D
David M. Young
I posted this to microsoft.public.dotnet.framework.webservices.enhancements a few days ago, but I'm not getting any helpful responses. I hope someone can help.
Here's my code for the Web Service (SimpleWseServer.ServicesMain.asmx)
[WebMethod]
public string HelloWorld(string username)
{
SoapContext ctxt = RequestSoapContext.Current;
foreach(SecurityToken token in ctxt.Security.Tokens)
{
if(token is UsernameToken)
{
UsernameToken user = (UsernameToken)token;
if(user.Username==username)
{
if(user.Principal.IsInRole(System.Net.Dns.GetHostName() + @"\Kings"))
return "Hello, King " + username;
return "Hello, " + username;
}
}
}
return "Hello, Liar";
}
Here the client code (it's a button click event in a WindowsForm)
private void btn_login_Click(object sender, System.EventArgs e)
{
string username = txt_username.Text;
string password = txt_password.Text;
SimpleWseClient.localhost.ServicesMainWse proxy = new
SimpleWseClient.localhost.ServicesMainWse();
proxy.Url = "http://localhost/SimpleWseServer/ServicesMain.asmx";
proxy.RequestSoapContext.Security.Tokens.Add(new UsernameToken(username,
password, PasswordOption.SendPlainText));
txt_response.Text = proxy.HelloWorld(username);
}
Here's the exception stack:
Additional information: Microsoft.Web.Services2.Security.SecurityFault: The
security token could not be authenticated or authorized
at
Microsoft.Web.Services2.Security.Tokens.UsernameTokenManager.OnLogonUserFail
ed(UsernameToken token)
at
Microsoft.Web.Services2.Security.Tokens.UsernameTokenManager.LogonUser(Usern
ameToken token)
at
Microsoft.Web.Services2.Security.Tokens.UsernameTokenManager.AuthenticateTok
en(UsernameToken token)
at
Microsoft.Web.Services2.Security.Tokens.UsernameTokenManager.VerifyToken(Sec
urityToken securityToken)
at
Microsoft.Web.Services2.Security.Tokens.SecurityTokenManager.LoadXmlSecurity
Token(XmlElement element)
at
Microsoft.Web.Services2.Security.Tokens.SecurityTokenManager.GetTokenFromXml
(XmlElement element)
at Microsoft.Web.Services2.Security.Security.LoadXml(XmlElement element)
at
Microsoft.Web.Services2.Security.SecurityInputFilter.ProcessMessage(SoapEnve
lope envelope)
at Microsoft.Web.Services2.Pipeline.ProcessInputMessage(SoapEnvelope
envelope)
at
Microsoft.Web.Services2.WebServicesExtension.BeforeDeserializeServer(SoapSer
verMessage message)
I can't figure out why Windows Authentication is failing? I've enable tracing on both the input and output. The input shows the correct username and password being passed.
The account I'm using is a local account and the group is local as well. I can log in locally with that same username/password combination. I've tried using the following for the username ( username and LOCALMACHINE\username). I've even used my domain login and all receive the same error. I've used the RunAs command to launch other applications as this user and that works.
I also downloaded the Hand-On-Lab (HOLDEVL34: WSE 2.0 Security and Policy) and have tried the supplied "SecureInvoiceA" exercises, but those give the same error as above.
I'd like to move on to implementing my own UsernameTokenManager, but can concieve of doing so until this simple (so it seems) solution can be made to work.
Any help is appreciated.
Here's my code for the Web Service (SimpleWseServer.ServicesMain.asmx)
[WebMethod]
public string HelloWorld(string username)
{
SoapContext ctxt = RequestSoapContext.Current;
foreach(SecurityToken token in ctxt.Security.Tokens)
{
if(token is UsernameToken)
{
UsernameToken user = (UsernameToken)token;
if(user.Username==username)
{
if(user.Principal.IsInRole(System.Net.Dns.GetHostName() + @"\Kings"))
return "Hello, King " + username;
return "Hello, " + username;
}
}
}
return "Hello, Liar";
}
Here the client code (it's a button click event in a WindowsForm)
private void btn_login_Click(object sender, System.EventArgs e)
{
string username = txt_username.Text;
string password = txt_password.Text;
SimpleWseClient.localhost.ServicesMainWse proxy = new
SimpleWseClient.localhost.ServicesMainWse();
proxy.Url = "http://localhost/SimpleWseServer/ServicesMain.asmx";
proxy.RequestSoapContext.Security.Tokens.Add(new UsernameToken(username,
password, PasswordOption.SendPlainText));
txt_response.Text = proxy.HelloWorld(username);
}
Here's the exception stack:
Additional information: Microsoft.Web.Services2.Security.SecurityFault: The
security token could not be authenticated or authorized
at
Microsoft.Web.Services2.Security.Tokens.UsernameTokenManager.OnLogonUserFail
ed(UsernameToken token)
at
Microsoft.Web.Services2.Security.Tokens.UsernameTokenManager.LogonUser(Usern
ameToken token)
at
Microsoft.Web.Services2.Security.Tokens.UsernameTokenManager.AuthenticateTok
en(UsernameToken token)
at
Microsoft.Web.Services2.Security.Tokens.UsernameTokenManager.VerifyToken(Sec
urityToken securityToken)
at
Microsoft.Web.Services2.Security.Tokens.SecurityTokenManager.LoadXmlSecurity
Token(XmlElement element)
at
Microsoft.Web.Services2.Security.Tokens.SecurityTokenManager.GetTokenFromXml
(XmlElement element)
at Microsoft.Web.Services2.Security.Security.LoadXml(XmlElement element)
at
Microsoft.Web.Services2.Security.SecurityInputFilter.ProcessMessage(SoapEnve
lope envelope)
at Microsoft.Web.Services2.Pipeline.ProcessInputMessage(SoapEnvelope
envelope)
at
Microsoft.Web.Services2.WebServicesExtension.BeforeDeserializeServer(SoapSer
verMessage message)
I can't figure out why Windows Authentication is failing? I've enable tracing on both the input and output. The input shows the correct username and password being passed.
The account I'm using is a local account and the group is local as well. I can log in locally with that same username/password combination. I've tried using the following for the username ( username and LOCALMACHINE\username). I've even used my domain login and all receive the same error. I've used the RunAs command to launch other applications as this user and that works.
I also downloaded the Hand-On-Lab (HOLDEVL34: WSE 2.0 Security and Policy) and have tried the supplied "SecureInvoiceA" exercises, but those give the same error as above.
I'd like to move on to implementing my own UsernameTokenManager, but can concieve of doing so until this simple (so it seems) solution can be made to work.
Any help is appreciated.