 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
.NET Forum / ASP.NET / Web Services / February 2006Kerberos Authentication and WSE 3.0
Hi I have been trying hard to get the kerberos authentication work with WSE 3.0 I have a hello world service protected by a Kerberos policy file using WSE 3.0 tool Based on some recommendations I have done the following 1) Change ASPNET account to run under SYSTEM in machine.config 2) Given Permission "Act as Part of Operating System" for ASPNET account On my ASP.NET 2.0 CLIENT app i write the following lines Dim svProxy As New localhost.ServiceWse Dim strTargetPrincipalName As String = "host/" + System.Net.Dns.GetHostName Dim tok As New Microsoft.Web.Services3.Security.Tokens.KerberosToken(strTargetPrincipalName) svProxy.SetClientCredential(tok) Response.Write(svProxy.HelloWorld) I get the following error. I have absolutely no idea to fix this, i have tried so many things but nothing did the trick, any help would be highly appreciated. Error Details ***************** Exception Details: System.Web.Services.Protocols.SoapHeaderException: System.Web.Services.Protocols.SoapHeaderException: Server unavailable, please try later ---> System.ApplicationException: WSE841: An error occured processing an outgoing fault response. ---> System.Web.Services.Protocols.SoapHeaderException: Microsoft.Web.Services3.Security.SecurityFault: SecurityContextToken is expected but not present in the security header of the incoming message. at Microsoft.Web.Services3.Security.SecureConversationServiceReceiveSecurityFilter.ValidateSecureConversationMessageSecurity(SoapEnvelope envelope, Security security, MessageProtectionRequirements request) at Microsoft.Web.Services3.Security.SecureConversationServiceReceiveSecurityFilter.ValidateMessageSecurity(SoapEnvelope envelope, Security security) at Microsoft.Web.Services3.Security.ReceiveSecurityFilter.ProcessMessage(SoapEnvelope envelope) at Microsoft.Web.Services3.Pipeline.ProcessInputMessage(SoapEnvelope envelope) at Microsoft.Web.Services3.WseProtocol.FilterRequest(SoapEnvelope requestEnvelope) at Microsoft.Web.Services3.WseProtocol.RouteRequest(SoapServerMessage message) at System.Web.Services.Protocols.SoapServerProtocol.Initialize() at System.Web.Services.Protocols.ServerProtocolFactory.Create(Type type, HttpContext context, HttpRequest request, HttpResponse response, Boolean& abortProcessing) --- End of inner exception stack trace --- --- End of inner exception stack trace --- Thanks in Advance Murali Ram, It looks like you are not sending the security token correctly. The following link should help http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnpag2/html/wss _ch3_impmlskerb_wse30.asp Using the system user is not a good idea.I recommend you read the security link http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/html/S ecNetAP05.asp Hope this will help. > Hi I have been trying hard to get the kerberos authentication work with > WSE 3.0 [quoted text clipped - 57 lines] > Thanks in Advance > Murali Hi Many thanks, I have followed the pattern article. I am testing this on a windows xp box 1) I created a domain account with suggested privileges 2) I have changed the processmodel section to run under this account 3) I have created a arbitrary SPN in my domain controller for the account But the WSE 841 refuses to go away. This is a proof of concept application and i am unable to get past this for more than 48 hours!!! System.Web.Services.Protocols.SoapHeaderException: System.Web.Services.Protocols.SoapHeaderException: Server unavailable, please try later ---> System.ApplicationException: WSE841: An error occured processing an outgoing fault response. ---> System.Web.Services.Protocols.SoapHeaderException: Microsoft.Web.Services3.Security.SecurityFault: SecurityContextToken is expected but not present in the security header of the incoming message. at Microsoft.Web.Services3.Security.SecureConversationServiceReceiveSecurityFilter.ValidateSecureConversationMessageSecurity(SoapEnvelope envelope, Security security, MessageProtectionRequirements request) at Microsoft.Web.Services3.Security.SecureConversationServiceReceiveSecurityFilter.ValidateMessageSecurity(SoapEnvelope envelope, Security security) at Microsoft.Web.Services3.Security.ReceiveSecurityFilter.ProcessMessage(SoapEnvelope envelope) at Microsoft.Web.Services3.Pipeline.ProcessInputMessage(SoapEnvelope envelope) at Microsoft.Web.Services3.WseProtocol.FilterRequest(SoapEnvelope requestEnvelope) at Microsoft.Web.Services3.WseProtocol.RouteRequest(SoapServerMessage message) at System.Web.Services.Protocols.SoapServerProtocol.Initialize() at System.Web.Services.Protocols.ServerProtocolFactory.Create(Type type, HttpContext context, HttpRequest request, HttpResponse response, Boolean& abortProcessing) Read this article. http://forums.microsoft.com/MSDN/ShowPost.aspx?PostID=216041&SiteID=1 Let me know if this helps.
Free MagazinesGet these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...
|
Reply to this Message
|
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2008 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.