Referenced security token could not be retrieved

Jay C.

Jay
3 Jan. 11:38 Optionen anzeigen

Newsgroups: microsoft.publi c.dotnet.framew ork.webservices .enhancements
Von: "Jay" <p.brunm...@nus urf.at> - Nachrichten dieses Autors suchen
Datum: 3 Jan 2006 02:38:30 -0800
Lokal: Di 3 Jan. 2006 11:38
Betreff: Referenced security token could not be retrieved
Antworten | Antwort an Autor | Weiterleiten | Drucken | Einzelne Nachricht |
Original anzeigen | Entfernen | Missbrauch melden

Hi@all
I ve got a strange problem with my custom security token. I ve added
the token to the security elements and a messagesignatur e with the same
token as described in the WSE 2.0 documentation.
I derived a class from SecurityTokenSe rviceClient to communicate with
my STS. Here is a snippet from where i try to get the requested
security token
public void TryGetToken()
{
// the request for a security token
RequestSecurity Token rst;
rst = new RequestSecurity Token(
"http://updates.dvo.at/tokens/LiveUpdateToken #LiveUpdateToke n", //
requested type
"http://localhost/LiveUpdateToken Service/TokenService.as hx"); // my
STS
//custom XML token based on the XML token from the CustomXMLToken
Service. I 've added some extra field which i need to validate
LiveUpdateReque stToken f = new LiveUpdateReque stToken("Patric k",
"Brunmayr", "hansi", "1000");
this.RequestSoa pContext.Securi ty.Tokens.Add( f ); // Add the token
to the security elements
this.RequestSoa pContext.Securi ty.Elements.Add ( new
MessageSignatur e(f)); // add a signature to sign the request
base.IssueSecur ityToken(rst); // call the STS and try to get the
security token

