I get following exception every time I run my service thru ordinary IIS
instead of Default IIS in VS.NET Studio. My service is a simple
'Hello World with certificate policy. My client is simple ASP.NET Web
Site with one button and textbox. I use Certificate Policy
(mutualCertificate11Security) on both server and client. (I have tried
this with anonymousForCertificateSecurity and got same bad result).
Everything works fine if my service and webclient is in same solution
and I run everything thru VS.NET studio build in IIS. But If I create a
virtual directory in my computer IIS, run my service there, change my
web reference to this service I get this exception:

WSE910: An error happened during the processing of a response message,
and you can find the error in the inner exception.  You can also find
the response message in the Response property.

  at
Microsoft.Web.Services3.Xml.SoapEnvelopeReaderWrapper..ctor(SoapClientMessage
message, String messageContentType)
  at
Microsoft.Web.Services3.WebServicesClientProtocol.GetReaderForMessage(SoapClientMessage
message, Int32 bufferSize)
  at
System.Web.Services.Protocols.SoapHttpClientProtocol.ReadResponse(SoapClientMessage
message, WebResponse response, Stream responseStream, Boolean
asyncCall)
  at
System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String
methodName, Object[] parameters)
  at localhost.ServiceWse.HelloWorld() in
e:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET
Files\website10\b15bc141\c8235faa\App_WebReferences.qqc4zbev.0.cs:line
46
  at _Default.Button1_Click(Object sender, EventArgs e) in
S:\Security\WSEbasic\WSEbasic10\WebSite10\Default.aspx.vb:line 11
--------------Inner Exception ----------------------------
Security requirements are not satisfied because the security header is
not present in the incoming message.

  at
Microsoft.Web.Services3.Security.SecureConversationClientReceiveSecurityFilter.ValidateMessageSecurity(SoapEnvelope
envelope, Security security)
  at
Microsoft.Web.Services3.Security.ReceiveSecurityFilter.ProcessMessage(SoapEnvelope
envelope)
  at Microsoft.Web.Services3.Pipeline.ProcessInputMessage(SoapEnvelope
envelope)
  at
Microsoft.Web.Services3.Xml.SoapEnvelopeReaderWrapper..ctor(SoapClientMessage
message, String messageContentType)

Here is my service code:

Imports System.Web
Imports System.Web.Services
Imports System.Web.Services.Protocols
Imports System.Security.Principal
Imports Microsoft.Web.Services3
Imports Microsoft.Web.Services3.Design

<WebService(Namespace:="http://tempuri.org/")> _
<WebServiceBinding(ConformsTo:=WsiProfiles.BasicProfile1_1)> _
<Global.Microsoft.VisualBasic.CompilerServices.DesignerGenerated()> _
<Policy("ServerCertPolicy")> _
Public Class xService
   Inherits System.Web.Services.WebService

   <WebMethod()> _
   Public Function HelloWorld() As String
       Return "Hello World from xWebService 5"
   End Function

End Class

My service web.config looks like that:

