Unsecured or incorrectly secured fault error when calling a service with code-behind instead of Web.Config endpoint
...As is often the case, I had the wrong configuration. I was getting a certificate called "MaternumCertificateClient" instead of what my server has configured, which is "MaternumCertificateServer".
More important is how I got to the error.
First step, I set up Wireshark to see what the server replied with:
HTTP/1.1 500 Internal Server Error
Cache-Control: private
Content-Type: application/soap+xml; charset=utf-8
Server: Microsoft-IIS/10.0
Set-Cookie: ASP.NET_SessionId=k0xmopx3eitnvmocv1rjas4h; path=/; HttpOnly
X-AspNet-Version: 4.0.30319
X-SourceFiles: =?UTF-8?B?QzpcREVWXE1BVFxNYXRlcm51bV9hcHBcc2VydmljZXNcTWF0ZXJudW1QZGZTZXJ2aWNlLnN2Y1xzb2Fw?=
X-Powered-By: ASP.NET
Date: Thu, 22 Aug 2019 16:25:19 GMT
Content-Length: 648
<s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:a="http://www.w3.org/2005/08/addressing">
<s:Header>
<a:Action s:mustUnderstand="1">http://www.w3.org/2005/08/addressing/soap/fault</a:Action>
<a:RelatesTo>urn:uuid:uid is here</a:RelatesTo>
</s:Header>
<s:Body>
<s:Fault>
<s:Code>
<s:Value>s:Sender</s:Value>
<s:Subcode>
<s:Value xmlns:a="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">a:InvalidSecurity</s:Value>
</s:Subcode>
</s:Code>
<s:Reason>
<s:Text xml:lang="en-GB">An error occurred when verifying security for the message.</s:Text>
</s:Reason>
</s:Fault>
</s:Body>
</s:Envelope>
Not much better, but I at least knew who was throwing the exception. So, I looked up if I could find out in more detail. I came across this: An error occurred when verifying security for the message
So, as indicated, I set my server with the following:
<serviceSecurityAudit auditLogLocation=“Application“
serviceAuthorizationAuditLevel=“Failure“
messageAuthenticationAuditLevel=“Failure“
suppressAuditFailure=“true“ />
At configuration/system.serviceModel/behaviors/serviceBehaviors/behavior.
Then, Windows Event Viewer had details on the error.
Windows Event Viewer details
The message shown,
MessageSecurityException: The EncryptedKey clause was not wrapped with the required encryption token 'System.IdentityModel.Tokens.X509SecurityToken'.
indicates a mismatched certificate. I was loading one named MaternumCertificateClient, and I needed MaternumCertificateServer.
Additionally, the lines
pdfService.ClientCredentials.ClientCertificate.Certificate = cert;
pdfService.ClientCredentials.ServiceCertificate.Authentication.CertificateValidationMode = X509CertificateValidationMode.PeerTrust;
pdfService.ClientCredentials.ServiceCertificate.DefaultCertificate = GetCertificate("MaternumCertificateClient");
are actually not needed; the certificate is read from the endpoint's identity and these settings weren't required for my setup to work.
an unsecured or incorrectly secured fault was received from the other party
Sorry, but there are a thousand reasons why your service might be getting slow. Most of them will have nothing to do with WCF. I strongly suspect you have a resource leak of some sort, but it's impossible to tell what it is without more information.
An unsecured or incorrectly secured fault was received from the other party.(When working with SAML )
I have resolved error which i had mentioned above.I had to add following tag under my wsfederationbinding
<allowedAudienceUris>
<add allowedAudienceUri="http://localhost/WCF_MobileInterface/MobileService.svc"/>
</allowedAudienceUris>
the uri mentioned within allowedAudienceuri attribute is the host WCF service.
Actually i got to know this was the error when I added the following tag to host WCF service's web config file(),
<serviceSecurityAudit auditLogLocation="Application" serviceAuthorizationAuditLevel="Failure" messageAuthenticationAuditLevel="Failure" suppressAuditFailure="true" />
under behavior tag which was mapping to my wsfederationbinding,this tag logs the exact error message within application log category within system`s eventviewer.
Note: I had enabled tracing at server and consumer level, it didnt give proper error message.but I found the issue by checking the error logs in event viewer
hope this helps someone who is struggling with similar sort of error.
Related Topics
Ilookup<Tkey, Tval> VS. Igrouping<Tkey, Tval>
How to Unit Test with Ilogger in ASP.NET Core
Xamarin Project Not Running, Assembly Not Found
Correct Way to Get the Coredispatcher in a Windows Store App
Simple Delegate (Delegate) VS. Multicast Delegates
Receiving JSON Data Back from Http Request
How to Store JSON in an Entity Field with Ef Core
Sortedlist<>, Sorteddictionary<> and Dictionary<>
Learning Single Responsibility Principle with C#
Accessing All the Nodes in Treeview Control
How to Store (And Manage) Application License Information
How to Solve Circular Reference
Convert an Object to an Xml String
When Using a Settings.Settings File in .Net, Where Is the Config Actually Stored