(username);
}

Here's the exception stack:
Additional information: Microsoft.Web.Services2.Security.SecurityFault: The
security token could not be authenticated or authorized
at
Microsoft.Web.Services2.Security.Tokens.UsernameTo kenManager.OnLogonUserFail
ed(UsernameToken token)
at
Microsoft.Web.Services2.Security.Tokens.UsernameTo kenManager.LogonUser(Usern
ameToken token)
at
Microsoft.Web.Services2.Security.Tokens.UsernameTo kenManager.AuthenticateTok
en(UsernameToken token)
at
Microsoft.Web.Services2.Security.Tokens.UsernameTo kenManager.VerifyToken(Sec
urityToken securityToken)
at
Microsoft.Web.Services2.Security.Tokens.SecurityTo kenManager.LoadXmlSecurity
Token(XmlElement element)
at
Microsoft.Web.Services2.Security.Tokens.SecurityTo kenManager.GetTokenFromXml
(XmlElement element)
at Microsoft.Web.Services2.Security.Security.LoadXml( XmlElement element)
at
Microsoft.Web.Services2.Security.SecurityInputFilt er.ProcessMessage(SoapEnve
lope envelope)
at Microsoft.Web.Services2.Pipeline.ProcessInputMessa ge(SoapEnvelope
envelope)
at
Microsoft.Web.Services2.WebServicesExtension.Befor eDeserializeServer(SoapSer
verMessage message)

I can't figure out why Windows Authentication is failing? I've enable tracing on both the input and output. The input shows the correct username and password being passed.

The account I'm using is a local account and the group is local as well. I can log in locally with that same username/password combination. I've tried using the following for the username ( username and LOCALMACHINE\username). I've even used my domain login and all receive the same error. I've used the RunAs command to launch other applications as this user and that works.

I also downloaded the Hand-On-Lab (HOLDEVL34: WSE 2.0 Security and Policy) and have tried the supplied "SecureInvoiceA" exercises, but those give the same error as above.

I'd like to move on to implementing my own UsernameTokenManager, but can concieve of doing so until this simple (so it seems) solution can be made to work.

Any help is appreciated.
 
Reply With Quote
 
 
 
 
dm_dal
Guest
Posts: n/a
 
      06-21-2004
Finally got a resolution.

On Win2k you have to grant "Act as part of operating system" in local
policies to the ASPNET account for this to work.

David

"David M. Young" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> I posted this to

microsoft.public.dotnet.framework.webservices.enha ncements a few days ago,
but I'm not getting any helpful responses. I hope someone can help.
>
> Here's my code for the Web Service (SimpleWseServer.ServicesMain.asmx)
> [WebMethod]
> public string HelloWorld(string username)
> {
> SoapContext ctxt = RequestSoapContext.Current;
> foreach(SecurityToken token in ctxt.Security.Tokens)
> {
> if(token is UsernameToken)
> {
> UsernameToken user = (UsernameToken)token;
> if(user.Username==username)
> {
> if(user.Principal.IsInRole(System.Net.Dns.GetHostN ame() + @"\Kings"))
> return "Hello, King " + username;
> return "Hello, " + username;
> }
> }
> }
> return "Hello, Liar";
> }
>
> Here the client code (it's a button click event in a WindowsForm)
> private void btn_login_Click(object sender, System.EventArgs e)
> {
> string username = txt_username.Text;
> string password = txt_password.Text;
> SimpleWseClient.localhost.ServicesMainWse proxy = new
> SimpleWseClient.localhost.ServicesMainWse();
> proxy.Url = "http://localhost/SimpleWseServer/ServicesMain.asmx";
> proxy.RequestSoapContext.Security.Tokens.Add(new UsernameToken(username,
> password, PasswordOption.SendPlainText));
> txt_response.Text = proxy.HelloWorld(username);
> }
>
> Here's the exception stack:
> Additional information: Microsoft.Web.Services2.Security.SecurityFault:

The
> security token could not be authenticated or authorized
> at
>

Microsoft.Web.Services2.Security.Tokens.UsernameTo kenManager.OnLogonUserFail
> ed(UsernameToken token)
> at
>

Microsoft.Web.Services2.Security.Tokens.UsernameTo kenManager.LogonUser(Usern
> ameToken token)
> at
>

Microsoft.Web.Services2.Security.Tokens.UsernameTo kenManager.AuthenticateTok
> en(UsernameToken token)
> at
>

Microsoft.Web.Services2.Security.Tokens.UsernameTo kenManager.VerifyToken(Sec
> urityToken securityToken)
> at
>

Microsoft.Web.Services2.Security.Tokens.SecurityTo kenManager.LoadXmlSecurity
> Token(XmlElement element)
> at
>

Microsoft.Web.Services2.Security.Tokens.SecurityTo kenManager.GetTokenFromXml
> (XmlElement element)
> at Microsoft.Web.Services2.Security.Security.LoadXml( XmlElement

element)
> at
>

Microsoft.Web.Services2.Security.SecurityInputFilt er.ProcessMessage(SoapEnve
> lope envelope)
> at Microsoft.Web.Services2.Pipeline.ProcessInputMessa ge(SoapEnvelope
> envelope)
> at
>

Microsoft.Web.Services2.WebServicesExtension.Befor eDeserializeServer(SoapSer
> verMessage message)
>
> I can't figure out why Windows Authentication is failing? I've enable

tracing on both the input and output. The input shows the correct username
and password being passed.
>
> The account I'm using is a local account and the group is local as well.

