 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
.NET Forum / ASP.NET / Web Services / February 2006WSE 3.0: Can't get custom UsernameTokenManager to load
I'm using a custom UsernameTokenManager which for some reason just will not load. I've checked my webservice project's web.config many, many times and all looks OK, but I keep getting this error message which shows the standard manager being loaded - not my custom manager (see below). The custom manager is in my webservice project's app_code directory. Are there any gotcha's that I'm not aware of ? BTW the server input trace shows the token through fine (see below). Here's the section of my web.config: <microsoft.web.services3> <policy fileName="wse3policyCache.config" /> <diagnostics> <trace enabled="true" input="InputTrace.webinfo" output="OutputTrace.webinfo" /> </diagnostics> <security> <securityTokenManager> <!-- Register our custom Username token manager --> <add type="MyCompany.Framework.UsernameTokenManager" namespace="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" localName="UsernameToken" /> </securityTokenManager> </security> </microsoft.web.services3> Here's the stack trace: Microsoft.Web.Services3.Security.SecurityFault: The security token could not be authenticated or authorized ---> System.ArgumentException: WSE575: The built-in UsernameTokenManager failed to provide a password. Please see the documentation for more details on the UsernameTokenManager.AuthenticateToken method. at Microsoft.Web.Services3.Security.Tokens.UsernameTokenManager.VerifyPlainTextPassword(UsernameToken token, String authenticatedPassword) at Microsoft.Web.Services3.Security.Tokens.UsernameTokenManager.VerifyPassword(UsernameToken token, String authenticatedPassword) at Microsoft.Web.Services3.Security.Tokens.UsernameTokenManager.VerifyToken(SecurityToken token) at Microsoft.Web.Services3.Security.Tokens.SecurityTokenManager.LoadXmlSecurityToken(XmlElement element) --- End of inner exception stack trace --- at Microsoft.Web.Services3.Security.Tokens.SecurityTokenManager.LoadXmlSecurityToken(XmlElement element) at Microsoft.Web.Services3.Security.Tokens.SecurityTokenManager.GetTokenFromXml(XmlElement element) at Microsoft.Web.Services3.Security.Security.LoadToken(XmlElement element, SecurityConfiguration configuration, Int32& tokenCount) at Microsoft.Web.Services3.Security.Security.LoadXml(XmlElement element) at Microsoft.Web.Services3.Security.SecurityInputFilter.ProcessMessage(SoapEnvelope envelope) at Microsoft.Web.Services3.Security.Wse2PipelinePolicy.LegacyFilterWrapper.ProcessMessage(SoapEnvelope envelope) at Microsoft.Web.Services3.Pipeline.ProcessInputMessage(SoapEnvelope envelope) at Microsoft.Web.Services3.WseProtocol.FilterRequest(SoapEnvelope requestEnvelope) at Microsoft.Web.Services3.WseProtocol.RouteRequest(SoapServerMessage message) at System.Web.Services.Protocols.SoapServerProtocol.Initialize() at System.Web.Services.Protocols.ServerProtocolFactory.Create(Type type, HttpContext context, HttpRequest request, HttpResponse response, Boolean& abortProcessing)"} System.Web.Services.Protocols.SoapHeaderException: {"Microsoft.Web.Services3.Security.SecurityFault: The security token could not be authenticated or authorized ---> System.ArgumentException: WSE575: The built-in UsernameTokenManager failed to provide a password. Please see the documentation for more details on