 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
.NET Forum / ASP.NET / Web Services / October 2005WSE 2.0 - Message Expired
I am using an HttpWebRequest to make a soap request to a web service. I am buidling my own WSE header information to send over. When I do, I get a Message Expired Error. However, the input file from the tracing file I got from the webservice shows the following timestamp: <wsu:Timestamp wsu:Id="Timestamp-c8b86afa-0f68-4fae-8959-f271f0866212"> <wsu:Created>2005-10-18T17:26:50Z</wsu:Created> <wsu:Expires>2005-10-18T17:36:50Z</wsu:Expires> </wsu:Timestamp> If you'd like to trust me, I will tell you that I was running this between the created and expires time. The output file gives me this: <faultcode xmlns:code="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.x sd">code:MessageExpired</faultcode> <faultstring>Microsoft.Web.Services2.Security.SecurityFault: Message Expired ---> System.Exception: At least one timestamp has expired. --- End of inner exception stack trace --- at Microsoft.Web.Services2.Security.Utility.Timestamp.CheckValid() at Microsoft.Web.Services2.Security.Utility.Timestamp.LoadXml(XmlElement element) at Microsoft.Web.Services2.Security.Utility.Timestamp..ctor(XmlElement element) at Microsoft.Web.Services2.Security.Security.LoadXml(XmlElement element) at Microsoft.Web.Services2.Security.SecurityInputFilter.ProcessMessage(SoapEnvelope envelope) at Microsoft.Web.Services2.Pipeline.ProcessInputMessage(SoapEnvelope envelope) at Microsoft.Web.Services2.WebServicesExtension.BeforeDeserializeServer(SoapServerMessage message)</faultstring> <faultactor>http://localhost/MsWsXmlEnc/HelloUsingXmlEnc.asmx</faultactor> Can anyone think of why I would get this exception? Since I am building my own headers, I have hard coded anywhere where I need a GUID such as in <wsu:Timestamp wsu:Id="Timestamp-c8b86afa-0f68-4fae-8959-f271f0866212"> as shown above. Could it be that the GUID is more significant and I can't just hard code it? The test was done with the client and server on the same machine, so I know there is nothing funny going on with a bad time on one server. Thanks in advance for any help. I Think you should not hardcode Timestamps. They are not just GUID, it deals about expiration. If you need so, you could generate GUIDs from your program using .NET API. Use System.Guid.NewGuid(), or so. In any case, Why do you need to generate your own GUID-Timestamps? Could you send your code to take a look?  SignatureCESAR DE LA TORRE Software Architect [Microsoft MVP - XML Web Services] [MCSE] [MCT] Renacimiento [Microsoft GOLD Certified Partner] > I am using an HttpWebRequest to make a soap request to a web service. > I am buidling my own WSE header information to send over. When I do, I [quoted text clipped - 45 lines] > > Thanks in advance for any help. Cesar, Thank you so much for your response. I have pasted the code below. I have also changed it so that I am creating a new guid for the messageId, timestamp, and securityToken id. However, I got the same results. I did notice something very interesting though. I actually saw this happen before but when I posted yesterday, this wasn't happening so I thought I may have fixed it. This morning when I tested, the input file to my webservice had this for a timestamp: <wsu:Timestamp wsu:Id="Timestamp-097cfcf9-7d52-494e-9917-a5fe157ef8a6"> <wsu:Created>2005-10-19T09:11:57Z</wsu:Created> <wsu:Expires>2005-10-19T09:21:57Z</wsu:Expires> </wsu:Timestamp> However, the output file which generated the exception had this: <wsu:Timestamp wsu:Id="Timestamp-09a51f64-67ba-4917-8729-4a4f36f8347f"> <wsu:Created>2005-10-19T13:16:57Z</wsu:Created> <wsu:Expires>2005-10-19T13:21:57Z</wsu:Expires> </wsu:Timestamp> Note