"Matthias" <was19@gmx.de> wrote in message
news:2cfee7ec.0501120606.278eded0@posting.google.com...
> Hi guys,
>
> I tried to follow the example for securing a webservice with a
> UsernameToken
> (http://msdn.microsoft.com/library/en-us/wse/html/cf2b92f2-2338-4af9-89c1-38fe0eab7730.asp).
> I have a class CustomUsernameTokenManager derived from
> UsernameTokenManager with a function AuthenticateToken(UsernameToken
> userName). The CustomUsernameTokenManager is registered in the
> web.config with
>
> <code from web.config>
>
> <?xml version="1.0" encoding="utf-8"?>
> <configuration>
> <configSections>
> <section name="microsoft.web.services2"
> type="Microsoft.Web.Services2.Configuration.WebServicesConfiguration,
> Microsoft.Web.Services2, Version=2.0.0.0, Culture=neutral,
> PublicKeyToken=31bf3856ad364e35" />
> </configSections>
> <system.web>
> <webServices>
> <soapExtensionTypes>
> <add type="Microsoft.Web.Services2.WebServicesExtension,
> Microsoft.Web.Services2, Version=2.0.0.0, Culture=neutral,
> PublicKeyToken=31bf3856ad364e35" priority="1" group="0" />
> </soapExtensionTypes>
> </webServices>
> <microsoft.web.services2>
> <security>
> <securityTokenManager type="MyNamespace.CustomUsernameTokenManager,
> MyNamespace" xmlns:wsse="http://tempuri.org/MyNamespace"
> qname="wsse:UsernameToken" />
> </security>
> <diagnostics>
> <detailedErrors enabled="true" />
> <trace enabled="false" />
> </diagnostics>
> </microsoft.web.services2>
> </configuration>
>
> </code>
>
> The Client calls a webservice with the following:
>
> <code from client>
>
> UsernameToken userToken = new UsernameToken("xxx", "yyy",
> PasswordOption.SendPlainText);
> webservice.HelloServiceWse serviceProxy = new
> webservice.HelloServiceWse();
> SoapContext requestContext = serviceProxy.RequestSoapContext;
> requestContext.Security.Tokens.Add(userToken);
> MessageSignature sig = new MessageSignature(userToken);
> requestContext.Security.Elements.Add(sig);
> requestContext.Security.Timestamp.TtlInSeconds = 60;
> textBox1.Text = serviceProxy.sayHello();
>
> </code>
>
> Every time I call the webservice function an security error occurs. In
> the AuthenticateToken function I return "yyy".
>
> <code from error>
>
> 'System.Web.Services.Protocols.SoapHeaderException' occured in
> system.web.services.dll
>
> Additional information:
>
> Microsoft.Web.Services2.Security.SecurityFault: The security token
> could not be authenticated or authorized
> at
> Microsoft.Web.Services2.Security.Tokens.UsernameTokenManager.OnLogonUserFailed(UsernameToken
> token)
> at
> Microsoft.Web.Services2.Security.Tokens.UsernameTokenManager.LogonUser(UsernameToken
> token)
> at
> Microsoft.Web.Services2.Security.Tokens.UsernameTokenManager.AuthenticateToken(UsernameToken
> token)
> at
> Microsoft.Web.Services2.Security.Tokens.UsernameTokenManager.VerifyToken(SecurityToken
> securityToken)
> at
> Microsoft.Web.Services2.Security.Tokens.SecurityTokenManager.LoadXmlSecurityToken(XmlElement
> element)
> at
> Microsoft.Web.Services2.Security.Tokens.SecurityTokenManager.GetTokenFromXml(XmlElement
> element)
> at Microsoft.Web.Services2.Security.Security.LoadToken(XmlElement
> element, SecurityConfiguration configuration, Int32& tokenCount)
> at Microsoft.Web.Services2.Security.Security.LoadXml(XmlElement
> element)
> at
> Microsoft.Web.Services2.Security.SecurityInputFilter.ProcessMessage(SoapEnvelope
> envelope)
> at Microsoft.Web.Services2.Pipeline.ProcessInputMessage(SoapEnvelope
> envelope)
> at
> Microsoft.Web.Services2.WebServicesExtension.BeforeDeserializeServer(SoapServerMessage
> message)
>
> </code>
>
> I don't know why but the AuthenticateToken function is never called.
> What is wrong?