the UsernameTokenManager.AuthenticateToken method. at Microsoft.Web.Services3.Security.Tokens.UsernameTokenManager.VerifyPlainTextPassword(UsernameToken token, String authenticatedPassword) at Microsoft.Web.Services3.Security.Tokens.UsernameTokenManager.VerifyPassword(UsernameToken token, String authenticatedPassword) at Microsoft.Web.Services3.Security.Tokens.UsernameTokenManager.VerifyToken(SecurityToken token) at Microsoft.Web.Services3.Security.Tokens.SecurityTokenManager.LoadXmlSecurityToken(XmlElement element) --- End of inner exception stack trace --- at Microsoft.Web.Services3.Security.Tokens.SecurityTokenManager.LoadXmlSecurityToken(XmlElement element) at Microsoft.Web.Services3.Security.Tokens.SecurityTokenManager.GetTokenFromXml(XmlElement element) at Microsoft.Web.Services3.Security.Security.LoadToken(XmlElement element, SecurityConfiguration configuration, Int32& tokenCount) at Microsoft.Web.Services3.Security.Security.LoadXml(XmlElement element) at Microsoft.Web.Services3.Security.SecurityInputFilter.ProcessMessage(SoapEnvelope envelope) at Microsoft.Web.Services3.Security.Wse2PipelinePolicy.LegacyFilterWrapper.ProcessMessage(SoapEnvelope envelope) at Microsoft.Web.Services3.Pipeline.ProcessInputMessage(SoapEnvelope envelope) at Microsoft.Web.Services3.WseProtocol.FilterRequest(SoapEnvelope requestEnvelope) at Microsoft.Web.Services3.WseProtocol.RouteRequest(SoapServerMessage message) at System.Web.Services.Protocols.SoapServerProtocol.Initialize() at System.Web.Services.Protocols.ServerProtocolFactory.Create(Type type, HttpContext context, HttpRequest request, HttpResponse response, Boolean& abortProcessing)"} Data: {System.Collections.ListDictionaryInternal} HelpLink: Nothing InnerException: Nothing Message: "Microsoft.Web.Services3.Security.SecurityFault: The security token could not be authenticated or authorized ---> System.ArgumentException: WSE575: The built-in UsernameTokenManager failed to provide a password. Please see the documentation for more details on the UsernameTokenManager.AuthenticateToken method. at Microsoft.Web.Services3.Security.Tokens.UsernameTokenManager.VerifyPlainTextPassword(UsernameToken token, String authenticatedPassword) at Microsoft.Web.Services3.Security.Tokens.UsernameTokenManager.VerifyPassword(UsernameToken token, String authenticatedPassword) at Microsoft.Web.Services3.Security.Tokens.UsernameTokenManager.VerifyToken(SecurityToken token) at Microsoft.Web.Services3.Security.Tokens.SecurityTokenManager.LoadXmlSecurityToken(XmlElement element) --- End of inner exception stack trace --- at Microsoft.Web.Services3.Security.Tokens.SecurityTokenManager.LoadXmlSecurityToken(XmlElement element) at Microsoft.Web.Services3.Security.Tokens.SecurityTokenManager.GetTokenFromXml(XmlElement element) at Microsoft.Web.Services3.Security.Security.LoadToken(XmlElement element, SecurityConfiguration configuration, Int32& tokenCount) at Microsoft.Web.Services3.Security.Security.LoadXml(XmlElement element) at Microsoft.Web.Services3.Security.SecurityInputFilter.ProcessMessage(SoapEnvelope envelope) at Microsoft.Web.Services3.Security.Wse2PipelinePolicy.LegacyFilterWrapper.ProcessMessage(SoapEnvelope envelope) at Microsoft.Web.Services3.Pipeline.ProcessInputMessage(SoapEnvelope envelope) at Microsoft.Web.Services3.WseProtocol.FilterRequest(SoapEnvelope requestEnvelope) at