}
When i call base.IssueSecur ityToken(rst) i alwasy get this
SoapExcpetion

<soap:Fault>
<faultcode
xmlns:code="htt p://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-se...">code:Sec urityTokenUnava ilable</faultcode>
<faultstring>Mi crosoft.Web.Ser vices2.Security .SecurityFault: Referenced
security token could not be retrieved
at Microsoft.Web.S ervices2.Securi ty.MessageSigna ture.CheckSigna ture()
at Microsoft.Web.S ervices2.Securi ty.Security.Loa dXml(XmlElement
element)
at
Microsoft.Web.S ervices2.Securi ty.SecurityInpu tFilter.Process Message(SoapEnv Â*elope
envelope)
at Microsoft.Web.S ervices2.Pipeli ne.ProcessInput Message(SoapEnv elope
envelope)
at
Microsoft.Web.S ervices2.Messag ing.SoapReceive r.FilterMessage (SoapEnvelope
envelope)
at
Microsoft.Web.S ervices2.Messag ing.SoapReceive r.ProcessMessag e(SoapEnvelope
message)</faultstring>
<faultactor>htt p://localhost/LiveUpdateToken Service/TokenService.as hx</faultactor>
</soap:Fault>
But i don't understand this beacuse my token is present in the Soap
header. Here the SoapMessage from the trace
<soap:Envelop e
xmlns:wsa="http ://schemas.xmlsoap .org/ws/2004/03/addressing"
xmlns:wsse="htt p://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-se..."
xmlns:wsu="http ://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-ut..."xmlns:soa p="http://schemas.xmlsoap .org/soap/envelope/">
<soap:Header>
<wsa:Action
wsu:Id="Id-3d8b7914-b86d-471a-8f97-1893b99530ef">h ttp://schemas.xmlsoap .org/ws/2004/04/security/trust/RST/Issue</wsa:Action>
<wsa:MessageI D
wsu:Id="Id-512d289f-2425-4bc2-8cab-f2e78c5677ba">u uid:e80f2392-728a-41d9-8cÂ*8a-73ed2aae3f90</wsa:MessageID>
<wsa:ReplyTo wsu:Id="Id-be1ddfa6-4905-439a-be09-9fc46a9ab710">
<wsa:Address>ht tp://schemas.xmlsoap .org/ws/2004/03/addressing/role/anonymous</wsa:Address>
</wsa:ReplyTo>
<wsa:To
wsu:Id="Id-1e50cadc-6083-4c0b-a091-2e55a91059a6">h ttp://localhost/LiveUpdateToken Service/TokenService.as hx</wsa:To>
<wsse:Securit y soap:mustUnders tand="1">
<wsu:Timestam p wsu:Id="Timesta mp-b189d2ef-e3e5-4f3c-b724-45d41d31c76e">
<wsu:Created>20 06-01-03T10:15:57Z</wsu:Created>
<wsu:Expires>20 06-01-03T10:20:57Z</wsu:Expires>
</wsu:Timestamp>
// here is my token
<dvo:LiveUpdate RequestToken
wsu:Id="Securit yToken-489fdbb5-d56e-44e1-9890-a308657f047f"
xmlns:dvo="http ://updates.dvo.at/tokens/LiveUpdateReque stToken">
<dvo:CreatedAt> 2006-01-03T10:15:56Z</dvo:CreatedAt>
<dvo:ExpiresAt> 2006-01-03T18:15:56Z</dvo:ExpiresAt>
<dvo:Email>???? ????</dvo:Email>
<dvo:Password>? ???????????</dvo:Password>
<dvo:WTNumber>? ???????</dvo:WTNumber>
<dvo:ProgrammCo de>????????</dvo:ProgrammCod e>
</dvo:LiveUpdateR equestToken>
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
<SignedInfo>
<ds:Canonicaliz ationMethod
Algorithm="http ://www.w3.org/2001/10/xml-exc-c14n#"
xmlns:ds="http://www.w3.org/2000/09/xmldsig#" />
<SignatureMetho d
Algorithm="http ://www.w3.org/2000/09/xmldsig#hmac-sha1" />
<Reference URI="#Id-3d8b7914-b86d-471a-8f97-1893b99530ef">
<Transforms>
<Transform Algorithm="http ://www.w3.org/2001/10/xml-exc-c14n#" />
</Transforms>
<DigestMethod Algorithm="http ://www.w3.org/2000/09/xmldsig#sha1" />
<DigestValue>tJ fDGaqEs7y0Irw2o QBtjSQ+5jY=</DigestValue>
</Reference>
<Reference URI="#Id-512d289f-2425-4bc2-8cab-f2e78c5677ba">
<Transforms>
<Transform Algorithm="http ://www.w3.org/2001/10/xml-exc-c14n#" />
</Transforms>
<DigestMethod Algorithm="http ://www.w3.org/2000/09/xmldsig#sha1" />
<DigestValue>1A t17jkhs39o9wiXH OJmh25Kwsk=</DigestValue>
</Reference>
<Reference URI="#Id-be1ddfa6-4905-439a-be09-9fc46a9ab710">
<Transforms>
<Transform Algorithm="http ://www.w3.org/2001/10/xml-exc-c14n#" />
</Transforms>
<DigestMethod Algorithm="http ://www.w3.org/2000/09/xmldsig#sha1" />
<DigestValue>pn lzF1vVnTwatB7NL jXkbgOzC4A=</DigestValue>
</Reference>
<Reference URI="#Id-1e50cadc-6083-4c0b-a091-2e55a91059a6">
<Transforms>
<Transform Algorithm="http ://www.w3.org/2001/10/xml-exc-c14n#" />
</Transforms>
<DigestMethod Algorithm="http ://www.w3.org/2000/09/xmldsig#sha1" />
<DigestValue>Iz prExuvm/t4Jnsl94j/ITkP53o=</DigestValue>
</Reference>
<Reference URI="#Timestamp-b189d2ef-e3e5-4f3c-b724-45d41d31c76e">
<Transforms>
<Transform Algorithm="http ://www.w3.org/2001/10/xml-exc-c14n#" />
</Transforms>
<DigestMethod Algorithm="http ://www.w3.org/2000/09/xmldsig#sha1" />
<DigestValue>6Q EFpK/PrJVbzLxTnUtAYK gbJ5g=</DigestValue>
</Reference>
<Reference URI="#Id-392047ac-59c7-4df7-983f-8fdd8864bc38">
<Transforms>
<Transform Algorithm="http ://www.w3.org/2001/10/xml-exc-c14n#" />
</Transforms>
<DigestMethod Algorithm="http ://www.w3.org/2000/09/xmldsig#sha1" />
<DigestValue>Bd nuQuQFhi0IIfiUW crtBD5QLFQ=</DigestValue>
</Reference>
</SignedInfo>
<SignatureValue >oT+qphdjdHqOm6 mhwv78nNQj7N8=</SignatureValue>
<KeyInfo>
<wsse:SecurityT okenReference>
// here is the reference to my token. This Section was added from WSE
<wsse:Referen ce
URI="#SecurityT oken-489fdbb5-d56e-44e1-9890-a308657f047f"
ValueType="http ://updates.dvo.at/tokens/LiveUpdateReque stToken#LiveUpd ateRequest..."/>
</wsse:SecurityTo kenReference>
</KeyInfo>
</Signature>
</wsse:Security>
</soap:Header>
<soap:Body wsu:Id="Id-392047ac-59c7-4df7-983f-8fdd8864bc38">
<wst:RequestSec urityToken
xmlns:wst="http ://schemas.xmlsoap .org/ws/2004/04/trust">
<wst:TokenType> http://updates.dvo.at/tokens/LiveUpdateToken #LiveUpdateToke n</wst:TokenType>
<wst:RequestTyp e>http://schemas.xmlsoap .org/ws/2004/04/security/trust/Issue</wst:RequestType >
<wsp:AppliesT o
xmlns:wsp="http ://schemas.xmlsoap .org/ws/2002/12/policy">
<wsa:EndpointRe ference>
<wsa:Address>ht tp://localhost/LiveUpdateToken Service/TokenService.as hx</wsa:Address>
</wsa:EndpointRef erence>
</wsp:AppliesTo>
<wst:LifeTime >
<wsu:Expires>20 06-01-03T14:15:57Z</wsu:Expires>
</wst:LifeTime>
</wst:RequestSecu rityToken>
</soap:Body>
</soap:Envelope>
I dont know why WSE cant find the token? Did anybode have the same
problem? Please Help me this drives my crazy

