I
Ivan
Hi,
I have WSE3 Client configured by wse3policyCache.config file. I set <fault
SignatureOptions="" encryptBody="false"> to disable signature verification
when received SOAP:fault message. But I'm always get exception "Security
requirements are not satisfied because the security header is not
present in the incoming message". Normal, signed responses, are processed OK.
How to really disable signature checking for SOAP:fault messages ?
my policy file
<policy name="x509">
<mutualCertificate10Security establishSecurityContext="false"
renewExpiredSecurityContext="true" requireSignatureConfirmation="false"
messageProtectionOrder="SignBeforeEncrypt" requireDerivedKeys="false"
ttlInSeconds="300">
<clientToken>
<x509 storeLocation="CurrentUser" storeName="My"
findValue="CN=Alice, OU=OASIS Interop Test Cert, O=OASIS"
findType="FindBySubjectDistinguishedName" />
</clientToken>
<serviceToken>
<x509 storeLocation="CurrentUser" storeName="AddressBook"
findValue="CN=Bob, OU=OASIS Interop Test Cert, O=OASIS"
findType="FindBySubjectDistinguishedName" />
</serviceToken>
<protection>
<request signatureOptions="IncludeSoapBody" encryptBody="false" />
<response signatureOptions="IncludeSoapBody" encryptBody="false" />
<fault signatureOptions="" encryptBody="false" />
</protection>
</mutualCertificate10Security>
<requireActionHeader />
</policy>
Exception:
WSE910: An error happened during the processing of a response message, and
you can find the error in the inner exception. You can also find the
response message in the Response property.
InnerException:
Security requirements are not satisfied because the security header is not
present in the incoming message.
Microsoft.Web.Services3
at
Microsoft.Web.Services3.Security.SecureConversationClientReceiveSecurityFilter.ValidateMessageSecurity(SoapEnvelope envelope, Security security)
at
Microsoft.Web.Services3.Security.ReceiveSecurityFilter.ProcessMessage(SoapEnvelope envelope)
at Microsoft.Web.Services3.Pipeline.ProcessInputMessage(SoapEnvelope
envelope)
at
Microsoft.Web.Services3.Xml.SoapEnvelopeReaderWrapper..ctor(SoapClientMessage
message, String messageContentType)
Thank you for your responses.
Ivan
I have WSE3 Client configured by wse3policyCache.config file. I set <fault
SignatureOptions="" encryptBody="false"> to disable signature verification
when received SOAP:fault message. But I'm always get exception "Security
requirements are not satisfied because the security header is not
present in the incoming message". Normal, signed responses, are processed OK.
How to really disable signature checking for SOAP:fault messages ?
my policy file
<policy name="x509">
<mutualCertificate10Security establishSecurityContext="false"
renewExpiredSecurityContext="true" requireSignatureConfirmation="false"
messageProtectionOrder="SignBeforeEncrypt" requireDerivedKeys="false"
ttlInSeconds="300">
<clientToken>
<x509 storeLocation="CurrentUser" storeName="My"
findValue="CN=Alice, OU=OASIS Interop Test Cert, O=OASIS"
findType="FindBySubjectDistinguishedName" />
</clientToken>
<serviceToken>
<x509 storeLocation="CurrentUser" storeName="AddressBook"
findValue="CN=Bob, OU=OASIS Interop Test Cert, O=OASIS"
findType="FindBySubjectDistinguishedName" />
</serviceToken>
<protection>
<request signatureOptions="IncludeSoapBody" encryptBody="false" />
<response signatureOptions="IncludeSoapBody" encryptBody="false" />
<fault signatureOptions="" encryptBody="false" />
</protection>
</mutualCertificate10Security>
<requireActionHeader />
</policy>
Exception:
WSE910: An error happened during the processing of a response message, and
you can find the error in the inner exception. You can also find the
response message in the Response property.
InnerException:
Security requirements are not satisfied because the security header is not
present in the incoming message.
Microsoft.Web.Services3
at
Microsoft.Web.Services3.Security.SecureConversationClientReceiveSecurityFilter.ValidateMessageSecurity(SoapEnvelope envelope, Security security)
at
Microsoft.Web.Services3.Security.ReceiveSecurityFilter.ProcessMessage(SoapEnvelope envelope)
at Microsoft.Web.Services3.Pipeline.ProcessInputMessage(SoapEnvelope
envelope)
at
Microsoft.Web.Services3.Xml.SoapEnvelopeReaderWrapper..ctor(SoapClientMessage
message, String messageContentType)
Thank you for your responses.
Ivan