<?xml version="1.0" encoding="utf-8"?>
<configuration
xmlns="http://schemas.microsoft.com/.NetConfiguration/v2.0">
 <configSections>
   <section name="microsoft.web.services3"
type="Microsoft.Web.Services3.Configuration.WebServicesConfiguration,
Microsoft.Web.Services3, Version=3.0.0.0, Culture=neutral,
PublicKeyToken=31bf3856ad364e35" />
 </configSections>
 <appSettings />
 <connectionStrings />
 <system.web>
   <compilation debug="true" strict="false" explicit="true">
     <assemblies>
       <add assembly="Microsoft.Web.Services3, Version=3.0.0.0,
Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
     </assemblies>
   </compilation>
   <pages>
     <namespaces>
       <clear />
       <add namespace="System" />
       <add namespace="System.Collections" />
       <add namespace="System.Collections.Specialized" />
       <add namespace="System.Configuration" />
       <add namespace="System.Text" />
       <add namespace="System.Text.RegularExpressions" />
       <add namespace="System.Web" />
       <add namespace="System.Web.Caching" />
       <add namespace="System.Web.SessionState" />
       <add namespace="System.Web.Security" />
       <add namespace="System.Web.Profile" />
       <add namespace="System.Web.UI" />
       <add namespace="System.Web.UI.WebControls" />
       <add namespace="System.Web.UI.WebControls.WebParts" />
       <add namespace="System.Web.UI.HtmlControls" />
     </namespaces>
   </pages>
   <webServices>
     <soapExtensionImporterTypes>
       <add
type="Microsoft.Web.Services3.Description.WseExtensionImporter,
Microsoft.Web.Services3, Version=3.0.0.0, Culture=neutral,
PublicKeyToken=31bf3856ad364e35" />
     </soapExtensionImporterTypes>
     <soapServerProtocolFactory
type="Microsoft.Web.Services3.WseProtocolFactory,
Microsoft.Web.Services3, Version=3.0.0.0, Culture=neutral,
PublicKeyToken=31bf3856ad364e35" />
   </webServices>
 </system.web>
 <microsoft.web.services3>
   <security>
     <x509 allowTestRoot="false" storeLocation="LocalMachine" />
   </security>
   <policy fileName="wse3policyCache.config" />
   <diagnostics>
     <trace enabled="true" input="logs\InputTrace.webinfo"
output="logs\OutputTrace.webinfo" />
   </diagnostics>
 </microsoft.web.services3>
</configuration>

... and my service policy looks like that:

<policies xmlns="http://schemas.microsoft.com/wse/2005/06/policy">
 <extensions>
   <extension name="mutualCertificate11Security"
type="Microsoft.Web.Services3.Design.MutualCertificate11Assertion,
Microsoft.Web.Services3, Version=3.0.0.0, Culture=neutral,
PublicKeyToken=31bf3856ad364e35" />
   <extension name="x509"
type="Microsoft.Web.Services3.Design.X509TokenProvider,
Microsoft.Web.Services3, Version=3.0.0.0, Culture=neutral,
PublicKeyToken=31bf3856ad364e35" />
   <extension name="requireActionHeader"
type="Microsoft.Web.Services3.Design.RequireActionHeaderAssertion,
Microsoft.Web.Services3, Version=3.0.0.0, Culture=neutral,
PublicKeyToken=31bf3856ad364e35" />
 </extensions>
 <policy name="ServerCertPolicy">
   <mutualCertificate11Security establishSecurityContext="false"
renewExpiredSecurityContext="true" requireSignatureConfirmation="true"
messageProtectionOrder="SignBeforeEncrypt" requireDerivedKeys="true"
ttlInSeconds="300">
     <serviceToken>
       <x509 storeLocation="LocalMachine" storeName="My"
findValue="CN=WSE2QuickStartServer"
findType="FindBySubjectDistinguishedName" />
     </serviceToken>
     <protection>
       <request signatureOptions="IncludeAddressing, IncludeTimestamp,
IncludeSoapBody" encryptBody="true" />
       <response signatureOptions="IncludeAddressing,
IncludeTimestamp, IncludeSoapBody" encryptBody="true" />
       <fault signatureOptions="IncludeAddressing, IncludeTimestamp,
IncludeSoapBody" encryptBody="false" />
     </protection>
   </mutualCertificate11Security>
   <requireActionHeader />
 </policy>
</policies>

My client looks like that:

<%@ Page Language="VB" AutoEventWireup="false"
CodeFile="Default.aspx.vb" Inherits="_Default" %>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" >
<head runat="server">
   <title>WebSite11</title>
</head>
<body>
   <form id="form1" runat="server">
   <div>
       <asp:Button ID="Button1" runat="server" Text="WSEservice 2"
Width="160px" /><asp:TextBox
           ID="TextBox1" runat="server" Height="440px"
TextMode="MultiLine" Width="800px"></asp:TextBox>&nbsp;</div>
   </form>
</body>
</html>

