Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > ASP .Net > ASP .Net Web Services > WSE3, SOAP:Fault a Security checking

Reply
Thread Tools

WSE3, SOAP:Fault a Security checking

 
 
Ivan
Guest
Posts: n/a
 
      03-28-2007
Hi,
I have WSE3 Client configured by wse3policyCache.config file. I set <fault
SignatureOptions="" encryptBody="false"> to disable signature verification
when received SOAP:fault message. But I'm always get exception "Security
requirements are not satisfied because the security header is not
present in the incoming message". Normal, signed responses, are processed OK.

How to really disable signature checking for SOAP:fault messages ?

my policy file
<policy name="x509">
<mutualCertificate10Security establishSecurityContext="false"
renewExpiredSecurityContext="true" requireSignatureConfirmation="false"
messageProtectionOrder="SignBeforeEncrypt" requireDerivedKeys="false"
ttlInSeconds="300">
<clientToken>
<x509 storeLocation="CurrentUser" storeName="My"
findValue="CN=Alice, OU=OASIS Interop Test Cert, O=OASIS"
findType="FindBySubjectDistinguishedName" />
</clientToken>
<serviceToken>
<x509 storeLocation="CurrentUser" storeName="AddressBook"
findValue="CN=Bob, OU=OASIS Interop Test Cert, O=OASIS"
findType="FindBySubjectDistinguishedName" />
</serviceToken>
<protection>
<request signatureOptions="IncludeSoapBody" encryptBody="false" />
<response signatureOptions="IncludeSoapBody" encryptBody="false" />
<fault signatureOptions="" encryptBody="false" />
</protection>
</mutualCertificate10Security>
<requireActionHeader />
</policy>

Exception:
WSE910: An error happened during the processing of a response message, and
you can find the error in the inner exception. You can also find the
response message in the Response property.

InnerException:
Security requirements are not satisfied because the security header is not
present in the incoming message.
Microsoft.Web.Services3
at
Microsoft.Web.Services3.Security.SecureConversatio nClientReceiveSecurityFilter.ValidateMessageSecuri ty(SoapEnvelope envelope, Security security)
at
Microsoft.Web.Services3.Security.ReceiveSecurityFi lter.ProcessMessage(SoapEnvelope envelope)
at Microsoft.Web.Services3.Pipeline.ProcessInputMessa ge(SoapEnvelope
envelope)
at
Microsoft.Web.Services3.Xml.SoapEnvelopeReaderWrap per..ctor(SoapClientMessage
message, String messageContentType)

Thank you for your responses.

Ivan
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Security Checking Software Daren Hawes ASP .Net 1 11-08-2005 12:18 AM
OT: Regarding checking emails in at work - crash security ;-) Annie Computer Security 10 05-20-2005 12:29 AM
Checking Security =?Utf-8?B?SmFjaw==?= Wireless Networking 4 03-04-2005 09:31 PM
IT-Security, Security, e-security COMSOLIT Messmer Computer Support 0 09-05-2003 08:34 AM
UNC Security permission checking Paul Riley ASP .Net 0 07-31-2003 09:52 AM



Advertisments