tag:blogger.com,1999:blog-1482776199578137808.post3668147688200418809..comments2024-03-12T11:12:59.606+02:00Comments on Yaron Naveh's Web Services 2.0 Blog: 12 common wcf interop confusionsYaron Naveh (MVP)http://www.blogger.com/profile/11793800386245798442noreply@blogger.comBlogger82125tag:blogger.com,1999:blog-1482776199578137808.post-13071716382040876162018-09-25T13:32:07.002+03:002018-09-25T13:32:07.002+03:00Hello,
Ran into most of the issues you have descr...Hello,<br /><br />Ran into most of the issues you have described and solved them, but now i am getting this error {"The data in element 'a:Action' must be understood but cannot be handled"}<br /><br />Help please!<br /><br />Thanks,<br />Muzammil Ahmed<br />zhamhttps://www.blogger.com/profile/08132580609199506031noreply@blogger.comtag:blogger.com,1999:blog-1482776199578137808.post-60948080497986099262018-03-27T17:19:09.555+03:002018-03-27T17:19:09.555+03:00Hey Yaron,
I'm having an issue with the encod...Hey Yaron,<br /><br />I'm having an issue with the encoding of attachment. Any ideas. I have detailed description of my issue on stackoverflow.<br /><br />https://stackoverflow.com/questions/49498689/web-service-encoding-incorrect-for-attachment<br /><br />Anonymoushttps://www.blogger.com/profile/09569206528697590033noreply@blogger.comtag:blogger.com,1999:blog-1482776199578137808.post-74269002315860331452018-03-26T18:35:20.671+03:002018-03-26T18:35:20.671+03:00This comment has been removed by the author.Anonymoushttps://www.blogger.com/profile/09569206528697590033noreply@blogger.comtag:blogger.com,1999:blog-1482776199578137808.post-11658737741490685872017-07-03T17:22:54.007+03:002017-07-03T17:22:54.007+03:00Could any one help me in setting the values securi...Could any one help me in setting the values security headers for the same webservice through JAVA, it seems the code above is for .NET, <br />WHat are the classes or api required to setup the SecurityHeaderType values,<br /><br />I need to set up for below XML.<br /> i am attaching the INPUTXML please share the JAVA code with Signed parameters, for X509 cetificate.<br /><br /><br />XML<br />##############################<br /><br /><br /><br /> <br /> <br /> <br /> <br /> <br /><br /><br /><br /><br /><br /><br /><br /><br />=<br /><br /><br /><br /><br /><br /><br /><br /><br /><br /> <br /> <br /> <br /> <br /> 4<br /> false<br /> 1111222233334444<br /> <br /> <br /> <br /><br /><br /><br /><br />THanks<br /><br />Anonymoushttps://www.blogger.com/profile/07807051526722871316noreply@blogger.comtag:blogger.com,1999:blog-1482776199578137808.post-24354913595160887972017-06-12T21:33:42.928+03:002017-06-12T21:33:42.928+03:00Thank you for this. The info here really helped me...Thank you for this. The info here really helped me on my first WCF project.Anthony Yeomanhttps://www.blogger.com/profile/13242714508491279952noreply@blogger.comtag:blogger.com,1999:blog-1482776199578137808.post-30539135285651618262016-04-07T16:24:18.153+03:002016-04-07T16:24:18.153+03:00I am facing same issue . Binary security token is ...I am facing same issue . Binary security token is not being sign in my message. I have tried almost all options.Please guide.BST id should be refer in signedinfo elemnt. This is required by server.<br /><br />my code is <br /><br /> AsymmetricSecurityBindingElement secBE = (AsymmetricSecurityBindingElement) (SecurityBindingElement.CreateMutualCertificateDuplexBindingElement());<br /> secBE.MessageSecurityVersion = MessageSecurityVersion.WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11;<br /> secBE.InitiatorTokenParameters = new System.ServiceModel.Security.Tokens.X509SecurityTokenParameters { X509ReferenceStyle= X509KeyIdentifierClauseType.Thumbprint, InclusionMode = SecurityTokenInclusionMode.AlwaysToRecipient, ReferenceStyle = SecurityTokenReferenceStyle.Internal };<br /> secBE.RecipientTokenParameters = new System.ServiceModel.Security.Tokens.X509SecurityTokenParameters { X509ReferenceStyle = X509KeyIdentifierClauseType.Thumbprint, InclusionMode = SecurityTokenInclusionMode.Never, ReferenceStyle = SecurityTokenReferenceStyle.Internal };<br /> // secBE.EndpointSupportingTokenParameters.Endorsing.Add(secBE.InitiatorTokenParameters);<br /> // secBE.KeyEntropyMode = SecurityKeyEntropyMode.ClientEntropy;<br /> secBE.AllowInsecureTransport = true;<br /> secBE.ProtectTokens = true;<br /> secBE.SetKeyDerivation(false);<br /> secBE.DefaultAlgorithmSuite = SecurityAlgorithmSuite.Basic256Sha256;<br /> secBE.RequireSignatureConfirmation = true;<br /> secBE.AllowSerializedSigningTokenOnReply = true;<br /> secBE.MessageProtectionOrder = MessageProtectionOrder.SignBeforeEncrypt;<br /> secBE.SecurityHeaderLayout = SecurityHeaderLayout.Lax;<br /> secBE.EnableUnsecuredResponse = true;<br /> secBE.IncludeTimestamp = true;<br /> HttpsTransportBindingElement elem = new HttpsTransportBindingElement { RequireClientCertificate = true };<br /> CustomBinding binding = new CustomBinding(secBE, new TextMessageEncodingBindingElement(MessageVersion.Soap11, Encoding.UTF8), elem);<br /><br /><br /> <br /> Dds.Endpoint.Binding = binding;<br /> Dds.Endpoint.Contract.ProtectionLevel = System.Net.Security.ProtectionLevel.Sign;<br /><br /><br />Anonymoushttps://www.blogger.com/profile/16607760790722076515noreply@blogger.comtag:blogger.com,1999:blog-1482776199578137808.post-20980040412849252412016-03-21T18:09:43.616+02:002016-03-21T18:09:43.616+02:00This is the finest read out there on the topic. Yo...This is the finest read out there on the topic. You saved me hours of MSDNing. God bless you man. Cheers!Anonymoushttps://www.blogger.com/profile/07668799942774223838noreply@blogger.comtag:blogger.com,1999:blog-1482776199578137808.post-31818200898773180982016-03-10T06:59:42.037+02:002016-03-10T06:59:42.037+02:00Can you please check, your email. I have requested...Can you please check, your email. I have requested you through email along with the code I am using for the same. In the meantime I will try this too on my end.<br /><br /><br />Regards,<br />AmitInnovamindshttps://www.blogger.com/profile/05935009347398048551noreply@blogger.comtag:blogger.com,1999:blog-1482776199578137808.post-75903007876304852372016-03-08T03:31:00.411+02:002016-03-08T03:31:00.411+02:00there should be a protectionOrder setting on the s...there should be a protectionOrder setting on the security channel of a custom binding but it that does not help the only way is to implement a custom encoder and change the order of the generated message.Yaron Naveh (MVP)https://www.blogger.com/profile/11793800386245798442noreply@blogger.comtag:blogger.com,1999:blog-1482776199578137808.post-57285247333946991782016-03-08T03:28:35.291+02:002016-03-08T03:28:35.291+02:00Hey Yaron,
How I can change the order of header el...Hey Yaron,<br />How I can change the order of header elements? I need security element first and then Action element, but my custom binding generates Action element first and then security element.<br /><br /><br />Regards,<br />AmitInnovamindshttps://www.blogger.com/profile/05935009347398048551noreply@blogger.comtag:blogger.com,1999:blog-1482776199578137808.post-33269579854801789772016-02-12T01:55:47.559+02:002016-02-12T01:55:47.559+02:00user/pass + client certificate will not work decla...user/pass + client certificate will not work declaratively with xml binding. you can create them via code like I sent or with mutualcertificate I beleive. This is a default ctor for a service proxy, maybe it's in partial class in anotehr file or in a base class, which ctor you have?Yaron Naveh (MVP)https://www.blogger.com/profile/11793800386245798442noreply@blogger.comtag:blogger.com,1999:blog-1482776199578137808.post-9442033670924913522016-02-11T15:33:31.948+02:002016-02-11T15:33:31.948+02:00Hi, I've tried to manualy set up the binding u...Hi, I've tried to manualy set up the binding using your link https://gist.github.com/yaronn/7894760 but I have a problem with the line:<br />new ServiceReference1.SimpleServiceSoapClient(b, new EndpointAddress(new Uri("https://www.bankhapoalim.co.il/"), new DnsEndpointIdentity("WSE2QuickStartServer"), new AddressHeaderCollection()));<br /><br />What is this class? my service class generated after adding the service reference in the web application does not have a constructor with that many parameters.