the time on the output has had 6 hours added to it, which definitly would seem invalid. I reset IIS and deleted the old tracing files so I'm positive the input and output are lining up with the same request. Could it be that something under the covers is changing that timestamp and causing this error? Here is the code: public class tester { public string CallWebMethodWithParams(string id, string password, string webServiceURI, string webMethodName, params object[] parameters) { //Note: For the next 3 lines of code, the inputParams will be //an array of parameters for the web service method being invoked. string wsdl = WSDLReader.getWSDL(webServiceURI,webMethodName); char[] delims = {'|'}; string[] inputParams = wsdl.Split(delims); StringBuilder soapStarter = new StringBuilder(); soapStarter.Append("<?xml version='1.0' encoding='utf-8'?>"); //Beginning of envelope node soapStarter.Append("<soap:Envelope xmlns:soap='http://schemas.xmlsoap.org/soap/envelope/'"); soapStarter.Append(" xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance'"); soapStarter.Append(" xmlns:xsd='http://www.w3.org/2001/XMLSchema'"); soapStarter.Append(" xmlns:wsa='http://schemas.xmlsoap.org/ws/2004/03/addressing'"); soapStarter.Append(" xmlns:wsse='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd'"); soapStarter.Append(" xmlns:wsu='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd'>"); //End of envelope node UserNameTokenMaker tm = new UserNameTokenMaker(id,password); soapStarter.Append(tm.getSoapHeader(webServiceURI,webMethodName)); soapStarter.Append("<soap:Body>"); soapStarter.Append("<"); soapStarter.Append(webMethodName); soapStarter.Append(" xmlns='http://tempuri.org/'>"); for(int i=0;i<inputParams.Length;i++) { string paramId = inputParams[i]; soapStarter.Append("<").Append(paramId).Append(">"); soapStarter.Append(Convert.ToString(parameters[i])); soapStarter.Append("</").Append(paramId).Append(">"); } soapStarter.Append("</").Append(webMethodName).Append(">"); soapStarter.Append("</soap:Body>"); soapStarter.Append("</soap:Envelope> "); XmlDocument doc = new XmlDocument(); doc.LoadXml(soapStarter.ToString()); string myResponse = string.Empty; try { HttpWebRequest req = (HttpWebRequest)WebRequest.Create(webServiceURI); StringBuilder soapAction = new StringBuilder(); soapAction.Append("http://tempuri.org/").Append(webMethodName); req.Headers.Add("SOAPAction",soapAction.ToString()); req.ContentType = "text/xml;charset='utf-8'"; req.Accept = "text/xml"; req.Method = "POST"; Stream stm = req.GetRequestStream(); doc.Save(stm); stm.Close(); WebResponse resp = req.GetResponse(); stm = resp.GetResponseStream(); StreamReader r = new StreamReader(stm); myResponse = r.ReadToEnd(); } catch(SecurityFault eSec) { myResponse = string.Format(CONST_ERROR_FORMAT, "", eSec.ToString(), (eSec.InnerException != null ? eSec.InnerException.ToString() : string.Empty)); } catch(Exception e) { myResponse = string.Format(CONST_ERROR_FORMAT, "", e.ToString(), (e.InnerException != null ? e.InnerException.ToString() : string.Empty)); } return myResponse; } } public class UserNameTokenMaker { private string _id; private string _password; public UserNameTokenMaker(string id,string password) { _id = id; _password = password; } public string getSoapHeader(string URI,string methodName) { StringBuilder soapHeader = new StringBuilder(); soapHeader.Append("<soap:Header>"); soapHeader.Append("<wsa:Action>http://tempuri.org/").Append(methodName).Append("</wsa:Action>"); string myGuid = Guid.NewGuid().ToString(); soapHeader.Append("<wsa:MessageID>uuid:").Append(myGuid).Append("</wsa:MessageID>"); soapHeader.Append("<wsa:ReplyTo>"); soapHeader.Append("<wsa:Address>http://schemas.xmlsoap.org/ws/2004/03/addressing/role/anonymous</wsa:Address>"); soapHeader.Append("</wsa:ReplyTo>"); soapHeader.Append("<wsa:To>").Append(URI).Append("</wsa:To>"); soapHeader.Append(getUserNameTokenHeader()); soapHeader.Append("</soap:Header>"); return soapHeader.ToString(); } private string getUserNameTokenHeader() { StringBuilder userNameHeader = new StringBuilder(); userNameHeader.Append("<wsse:Security soap:mustUnderstand='1'>"); userNameHeader.Append("<wsu:Timestamp wsu:Id='Timestamp-").Append(Guid.NewGuid().ToString()).Append("'>"); DateTime rightNow = DateTime.Now.AddMinutes(-5); string fromDay = rightNow.ToString("yyyy-MM-dd"); string fromTime = rightNow.ToString("HH:mm:ss"); DateTime notNow = rightNow.AddMinutes(10); string toDay = notNow.ToString("yyyy-MM-dd"); string toTime = notNow.ToString("HH:mm:ss"); userNameHeader.Append("<wsu:Created>").Append(fromDay).Append("T").Append(fromTime).Append("Z").Append("</wsu:Created>"); userNameHeader.Append("<wsu:Expires>").Append(toDay).Append("T").Append(toTime).Append("Z").Append("</wsu:Expires>"); userNameHeader.Append("</wsu:Timestamp>"); userNameHeader.Append("<wsse:UsernameToken xmlns:wsu='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd' wsu:Id='SecurityToken-").Append(Guid.NewGuid().ToString()).Append("'>"); userNameHeader.Append("<wsse:Username>").Append(_id).Append("</wsse:Username>"); userNameHeader.Append("<wsse:Password Type='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1 .0#PasswordText'>").Append(_password).Append("</wsse:Password>"); userNameHeader.Append("<wsse:Nonce>KBlpA4ql1SWPoH8qT/hHbg==</wsse:Nonce>"); userNameHeader.Append("<wsu:Created>").Append(fromDay).Append("T").Append(fromTime).Append("Z").Append("</wsu:Created>"); userNameHeader.Append("</wsse:UsernameToken>"); userNameHeader.Append("</wsse:Security>"); return userNameHeader.ToString(); } } public class tester { public string CallWebMethodWithParams(string id, string password, string webServiceURI, string webMethodName, params object[] parameters) { //Note: For the next 3 lines of code, the inputParams will be //an array of parameters for the web service method being invoked. string wsdl = WSDLReader.getWSDL(webServiceURI,webMethodName); char[] delims = {'|'}; string[] inputParams = wsdl.Split(delims); StringBuilder soapStarter = new StringBuilder(); soapStarter.Append("<?xml version='1.0' encoding='utf-8'?>"); //Beginning of envelope node soapStarter.Append("<soap:Envelope xmlns:soap='http://schemas.xmlsoap.org/soap/envelope/'"); soapStarter.Append(" xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance'"); soapStarter.Append(" xmlns:xsd='http://www.w3.org/2001/XMLSchema'"); soapStarter.Append(" xmlns:wsa='http://schemas.xmlsoap.org/ws/2004/03/addressing'"); soapStarter.Append(" xmlns:wsse='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd'"); soapStarter.Append(" xmlns:wsu='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd'>"); //End of envelope node UserNameTokenMaker tm = new UserNameTokenMaker(id,password); soapStarter.Append(tm.getSoapHeader(webServiceURI,webMethodName)); soapStarter.Append("<soap:Body>"); soapStarter.Append("<"); soapStarter.Append(webMethodName); soapStarter.Append(" xmlns='http://tempuri.org/'>"); for(int i=0;i<inputParams.Length;i++) { string paramId = inputParams[i]; soapStarter.Append("<").Append(paramId).Append(">"); soapStarter.Append(Convert.ToString(parameters[i])); soapStarter.Append("</").Append(paramId).Append(">"); } soapStarter.Append("</").Append(webMethodName).Append(">"); soapStarter.Append("</soap:Body>"); soapStarter.Append("</soap:Envelope> "); XmlDocument doc = new