473,396 Members | 1,987 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > .net framework > questions > referenced security token could not be retrieved

Join Bytes to post your question to a community of 473,396 software developers and data experts.

Referenced security token could not be retrieved

Jay
3 Jan. 11:38 Optionen anzeigen

Newsgroups: microsoft.public.dotnet.framework.webservices.enha ncements
Von: "Jay" <p.brunm...@nusurf.at> - Nachrichten dieses Autors suchen
Datum: 3 Jan 2006 02:38:30 -0800
Lokal: Di 3 Jan. 2006 11:38
Betreff: Referenced security token could not be retrieved
Antworten | Antwort an Autor | Weiterleiten | Drucken | Einzelne Nachricht |
Original anzeigen | Entfernen | Missbrauch melden

Hi@all
I ve got a strange problem with my custom security token. I ve added
the token to the security elements and a messagesignature with the same
token as described in the WSE 2.0 documentation.
I derived a class from SecurityTokenServiceClient to communicate with
my STS. Here is a snippet from where i try to get the requested
security token
public void TryGetToken()
{
// the request for a security token
RequestSecurityToken rst;
rst = new RequestSecurityToken(
"http://updates.dvo.at/tokens/LiveUpdateToken#LiveUpdateToken", //
requested type
"http://localhost/LiveUpdateTokenService/TokenService.ashx"); // my
STS
//custom XML token based on the XML token from the CustomXMLToken
Service. I 've added some extra field which i need to validate
LiveUpdateRequestToken f = new LiveUpdateRequestToken("Patrick",
"Brunmayr", "hansi", "1000");
this.RequestSoapContext.Security.Tokens.Add( f ); // Add the token
to the security elements
this.RequestSoapContext.Security.Elements.Add( new
MessageSignature(f)); // add a signature to sign the request
base.IssueSecurityToken(rst); // call the STS and try to get the
security token