I can log in locally with that same username/password combination. I've
tried using the following for the username ( username and
LOCALMACHINE\username). I've even used my domain login and all receive the
same error. I've used the RunAs command to launch other applications as
this user and that works.
>
> I also downloaded the Hand-On-Lab (HOLDEVL34: WSE 2.0 Security and Policy)

and have tried the supplied "SecureInvoiceA" exercises, but those give the
same error as above.
>
> I'd like to move on to implementing my own UsernameTokenManager, but can

concieve of doing so until this simple (so it seems) solution can be made to
work.
>
> Any help is appreciated.



 
Reply With Quote
 
 
 
 
P
Guest
Posts: n/a
 
      07-15-2004
And of course you have to restart IIS afterward. Local security
settings will not take affect (even though it said so) until IIS got
re-started.

Pam
"dm_dal" <(E-Mail Removed)> wrote in message news:<#(E-Mail Removed)>...
> Finally got a resolution.
>
> On Win2k you have to grant "Act as part of operating system" in local
> policies to the ASPNET account for this to work.
>
> David
>
> "David M. Young" <(E-Mail Removed)> wrote in message
> news:(E-Mail Removed)...
> > I posted this to

> microsoft.public.dotnet.framework.webservices.enha ncements a few days ago,
> but I'm not getting any helpful responses. I hope someone can help.
> >
> > Here's my code for the Web Service (SimpleWseServer.ServicesMain.asmx)
> > [WebMethod]
> > public string HelloWorld(string username)
> > {
> > SoapContext ctxt = RequestSoapContext.Current;
> > foreach(SecurityToken token in ctxt.Security.Tokens)
> > {
> > if(token is UsernameToken)
> > {
> > UsernameToken user = (UsernameToken)token;
> > if(user.Username==username)
> > {
> > if(user.Principal.IsInRole(System.Net.Dns.GetHostN ame() + @"\Kings"))
> > return "Hello, King " + username;
> > return "Hello, " + username;
> > }
> > }
> > }

> return "Hello, Liar";
> > }
> >
> > Here the client code (it's a button click event in a WindowsForm)
> > private void btn_login_Click(object sender, System.EventArgs e)
> > {
> > string username = txt_username.Text;
> > string password = txt_password.Text;
> > SimpleWseClient.localhost.ServicesMainWse proxy = new
> > SimpleWseClient.localhost.ServicesMainWse();
> > proxy.Url = "http://localhost/SimpleWseServer/ServicesMain.asmx";
> > proxy.RequestSoapContext.Security.Tokens.Add(new UsernameToken(username,
> > password, PasswordOption.SendPlainText));
> > txt_response.Text = proxy.HelloWorld(username);
> > }
> >
> > Here's the exception stack:
> > Additional information: Microsoft.Web.Services2.Security.SecurityFault:

> The
> > security token could not be authenticated or authorized
> > at
> >

> Microsoft.Web.Services2.Security.Tokens.UsernameTo kenManager.OnLogonUserFail
> > ed(UsernameToken token)
> > at
> >

> Microsoft.Web.Services2.Security.Tokens.UsernameTo kenManager.LogonUser(Usern
> > ameToken token)
> > at
> >

> Microsoft.Web.Services2.Security.Tokens.UsernameTo kenManager.AuthenticateTok
> > en(UsernameToken token)
> > at
> >

> Microsoft.Web.Services2.Security.Tokens.UsernameTo kenManager.VerifyToken(Sec
> > urityToken securityToken)
> > at
> >

> Microsoft.Web.Services2.Security.Tokens.SecurityTo kenManager.LoadXmlSecurity
> > Token(XmlElement element)
> > at
> >

> Microsoft.Web.Services2.Security.Tokens.SecurityTo kenManager.GetTokenFromXml
> > (XmlElement element)
> > at Microsoft.Web.Services2.Security.Security.LoadXml( XmlElement

> element)
> > at
> >

> Microsoft.Web.Services2.Security.SecurityInputFilt er.ProcessMessage(SoapEnve
> > lope envelope)
> > at Microsoft.Web.Services2.Pipeline.ProcessInputMessa ge(SoapEnvelope
> > envelope)
> > at
> >

> Microsoft.Web.Services2.WebServicesExtension.Befor eDeserializeServer(SoapSer
> > verMessage message)
> >
> > I can't figure out why Windows Authentication is failing? I've enable

> tracing on both the input and output. The input shows the correct username
> and password being passed.
> >
> > The account I'm using is a local account and the group is local as well.

> I can log in locally with that same username/password combination. I've
> tried using the following for the username ( username and
> LOCALMACHINE\username). I've even used my domain login and all receive the
> same error. I've used the RunAs command to launch other applications as
> this user and that works.
> >
> > I also downloaded the Hand-On-Lab (HOLDEVL34: WSE 2.0 Security and Policy)

> and have tried the supplied "SecureInvoiceA" exercises, but those give the
> same error as above.
> >
> > I'd like to move on to implementing my own UsernameTokenManager, but can

> concieve of doing so until this simple (so it seems) solution can be made to
> work.
> >
> > Any help is appreciated.

 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
WSE 2.0, ASP.NET, Kerberos Token on IIS 5.0 Win 2k Shikari Shambu ASP .Net 0 12-29-2004 05:16 PM
preprocessor, token concatenation, no valid preprocessor token Cronus C++ 1 07-14-2004 11:10 PM
Prevent a page in an authenticated application from being authenticated Abhijit ASP General 0 04-12-2004 02:10 PM
WSE - Username Token Cyndi ASP .Net Web Services 0 10-02-2003 03:16 AM
Referenced security token could not be retrieved ERROR Jose Escobar ASP .Net Web Services 0 09-15-2003 03:20 PM



Advertisments