"Mark Bosley" <mark.nspam@lightcc.com> wrote in message
news:OX9h0V10FHA.3568@TK2MSFTNGP15.phx.gbl...
>I am trying to do UserNameOver Certificate auth and the inner exception I
>get is
> "Security requirements are not satisfied because the security header is
> not present in the incoming message."
> And in my log I find
> Event Type: Failure Audit
> Event Source: Security
> Event Category: Logon/Logoff
> Event ID: 529
> Date: 10/17/2005
> Time: 2:43:50 PM
> User: NT AUTHORITY\SYSTEM
> Computer: FOOBAR <=======EDITED obviously not real
> Description:
> Logon Failure:
> Reason: Unknown user name or bad password
> User Name: ManOfMystery < ditto
> Domain: FOOBAR
> Logon Type: 8
> Logon Process: Advapi
> Authentication Package: Negotiate
> Workstation Name: FOOBAR
>
>
>
> OK, I have most of the QuickStarts working well. I am now trying
> to use the Demo from Keith Brown's article
> http://msdn.microsoft.com/msdnmag/issues/05/11/SecurityBriefs/default.aspx
> which I am switching from Kerberos to UserNameOverCert.
> I erased the config files and built them fresh.
> I have define new users etc. ManOfMystery etc. on my local machine. (On my
> local machine, not my domain (I'm can't define users on my domain.)
> I believe I am forming the token right and then setting it correctly.
> UsernameToken token = new UsernameToken("ManOfMystery",
> Convert.ToBase64String(passwordBytes),PasswordOption.SendPlainText);
>
> proxy.SetClientCredential(token);
>
>
> I have also gone into my LSA and set ManOfMystery to "be trusted for
> delegation".
>
> Any ideas would be most appreciated
>
>
>
>
>

"Pablo Cibraro" <pcibraro@hotmail.com> wrote in message
news:u1UT3BB1FHA.908@tk2msftngp13.phx.gbl...
> Hi Mark,
> The default implementation for the UsernameTokenManager verifies the
> username token against a valid windows account using the API "LogonUser".
> You are sending a username token with an nonexisting windows account or
> its password is wrong.
>
> Regards,
> Pablo Cibraro
> http://weblogs.asp.net/cibrax
>
> "Mark Bosley" <mark.nspam@lightcc.com> wrote in message
> news:OX9h0V10FHA.3568@TK2MSFTNGP15.phx.gbl...
>>I am trying to do UserNameOver Certificate auth and the inner exception I
>>get is
>> "Security requirements are not satisfied because the security header is
>> not present in the incoming message."
>> And in my log I find
>> Event Type: Failure Audit
>> Event Source: Security
>> Event Category: Logon/Logoff
>> Event ID: 529
>> Date: 10/17/2005
>> Time: 2:43:50 PM
>> User: NT AUTHORITY\SYSTEM
>> Computer: FOOBAR <=======EDITED obviously not real
>> Description:
>> Logon Failure:
>> Reason: Unknown user name or bad password
>> User Name: ManOfMystery < ditto
>> Domain: FOOBAR
>> Logon Type: 8
>> Logon Process: Advapi
>> Authentication Package: Negotiate
>> Workstation Name: FOOBAR
>>
>>
>>
>> OK, I have most of the QuickStarts working well. I am now trying
>> to use the Demo from Keith Brown's article
>> http://msdn.microsoft.com/msdnmag/issues/05/11/SecurityBriefs/default.aspx
>> which I am switching from Kerberos to UserNameOverCert.
>> I erased the config files and built them fresh.
>> I have define new users etc. ManOfMystery etc. on my local machine. (On
>> my local machine, not my domain (I'm can't define users on my domain.)
>> I believe I am forming the token right and then setting it correctly.
>> UsernameToken token = new UsernameToken("ManOfMystery",
>> Convert.ToBase64String(passwordBytes),PasswordOption.SendPlainText);
>>
>> proxy.SetClientCredential(token);
>>
>>
>> I have also gone into my LSA and set ManOfMystery to "be trusted for
>> delegation".
>>
>> Any ideas would be most appreciated
>>
>>
>>
>>
>>
>
>