}
When i call base.IssueSecurityToken(rst) i alwasy get this
SoapExcpetion

<soap:Fault>
<faultcode
xmlns:code="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-se...">code:SecurityTokenUnavailable</faultcode>
<faultstring>Microsoft.Web.Services2.Security.Secu rityFault: Referenced
security token could not be retrieved
at Microsoft.Web.Services2.Security.MessageSignature. CheckSignature()
at Microsoft.Web.Services2.Security.Security.LoadXml( XmlElement
element)
at
Microsoft.Web.Services2.Security.SecurityInputFilt er.ProcessMessage(SoapEnvÂ*elope
envelope)
at Microsoft.Web.Services2.Pipeline.ProcessInputMessa ge(SoapEnvelope
envelope)
at
Microsoft.Web.Services2.Messaging.SoapReceiver.Fil terMessage(SoapEnvelope
envelope)
at
Microsoft.Web.Services2.Messaging.SoapReceiver.Pro cessMessage(SoapEnvelope
message)</faultstring>
<faultactor>http://localhost/LiveUpdateTokenService/TokenService.ashx</faultactor>
</soap:Fault>
But i don't understand this beacuse my token is present in the Soap
header. Here the SoapMessage from the trace
<soap:Envelope
xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/03/addressing"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-se..."
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-ut..."xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
<soap:Header>
<wsa:Action
wsu:Id="Id-3d8b7914-b86d-471a-8f97-1893b99530ef">http://schemas.xmlsoap.org/ws/2004/04/security/trust/RST/Issue</wsa:Action>
<wsa:MessageID
wsu:Id="Id-512d289f-2425-4bc2-8cab-f2e78c5677ba">uuid:e80f2392-728a-41d9-8cÂ*8a-73ed2aae3f90</wsa:MessageID>
<wsa:ReplyTo wsu:Id="Id-be1ddfa6-4905-439a-be09-9fc46a9ab710">
<wsa:Address>http://schemas.xmlsoap.org/ws/2004/03/addressing/role/anonymous</wsa:Address>
</wsa:ReplyTo>
<wsa:To
wsu:Id="Id-1e50cadc-6083-4c0b-a091-2e55a91059a6">http://localhost/LiveUpdateTokenService/TokenService.ashx</wsa:To>
<wsse:Security soap:mustUnderstand="1">
<wsu:Timestamp wsu:Id="Timestamp-b189d2ef-e3e5-4f3c-b724-45d41d31c76e">
<wsu:Created>2006-01-03T10:15:57Z</wsu:Created>
<wsu:Expires>2006-01-03T10:20:57Z</wsu:Expires>
</wsu:Timestamp>
// here is my token
<dvo:LiveUpdateRequestToken
wsu:Id="SecurityToken-489fdbb5-d56e-44e1-9890-a308657f047f"
xmlns:dvo="http://updates.dvo.at/tokens/LiveUpdateRequestToken">
<dvo:CreatedAt>2006-01-03T10:15:56Z</dvo:CreatedAt>
<dvo:ExpiresAt>2006-01-03T18:15:56Z</dvo:ExpiresAt>
<dvo:Email>????????</dvo:Email>
<dvo:Password>????????????</dvo:Password>
<dvo:WTNumber>????????</dvo:WTNumber>
<dvo:ProgrammCode>????????</dvo:ProgrammCode>
</dvo:LiveUpdateRequestToken>
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
<SignedInfo>
<ds:CanonicalizationMethod
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"
xmlns:ds="http://www.w3.org/2000/09/xmldsig#" />
<SignatureMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#hmac-sha1" />
<Reference URI="#Id-3d8b7914-b86d-471a-8f97-1893b99530ef">
<Transforms>
<Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<DigestValue>tJfDGaqEs7y0Irw2oQBtjSQ+5jY=</DigestValue>
</Reference>
<Reference URI="#Id-512d289f-2425-4bc2-8cab-f2e78c5677ba">
<Transforms>
<Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<DigestValue>1At17jkhs39o9wiXHOJmh25Kwsk=</DigestValue>
</Reference>
<Reference URI="#Id-be1ddfa6-4905-439a-be09-9fc46a9ab710">
<Transforms>
<Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<DigestValue>pnlzF1vVnTwatB7NLjXkbgOzC4A=</DigestValue>
</Reference>
<Reference URI="#Id-1e50cadc-6083-4c0b-a091-2e55a91059a6">
<Transforms>
<Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<DigestValue>IzprExuvm/t4Jnsl94j/ITkP53o=</DigestValue>
</Reference>
<Reference URI="#Timestamp-b189d2ef-e3e5-4f3c-b724-45d41d31c76e">
<Transforms>
<Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<DigestValue>6QEFpK/PrJVbzLxTnUtAYKgbJ5g=</DigestValue>
</Reference>
<Reference URI="#Id-392047ac-59c7-4df7-983f-8fdd8864bc38">
<Transforms>
<Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<DigestValue>BdnuQuQFhi0IIfiUWcrtBD5QLFQ=</DigestValue>
</Reference>
</SignedInfo>
<SignatureValue>oT+qphdjdHqOm6mhwv78nNQj7N8=</SignatureValue>
<KeyInfo>
<wsse:SecurityTokenReference>
// here is the reference to my token. This Section was added from WSE
<wsse:Reference
URI="#SecurityToken-489fdbb5-d56e-44e1-9890-a308657f047f"
ValueType="http://updates.dvo.at/tokens/LiveUpdateRequestToken#LiveUpdateRequest..."/>
</wsse:SecurityTokenReference>
</KeyInfo>
</Signature>
</wsse:Security>
</soap:Header>
<soap:Body wsu:Id="Id-392047ac-59c7-4df7-983f-8fdd8864bc38">
<wst:RequestSecurityToken
xmlns:wst="http://schemas.xmlsoap.org/ws/2004/04/trust">
<wst:TokenType>http://updates.dvo.at/tokens/LiveUpdateToken#LiveUpdateToken</wst:TokenType>
<wst:RequestType>http://schemas.xmlsoap.org/ws/2004/04/security/trust/Issue</wst:RequestType>
<wsp:AppliesTo
xmlns:wsp="http://schemas.xmlsoap.org/ws/2002/12/policy">
<wsa:EndpointReference>
<wsa:Address>http://localhost/LiveUpdateTokenService/TokenService.ashx</wsa:Address>
</wsa:EndpointReference>
</wsp:AppliesTo>
<wst:LifeTime>
<wsu:Expires>2006-01-03T14:15:57Z</wsu:Expires>
</wst:LifeTime>
</wst:RequestSecurityToken>
</soap:Body>
</soap:Envelope>
I dont know why WSE cant find the token? Did anybode have the same
problem? Please Help me this drives my crazy
Jan 3 '06 #1
0 4297
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

