WSE

Hi,

I am constructing a Web Service client to interact with a service
provided by a partner organisation, but without any success so far.

The SOAP message expected by the server is (with the username and
password blanked out, of course):

<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<soap:Header>
<wsse:Security soap:mustUnderstand="1"

xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"

xmlns:env="http://schemas.xmlsoap.org/soap/envelope/">
<wsse:UsernameToken>
<wsse:Username>******</wsse:Username>
<wsse:Password
Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0
#PasswordText">******</wsse:Password>
</wsse:UsernameToken>
</wsse:Security>
</soap:Header>
<soap:Body xmlns:ns1="http://www.slc.co.uk/course/schema/1.0">
<ns1:qualificationsListRequest>
<schemaVersion>1.0</schemaVersion>
</ns1:qualificationsListRequest>
</soap:Body>
</soap:Envelope>

I'm using Visual Studio 2005 with WSE, and have created a policy file
(wse3policyCache.config) as follows, again with the username and
password blanked out:

<policies xmlns="http://schemas.microsoft.com/wse/2005/06/policy">
<extensions>
<extension name="usernameOverTransportSecurity"
type="Microsoft.Web.Services3.Design.UsernameOverT ransportAssertion,
Microsoft.Web.Services3, Version=3.0.0.0, Culture=neutral,
PublicKeyToken=31bf3856ad364e35" />
<extension name="username"
type="Microsoft.Web.Services3.Design.UsernameToken Provider,
Microsoft.Web.Services3, Version=3.0.0.0, Culture=neutral,
PublicKeyToken=31bf3856ad364e35" />
<extension name="requireActionHeader"
type="Microsoft.Web.Services3.Design.RequireAction HeaderAssertion,
Microsoft.Web.Services3, Version=3.0.0.0, Culture=neutral,
PublicKeyToken=31bf3856ad364e35" />
</extensions>
<policy name="credentials">
<usernameOverTransportSecurity>
<clientToken>
<username username="******" password="******" />
</clientToken>
</usernameOverTransportSecurity>
<requireActionHeader />
</policy>
</policies>

The proxy, generated using wsdl.exe because the partner site will not
allow access to the wsdl file directly, contains the following:

public partial class qualificationsListRequest {

private decimal schemaVersionField;

public qualificationsListRequest() {
this.schemaVersionField = ((decimal)(1.0m));
}

/// <remarks/>

[System.Xml.Serialization.XmlElementAttribute(Form= System.Xml.Schema.XmlSchemaForm.Unqualified)]
public decimal schemaVersion {
get {
return this.schemaVersionField;
}
set {
this.schemaVersionField = value;
}
}
}

I then attempt to call the Web service method from my code as follows:

private void SlcHeiDbWSTest_Load(object sender, EventArgs e)
{
CourseServices service = new CourseServices();

try
{
qualificationsListResponse quals =
service.getQualificationsList(new qualificationsListRequest());
}
catch (Exception ex)
{
MessageBox.Show("There was an unexplained exception: " +
ex.Message);
}
finally
{
service = null;
}
}

The server replies with an error (contents of the Exception message):

"WSDoAllReceiver: security processing failed (actions mismatch)"

I don't know whether that implies that I've authorised correctly or not,
so I'm waiting for that info from our partner organisation. Either way,
I feel a bit short of knowledge because I can't actually see the SOAP
message that VS is constructing and sending.

Is it possible to inspect the SOAP message sent from a .NET Web Service
client? If so, how is it done?

And, on the other hand, can anyone see any mistakes in what I'm doing?

Thanks
Peter