Jan 3 '06 #1

Subscribe Reply

4351

Similar topics

2043

Security Implementation

by: Nick | last post by:

I am working on an application for a client that will involve using remoting. They do not want to use integrated security so I was going to store usernames and hashed passwords in a SQL Database. I have a table in the database that will also contain their session information which it will encrypt and store as a class on the client end. Each time they connect to the server I will pass the session class back and it will decrypt, then...

.NET Framework

7985

Error using WS-Security

by: Ashish | last post by:

Hi Guys I am getting the following error while implementing authentication using WS-security. "Microsoft.Web.Services2.Security.SecurityFault: The security token could not be authenticated or authorized ---> System.Exception: WSE565: The password provided the SecurityTokenManager does not match the one on the incoming token. at Microsoft.Web.Services2.Security.Tokens.UsernameTokenManager.VerifyPlainText

C# / C Sharp

15546

Security- access to Event Viewer

by: Patrick | last post by:

I have the following code, which regardless which works fine and logs to the EventViewer regardless of whether <processModel/> section of machine.config is set to username="SYSTEM" or "machine" ---Start of test.aspx---- <%@ Page language="C#" AutoEventWireup="false" %> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" > <HTML> <HEAD>

ASP.NET

1808

A service's threads outgoing security:how to manage?

by: Manfred Braun | last post by:

Hello All! I am writing a management application, which has to access remote machines registry via System.Diagnostics.EventLog.CreateEventSource . For each machine, I connect to, I create a DirectoryEntry and connect to that machine specifying credentials. That's becauase the running user does not has the right permissions . The application is written in C# and the action taken is done with threads from the threadpool.