... and client code:

Imports Microsoft.VisualBasic.ControlChars

Partial Class _Default
   Inherits System.Web.UI.Page

   Protected Sub Button1_Click(ByVal sender As Object, ByVal e As
System.EventArgs) Handles Button1.Click
       Try
           TextBox1.Text = String.Empty
           Dim proxy As New localhost.ServiceWse
           proxy.SetPolicy("ClientCertPolicy")
           TextBox1.Text = proxy.HelloWorld
       Catch ex As Exception
           Dim strMsg As String = ex.Message & CrLf & CrLf &
ex.StackTrace
           Dim exIn As Exception = ex
           Do
               exIn = exIn.InnerException
               If Not exIn Is Nothing Then
                   strMsg += CrLf & "--------------Inner Exception
----------------------------" & CrLf
                   strMsg += exIn.Message & CrLf & CrLf &
exIn.StackTrace
               Else
                   Exit Do
               End If
           Loop
           TextBox1.Text = "----- WSEservice 2 Exception --------" &
CrLf & strMsg
       End Try
   End Sub
End Class

...with client policy like this:

<policies xmlns="http://schemas.microsoft.com/wse/2005/06/policy">
 <extensions>
   <extension name="mutualCertificate11Security"
type="Microsoft.Web.Services3.Design.MutualCertificate11Assertion,
Microsoft.Web.Services3, Version=3.0.0.0, Culture=neutral,
PublicKeyToken=31bf3856ad364e35" />
   <extension name="x509"
type="Microsoft.Web.Services3.Design.X509TokenProvider,
Microsoft.Web.Services3, Version=3.0.0.0, Culture=neutral,
PublicKeyToken=31bf3856ad364e35" />
   <extension name="requireActionHeader"
type="Microsoft.Web.Services3.Design.RequireActionHeaderAssertion,
Microsoft.Web.Services3, Version=3.0.0.0, Culture=neutral,
PublicKeyToken=31bf3856ad364e35" />
 </extensions>
 <policy name="ClientCertPolicy">
   <mutualCertificate11Security establishSecurityContext="false"
renewExpiredSecurityContext="true" requireSignatureConfirmation="true"
messageProtectionOrder="SignBeforeEncrypt" requireDerivedKeys="true"
ttlInSeconds="300">
     <clientToken>
       <x509 storeLocation="CurrentUser" storeName="My"
findValue="CN=WSE2QuickStartClient"
findType="FindBySubjectDistinguishedName" />
     </clientToken>
     <serviceToken>
       <x509 storeLocation="CurrentUser" storeName="AddressBook"
findValue="CN=WSE2QuickStartServer"
findType="FindBySubjectDistinguishedName" />
     </serviceToken>
     <protection>
       <request signatureOptions="IncludeAddressing, IncludeTimestamp,
IncludeSoapBody" encryptBody="true" />
       <response signatureOptions="IncludeAddressing,
IncludeTimestamp, IncludeSoapBody" encryptBody="true" />
       <fault signatureOptions="IncludeAddressing, IncludeTimestamp,
IncludeSoapBody" encryptBody="false" />
     </protection>
   </mutualCertificate11Security>
   <requireActionHeader />
 </policy>
</policies>

Authentications methods in IIS "Anonymous access" are on and
"Intergrated Windows authentication" is on. My ASP.NET version is
2.0.50727 and I use Visual Studio 2005 Team Suite vers: 8.0.50727.42
I use WSE 3.0 version 3.0.5305.0
I have tried this problem with many different solution - both Windows
Forms client and different configuration in ASP.NET client and it just
won't work. As far as I know message "Security requirements are not
satisfied because the security header is not present in the incoming
message" means that soap envelope for the request dosen't contain
the security header. Why does my standard IIS fail with adding that
header to the client? Anybody have answer to this problem?

Jack