XmlDocument(); doc.LoadXml(soapStarter.ToString()); string myResponse = string.Empty; try { HttpWebRequest req = (HttpWebRequest)WebRequest.Create(webServiceURI); StringBuilder soapAction = new StringBuilder(); soapAction.Append("http://tempuri.org/").Append(webMethodName); req.Headers.Add("SOAPAction",soapAction.ToString()); req.ContentType = "text/xml;charset='utf-8'"; req.Accept = "text/xml"; req.Method = "POST"; Stream stm = req.GetRequestStream(); doc.Save(stm); stm.Close(); WebResponse resp = req.GetResponse(); stm = resp.GetResponseStream(); StreamReader r = new StreamReader(stm); myResponse = r.ReadToEnd(); } catch(SecurityFault eSec) { myResponse = string.Format(CONST_ERROR_FORMAT, "", eSec.ToString(), (eSec.InnerException != null ? eSec.InnerException.ToString() : string.Empty)); } catch(Exception e) { myResponse = string.Format(CONST_ERROR_FORMAT, "", e.ToString(), (e.InnerException != null ? e.InnerException.ToString() : string.Empty)); } return myResponse; } } public class UserNameTokenMaker { private string _id; private string _password; public UserNameTokenMaker(string id,string password) { _id = id; _password = password; } public string getSoapHeader(string URI,string methodName) { StringBuilder soapHeader = new StringBuilder(); soapHeader.Append("<soap:Header>"); soapHeader.Append("<wsa:Action>http://tempuri.org/").Append(methodName).Append("</wsa:Action>"); string myGuid = Guid.NewGuid().ToString(); soapHeader.Append("<wsa:MessageID>uuid:").Append(myGuid).Append("</wsa:MessageID>"); soapHeader.Append("<wsa:ReplyTo>"); soapHeader.Append("<wsa:Address>http://schemas.xmlsoap.org/ws/2004/03/addressing/role/anonymous</wsa:Address>"); soapHeader.Append("</wsa:ReplyTo>"); soapHeader.Append("<wsa:To>").Append(URI).Append("</wsa:To>"); soapHeader.Append(getUserNameTokenHeader()); soapHeader.Append("</soap:Header>"); return soapHeader.ToString(); } private string getUserNameTokenHeader() { StringBuilder userNameHeader = new StringBuilder(); userNameHeader.Append("<wsse:Security soap:mustUnderstand='1'>"); userNameHeader.Append("<wsu:Timestamp wsu:Id='Timestamp-").Append(Guid.NewGuid().ToString()).Append("'>"); DateTime rightNow = DateTime.Now.AddMinutes(-5); string fromDay = rightNow.ToString("yyyy-MM-dd"); string fromTime = rightNow.ToString("HH:mm:ss"); DateTime notNow = rightNow.AddMinutes(10); string toDay = notNow.ToString("yyyy-MM-dd"); string toTime = notNow.ToString("HH:mm:ss"); userNameHeader.Append("<wsu:Created>").Append(fromDay).Append("T").Append(fromTime).Append("Z").Append("</wsu:Created>"); userNameHeader.Append("<wsu:Expires>").Append(toDay).Append("T").Append(toTime).Append("Z").Append("</wsu:Expires>"); userNameHeader.Append("</wsu:Timestamp>"); userNameHeader.Append("<wsse:UsernameToken xmlns:wsu='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd' wsu:Id='SecurityToken-").Append(Guid.NewGuid().ToString()).Append("'>"); userNameHeader.Append("<wsse:Username>").Append(_id).Append("</wsse:Username>"); userNameHeader.Append("<wsse:Password Type='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1 .0#PasswordText'>").Append(_password).Append("</wsse:Password>"); userNameHeader.Append("<wsse:Nonce>KBlpA4ql1SWPoH8qT/hHbg==</wsse:Nonce>"); userNameHeader.Append("<wsu:Created>").Append(fromDay).Append("T").Append(fromTime).Append("Z").Append("</wsu:Created>"); userNameHeader.Append("</wsse:UsernameToken>"); userNameHeader.Append("</wsse:Security>"); return userNameHeader.ToString(); } } Free MagazinesGet these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...
|
Reply to this Message
|
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2008 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.