I am trying to do UserNameOver Certificate auth and the inner exception I
get is
"Security requirements are not satisfied because the security header is not
present in the incoming message."
And in my log I find
   Event Type: Failure Audit
   Event Source: Security
   Event Category: Logon/Logoff
   Event ID: 529
   Date:  10/17/2005
   Time:  2:43:50 PM
   User:  NT AUTHORITY\SYSTEM
   Computer: FOOBAR   <=======EDITED obviously not real
   Description:
   Logon Failure:
 Reason:  Unknown user name or bad password
 User Name: ManOfMystery    < ditto
 Domain:  FOOBAR
 Logon Type: 8
 Logon Process: Advapi
 Authentication Package: Negotiate
 Workstation Name: FOOBAR

OK, I have most of the QuickStarts working well. I am now trying
to use the Demo from Keith Brown's article
http://msdn.microsoft.com/msdnmag/issues/05/11/SecurityBriefs/default.aspx
which I am switching from Kerberos to UserNameOverCert.
I erased the config files and built them fresh.
I have define new users etc. ManOfMystery etc. on my local machine. (On my
local machine, not my domain (I'm can't define users on my domain.)
I believe I am forming the token right and then setting it correctly.
  UsernameToken token =  new UsernameToken("ManOfMystery",
Convert.ToBase64String(passwordBytes),PasswordOption.SendPlainText);

   proxy.SetClientCredential(token);

I have also gone into my LSA and set ManOfMystery to "be trusted for
delegation".

Any ideas would be most appreciated