Microsoft.Web.Services3.WseProtocol.RouteRequest(SoapServerMessage message) at System.Web.Services.Protocols.SoapServerProtocol.Initialize() at System.Web.Services.Protocols.ServerProtocolFactory.Create(Type type, HttpContext context, HttpRequest request, HttpResponse response, Boolean& abortProcessing)" Source: "System.Web.Services" StackTrace: " at System.Web.Services.Protocols.SoapHttpClientProtocol.ReadResponse(SoapClientMessage message, WebResponse response, Stream responseStream, Boolean asyncCall) at System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String methodName, Object[] parameters) Here's the server input trace: <inputMessage utc="2/02/2006 12:29:11 PM" messageId="urn:uuid:4af1c5a3-dbd8-4cf7-a73e-c6f3581866e2"> <processingStep description="Unprocessed message"> <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"> <soap:Header> <wsa:Action>http://tempuri.org/GetUserByUserName</wsa:Action> <wsa:MessageID>urn:uuid:4af1c5a3-dbd8-4cf7-a73e-c6f3581866e2</wsa:MessageID> <wsa:ReplyTo> <wsa:Address>http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous</wsa:Address> </wsa:ReplyTo> <wsa:To>http://localhost:1349/MembershipWebServices/CATMembershipServices.asmx</wsa:To> <wsse:Security soap:mustUnderstand="1"> <wsu:Timestamp wsu:Id="Timestamp-dacf6f8b-be00-48a4-8a05-2820fe755f63"> <wsu:Created>2006-02-02T12:29:05Z</wsu:Created> <wsu:Expires>2006-02-02T12:34:05Z</wsu:Expires> </wsu:Timestamp> <wsse:UsernameToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="SecurityToken-507021cb-5694-4252-87dd-f764e6001184"> <wsse:Username>rpurchas</wsse:Username> <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1 .0#PasswordText">xyz</wsse:Password> <wsse:Nonce>wq+tQdF0XgVnzXtDXj62VQ==</wsse:Nonce> <wsu:Created>2006-02-02T12:29:05Z</wsu:Created> </wsse:UsernameToken> </wsse:Security> </soap:Header> <soap:Body> <GetUserByUserName xmlns="http://tempuri.org/"> <ApplicationContext>AAEAAAD/////AQAAAAAAAAAMAgAAAD9Db250ZXh0cywgVmVyc2lvbj0xLjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPW51bGwFAQAAACNNU0wuQ0FULkNvbnRleHRzLkFwcGxpY2F0aW9uQ29udGV4dAcAAAAJbURhdGFiYXNlB21TZXJ2ZXIHbVVzZXJJRAxtTmV0VXNlckNvZGUHbVJvbGVJRAltU291cmNlSUQLbUxvY2F0aW9uSUQBAQABAAAACAgICAIAAAAKCgAAAAAKAAAAAAAAAAAAAAAACw==</ApplicationContext> <UserName>rpurchas</UserName> <MembershipApplication>CAT</MembershipApplication> <objUserInfo>AAEAAAD/////AQAAAAAAAAAMAgAAAElNZW1iZXJzaGlwQnVzaW5lc3MsIFZlcnNpb249MS4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1udWxsDAMAAABGTWVtYmVyc2hpcEVudW1zLCBWZXJzaW9uPTEuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49bnVsbAUBAAAAHE1TTC5DQVQuQnVzaW5lc3MuQ0FUVXNlckluZm8UAAAADm1zUHJvdmlkZXJOYW1lBm1zTmFtZRBtUHJvdmlkZXJVc2VyS2V5B21zRW1haWwSbXNQYXNzd29yZFF1ZXN0aW9uCm1zUGFzc3dvcmQJbXNDb21tZW50DG1iSXNBcHByb3ZlZA1tYklzTG9ja2VkT3V0Dm1kQ3JlYXRpb25EYXRlD21kTGFzdExvZ2luRGF0ZRJtZExhc3RBY3Rpdml0eURhdGUZbWRMYXN0UGFzc3dvcmRDaGFuZ2VkRGF0ZRJtc2RMYXN0TG9ja291dERhdGUNbUNBVExvZ2luVHlwZRNFbnRpdHkrbUlzUG9wdWxhdGVkDUVudGl0eSttSXNOZXcPRW50aXR5K21Jc0RpcnR5GEVudGl0eSttVmFsaWRhdGlvbkVycm9ycxFFbnRpdHkrbVRpbWVzdGFtcAEBAgEBAQEAAAAAAAAABAAAAAMHAQENDQ0NDSBNU0wuQ0FULkVudW1zLkNBVExvZ2luRW50aXR5VHlwZQMAAAABAQEcU3lzdGVtLkNvbGxlY3Rpb25zLkFycmF5TGlzdAICAAAACgoKCgoKCgAAMPMBhmf2x4gw8wGGZ/bHiDDzAYZn9seIMPMBhmf2x4gw8wGGZ/bHiAX8////IE1TTC5DQVQuRW51bXMuQ0FUTG9naW5FbnRpdHlUeXBlAQAAAAd2YWx1ZV9fAAgDAAAAAAAAAAABAAkFAAAACgQFAAAAHFN5c3RlbS5Db2xsZWN0aW9ucy5BcnJheUxpc3QDAAAABl9pdGVtcwVfc2l6ZQhfdmVyc2lvbgUAAAgICQYAAAAAAAAAAAAAABAGAAAAAAAAAAs=</objUserInfo> <UpdateLastActivity>false</UpdateLastActivity> </GetUserByUserName> </soap:Body> </soap:Envelope> </processingStep> <processingStep