C# / C Sharp

1738

samples for custom security token

by: HansvL | last post by:

Both the clientapplication and the webservice are written by me. I do not want to burden my customers with handling X509 certificates. The solution is then either to use SSL, or use the UsernameToken as encryption key, or use a custom security token. Since SoapContext.Security becomes obsolete according to WSE3.0 documentation, I do not know how to attach the custom security token to the webservice communication. Are there any samples that...

.NET Framework

1603

Website security without javascript or cookies

by: oopaevah | last post by:

What are the pitfalls of passing a token in the url once a user is logged on so I can remember who they are? I can easily implement this by adding &token=abcdefghijklmnop123 to each internal link on my web pages once the user is logged on. I won't be passing the username or password in the url, just a token that is created when a user logs on. When the server receives the token it maps it back to the account id. This saves the user...

ASP.NET

3420

Weblogic WebService and .NET Client: Interoper (with Security) issue

by: WebServiceSecurity | last post by:

The issue involves the following technologies: - 1. .NET 2.0 Framework 2. WSE2.0 (WS-Security) 3. X.509 certificates 4. BEA Weblogic 8.1.5

.NET Framework

6090

(WS-Security): Soap Header and Security elements missing in the SoapRequest.

by: novicedlh | last post by:

Hello, I am creating a webservice that collects user information and stores it in a database. Since the user information contains sensitive data like SSN I am planning to use WS-Security (WSE 2.0) in my WebService to digitally sign and encrypt the data. Here are the steps I followed to digitally sign the message: 1) I created a X.509 certificate using Certification Services in Windows Server 2003. 2) I installed the certificate...

.NET Framework

2752

Microsoft Webservice Security Problem

by: VictorG | last post by:

Hello, I am trying to secure a webservice using WSE 3.0 and the turnkey usernameForCertificateSecurity profile. I am passing a valid username token, and on the server I have overridden the Authenticate token call and it is being called. My ASP.NET service has a Login() method and it is being called during client application startup. Both the client and service have matching policy config files. Once authentication

.NET Framework

8984

What is ONU?

by: marktang | last post by:

ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look ! Part I. Meaning of...

General

9530

Problem With Comparison Operator <=> in G++

by: Oralloy | last post by:

Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed. This is as boiled down as I can make it. Here is my compilation command: g++-12 -std=c++20 -Wnarrowing bit_field.cpp Here is the code in...

C / C++

9363

Maximizing Business Potential: The Nexus of Website Design and Digital Marketing

by: jinu1996 | last post by:

In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth. The Art of Business Website Design Your website is...

Online Marketing

9312

The easy way to turn off automatic updates for Windows 10/11

by: Hystou | last post by:

Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...

Windows Server

9238

Discussion: How does Zigbee compare with other wireless protocols in smart home applications?

by: tracyyun | last post by:

Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...

General

8237

AI Job Threat for Devs

by: agi2029 | last post by:

Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own.... Now, this would greatly impact the work of software developers. The idea...

Career Advice

4593

Trying to create a lan-to-lan vpn between two differents networks

by: TSSRALBI | last post by:

Hello I'm a network technician in training and I need your help. I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs. The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols. I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...

Networking - Hardware / Configuration

4864

Windows Forms - .Net 8.0

by: adsilva | last post by:

A Windows Forms form does not have the event Unload, like VB6. What one acts like?

Visual Basic .NET

3300

transfer the data from one system to another through ip address

by: 6302768590 | last post by:

Hai team i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system

C# / C Sharp