<br /><br />a other question is why setting up the username and password using ClientCredentials is not working with mutualcertificate? (no node in the soap header is created)Anonymoushttps://www.blogger.com/profile/17173770643857265716noreply@blogger.comtag:blogger.com,1999:blog-1482776199578137808.post-77114541817498154842016-02-10T15:32:26.554+02:002016-02-10T15:32:26.554+02:00Hi Pierrick, in order to add a username token to a...Hi Pierrick, in order to add a username token to a mutualcertificate binding, either use something like this https://gist.github.com/yaronn/7894760 (might need to fine tune) or add the username tags in a message inspector (they will not be signed but you do not need it anyway).Yaron Naveh (MVP)https://www.blogger.com/profile/11793800386245798442noreply@blogger.comtag:blogger.com,1999:blog-1482776199578137808.post-1642790304601302242016-02-10T12:11:03.276+02:002016-02-10T12:11:03.276+02:00Hi Yaron,
I'm try to consume a webservice that...Hi Yaron,<br />I'm try to consume a webservice that appears to be written in java and that requiert some element of WS-Security: signature, timestamp and username.<br />I have created a x509 certificate to sign the request and I was provided with a username and a password to use with the request<br />I manage to make it work using SoapUI here is a link to the request capture using fiddler: http://pastebin.com/LbMp6nyG<br /><br />The final goal is to consume this service in a .net web application, i've created a sample and try different configuration<br />I have an error : "An error was discovered processing the header"<br />here is the request send by the web application: http://pastebin.com/hLG0k5jN<br />here is the web.config configuration that I use: http://pastebin.com/9BECTEnT<br /><br />The request is somehow similar to the soapui one but not the same, can you point me in the right direction?<br />it seems that the .net call does not send the username and password even if I set them in the code like this:<br /> GererContratTelesurveillanceClient tls = new GererContratTelesurveillanceClient();<br /> tls.ClientCredentials.UserName.UserName = "tlsprows";<br /> tls.ClientCredentials.UserName.Password = "123";Anonymoushttps://www.blogger.com/profile/17173770643857265716noreply@blogger.comtag:blogger.com,1999:blog-1482776199578137808.post-1367364166543646872016-01-15T11:17:12.103+02:002016-01-15T11:17:12.103+02:00hi i am not use any custom encoder..followed your ...hi i am not use any custom encoder..followed your post only and how can make some encrypt body elements using wcf for ex<br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br />Encrypted message body<br /><br /><br /><br /><br /><br /><br />is it possible using .net ? madanforallhttps://www.blogger.com/profile/01759596174211219792noreply@blogger.comtag:blogger.com,1999:blog-1482776199578137808.post-26198022514339389262016-01-08T15:24:14.434+02:002016-01-08T15:24:14.434+02:00if you built a custom encoder make sure it does no...if you built a custom encoder make sure it does not change any signed parts in the xml (also not whitespace).Yaron Naveh (MVP)https://www.blogger.com/profile/11793800386245798442noreply@blogger.comtag:blogger.com,1999:blog-1482776199578137808.post-91142080496107598702016-01-08T07:15:33.207+02:002016-01-08T07:15:33.207+02:00Hi Yaron,
i am getting bellow error while i consu...Hi Yaron,<br /><br />i am getting bellow error while i consuming wcf services using x509 certificate..i follow your post as usual but still getting error<br /><br /><b>signature or decryption was invalid</b><br /><br />any help ?<br /><br />thanks <br />madhanmadanforallhttps://www.blogger.com/profile/01759596174211219792noreply@blogger.comtag:blogger.com,1999:blog-1482776199578137808.post-73506654248804511602015-07-04T19:40:43.757+03:002015-07-04T19:40:43.757+03:00Hi yaron,
I am getting below error when try to con...Hi yaron,<br />I am getting below error when try to consume a web service in asp.net:<br />System.ServiceModel.FaultException: Signature verification failed<br />message signing is required here using X509 certificate. Can you guide me here.8Anonymoushttps://www.blogger.com/profile/12166576747527524816noreply@blogger.comtag:blogger.com,1999:blog-1482776199578137808.post-44908338644040612212015-05-04T05:38:42.889+03:002015-05-04T05:38:42.889+03:00Hi Stanley
Check this:
http://stackoverflow.com/q...Hi Stanley<br /><br />Check this:<br />http://stackoverflow.com/questions/19190404/loading-x509certificate-results-in-exception-cryptographicexception-cannot-find<br /><br />Also I suggest to try it on another machine (not yours and not Azure) to see the behavior.Yaron Naveh (MVP)https://www.blogger.com/profile/11793800386245798442noreply@blogger.comtag:blogger.com,1999:blog-1482776199578137808.post-57768581014277781042015-05-03T20:14:31.648+03:002015-05-03T20:14:31.648+03:00Hi Yaron,
C# WCF Client to Java AXIS Service in A...Hi Yaron,<br /><br />C# WCF Client to Java AXIS Service in Azure. Got the following exception when loading the certification file using the following code:<br />client.ClientCredentials.ServiceCertificate.DefaultCertificate = new X509Certificate2(certServerPath);<br /> System.Security.Cryptography.CryptographicException: Cannot find the original signer. at System.Security.Cryptography.CryptographicException.ThrowCryptographicException(Int32 hr) at System.Security.Cryptography.X509Certificates.X509Utils._LoadCertFromBlob(Byte[] rawData, IntPtr password, UInt32 dwFlags, Boolean persistKeySet, SafeCertContextHandle& pCertCtx) at System.Security.Cryptography.X509Certificates.X509Certificate.LoadCertificateFromBlob(Byte[] rawData, Object password, X509KeyStorageFlags keyStorageFlags) at System.Security.Cryptography.X509Certificates.X509Certificate..ctor(Byte[] rawData, String password, X509KeyStorageFlags keyStorageFlags) at System.Security.Cryptography.X509Certificates.X509Certificate2..ctor(Byte[] rawData, String password, X509KeyStorageFlags keyStorageFlags) at <br /><br />Any clue how to fix this problem?<br />Thanks.<br /><br />// Stanley HaunAnonymoushttps://www.blogger.com/profile/00966015250291386917noreply@blogger.comtag:blogger.com,1999:blog-1482776199578137808.post-63410250159342075872015-04-23T06:09:16.748+03:002015-04-23T06:09:16.748+03:00Hi Yahon,
Currently i got the problem when reques...Hi Yahon,<br /><br />Currently i got the problem when request to the server.<br />Here is my error<br /><br />Exception during processing: javax.xml.soap.SOAPException: Unable to handle mustUnderstand header: o:Security (see Fault Detail for stacktrace)<br /><br />im using .net to call java services<br /><br />i guess it should be remove the <br /><br />how i can remove it?<br /><br />Thanks alotUas Ku Sukseshttps://www.blogger.com/profile/04605427658926544510noreply@blogger.comtag:blogger.com,1999:blog-1482776199578137808.post-43560170149129303582015-04-22T13:37:13.086+03:002015-04-22T13:37:13.086+03:00at what stage do you get this error? add service r...at what stage do you get this error? add service reference or run time?Yaron Naveh (MVP)https://www.blogger.com/profile/11793800386245798442noreply@blogger.comtag:blogger.com,1999:blog-1482776199578137808.post-91644427989394909962015-04-22T05:51:37.967+03:002015-04-22T05:51:37.967+03:00Hi Yaroh,
I've a problem when invoke the webs...Hi Yaroh,<br /><br />I've a problem when invoke the webservice<br /><br />Here is the error "Unable to identify WSDL operation from message from {0}." soap:Server.80031<br /><br />Can you help me about this error ?Uas Ku Sukseshttps://www.blogger.com/profile/04605427658926544510noreply@blogger.comtag:blogger.com,1999:blog-1482776199578137808.post-43367117165561882352015-03-27T15:51:39.575+03:002015-03-27T15:51:39.575+03:00Very happy to hear that Lee!Very happy to hear that Lee!Yaron Naveh (MVP)https://www.blogger.com/profile/11793800386245798442noreply@blogger.comtag:blogger.com,1999:blog-1482776199578137808.post-25267674874749011532015-03-27T14:57:34.583+03:002015-03-27T14:57:34.583+03:00Just checking into say thanks. I had been trying f...Just checking into say thanks. I had been trying for two days to get SoapUI to be able to send successfully to my WCF Service even though I had a WCF Client that could. <br />I kept receiving "Signing without primary signature requires timestamp" from the soapUI calls and the only difference in XML was the Timestamp came first from the WCF client and last from soapUI. The securityHeaderLayout setting didn't do anything, but #9 on your post did as my messageSecurityVersion was WSSecurity11, switched it to WSSecurity10 and everything works great. Thanks again!Anonymoushttps://www.blogger.com/profile/13217552417456954014noreply@blogger.com