description="Entering SOAP filter Microsoft.Web.Services3.Security.Wse2PipelinePolicy+LegacyFilterWrapper" /> <processingStep description="Exception thrown: The security token could not be authenticated or authorized"> at Microsoft.Web.Services3.Security.Tokens.SecurityTokenManager.LoadXmlSecurityToken(XmlElement element) at Microsoft.Web.Services3.Security.Tokens.SecurityTokenManager.GetTokenFromXml(XmlElement element) at Microsoft.Web.Services3.Security.Security.LoadToken(XmlElement element, SecurityConfiguration configuration, Int32& tokenCount) at Microsoft.Web.Services3.Security.Security.LoadXml(XmlElement element) at Microsoft.Web.Services3.Security.SecurityInputFilter.ProcessMessage(SoapEnvelope envelope) at Microsoft.Web.Services3.Security.Wse2PipelinePolicy.LegacyFilterWrapper.ProcessMessage(SoapEnvelope envelope) at Microsoft.Web.Services3.Pipeline.ProcessInputMessage(SoapEnvelope envelope)</processingStep> </inputMessage> Many thanks, Richard Hi Richard, The configuration looks ok. I think the problem is in your UsernameTokenManager class, could you post the code for that class ?. Thanks Pablo Cibraro http://weblogs.asp.net/cibrax http://www.lagash.com > I'm using a custom UsernameTokenManager which for some reason just will > not load. I've checked my webservice project's web.config many, many times [quoted text clipped - 241 lines] > Many thanks, > Richard I saw this same symptom when my web.config had a very subtle errror. I had mis-typed the localName=UsernameToken, only by capitalizing the N in Name. At any rate, I think your assembly is not being loaded. A couple of differences I see between yours and mine, one being you don't have an <assemblies> reference, the other being you don't fully qualify your type. <compilation debug="true"> <assemblies> <add assembly="Microsoft.Web.Services3, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" /> <add assembly="brad.test.wse, Version=1.0.0.0, Culture=neutral, PublicKeyToken=D6377EADA464F341" /> </assemblies> </compilation> </system.web> <microsoft.web.services3> <policy fileName="wse3policyCache.config" /> <security> <securityTokenManager> <add type="brad.test.wse.MyTokenManager, brad.test.wse, Version=1.0.0.0, Culture=neutral, PublicKeyToken=d6377eada464f341" namespace="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" localName="UsernameToken" /> </securityTokenManager> </security> Thanks for your replies. I actually fixed this a couple of hours after sending the original message; turns out that my custom TokenManager WAS being invoked all along - its just that as it was being invoked via a web service, the debugger wouldn't automatically step into my custom manager. Still, the error stack could've been a little more helpful. Thanks again, Richard >I saw this same symptom when my web.config had a very subtle errror. I > had mis-typed the localName=UsernameToken, only by capitalizing the N [quoted text clipped - 22 lines] > </securityTokenManager> > </security> Free MagazinesGet these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...
|
Reply to this Message
|
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2008 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.