5
Security Implementation
by: Nick | last post by:
I am working on an application for a client that will involve using remoting. They do not want to use integrated security so I was going to store usernames and hashed passwords in a SQL Database. ...
.NET Framework
4
Error using WS-Security
by: Ashish | last post by:
Hi Guys I am getting the following error while implementing authentication using WS-security. "Microsoft.Web.Services2.Security.SecurityFault: The security token could not be authenticated...
C# / C Sharp
29
Security- access to Event Viewer
by: Patrick | last post by:
I have the following code, which regardless which works fine and logs to the EventViewer regardless of whether <processModel/> section of machine.config is set to username="SYSTEM" or "machine" ...
ASP.NET
8
A service's threads outgoing security:how to manage?
by: Manfred Braun | last post by:
Hello All! I am writing a management application, which has to access remote machines registry via System.Diagnostics.EventLog.CreateEventSource . For each machine, I connect to, I create a...
C# / C Sharp
0
samples for custom security token
by: HansvL | last post by:
Both the clientapplication and the webservice are written by me. I do not want to burden my customers with handling X509 certificates. The solution is then either to use SSL, or use the...
.NET Framework
4
Website security without javascript or cookies
by: oopaevah | last post by:
What are the pitfalls of passing a token in the url once a user is logged on so I can remember who they are? I can easily implement this by adding &token=abcdefghijklmnop123 to each internal...
ASP.NET
1
Weblogic WebService and .NET Client: Interoper (with Security) issue
by: WebServiceSecurity | last post by:
The issue involves the following technologies: - 1. .NET 2.0 Framework 2. WSE2.0 (WS-Security) 3. X.509 certificates 4. BEA Weblogic 8.1.5
.NET Framework
1
(WS-Security): Soap Header and Security elements missing in the SoapRequest.
by: novicedlh | last post by:
Hello, I am creating a webservice that collects user information and stores it in a database. Since the user information contains sensitive data like SSN I am planning to use WS-Security (WSE...
.NET Framework
5
Microsoft Webservice Security Problem
by: VictorG | last post by:
Hello, I am trying to secure a webservice using WSE 3.0 and the turnkey usernameForCertificateSecurity profile. I am passing a valid username token, and on the server I have overridden the...
.NET Framework
0
Merging data from multiple Excel files
by: ryjfgjl | last post by:
In our work, we often receive Excel tables with data in the same format. If we want to analyze these data, it can be difficult to analyze them because the data is spread across multiple Excel files...
Data Management
0
BarryA
Navigating the Data Structures and Algorithms (DSA)
by: BarryA | last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
Algorithms / Advanced Math
1
Looking to do Android software development, any suggestions? Is flutter better?
by: nemocccc | last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
General
1
Is that possible of reading the .csv file in column wise and the column have different lengths ?
by: Sonnysonu | last post by:
This is the data of csv file 1 2 3 1 2 3 1 2 3 1 2 3 2 3 2 3 3 the lengths should be different i have to store the data by column-wise with in the specific length. suppose the i have to...
C / C++
0
How to build RAID in BIOS?
by: Hystou | last post by:
There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
Computer Hardware
0
Changing the language in Windows 10
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
Windows Server
0
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...
C / C++
0
tracyyun
Discussion: How does Zigbee compare with other wireless protocols in smart home applications?
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
General
0
agi2029
AI Job Threat for Devs
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing,...
Career Advice

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!