WCF security and client error

0
votes

i have created a wcf service with Message security mode enabled this is my service 

    [ServiceContract]
    public interface IMessagingServices
    {
        [OperationContract]
        string SendMessage(string from, string to, string message);

        [OperationContract]
        List<Message> GetMessages(string from, string to);

        [OperationContract]
        int DeleteMessages(int[] idList);
    }
}

and this is it's config

<bindings>
      <wsHttpBinding>
        <binding name="wsBinding1">
          <security mode="Message">
            <message clientCredentialType="UserName"/>
          </security>
        </binding>
      </wsHttpBinding>
    </bindings>



<services>


  <service name="MessagingServices" behaviorConfiguration="SecureServiceBehavior" >
    <endpoint address="" binding="wsHttpBinding" contract="IMessagingServices" bindingConfiguration="wsBinding1" />
    <!--<endpoint address="mex" binding="mexHttpBinding" contract="IMetaDataExchange"/>-->
  </service>

</services>


<behaviors>

  <endpointBehaviors>
    <behavior name="httpBehavior">
      <webHttp/>
    </behavior>
  </endpointBehaviors>

  <serviceBehaviors>

    <behavior name="SecureServiceBehavior">
      <serviceMetadata httpGetEnabled="true" />
      <serviceDebug includeExceptionDetailInFaults="true" />
      <serviceCredentials>
        <serviceCertificate findValue="KServic.local" storeLocation="LocalMachine" storeName="My" x509FindType="FindBySubjectName" />
        <userNameAuthentication userNamePasswordValidationMode="Custom" customUserNamePasswordValidatorType="AuthenticationHandler, mynamespace" />
      </serviceCredentials>
    </behavior>
    <behavior name="">
      <serviceMetadata httpGetEnabled="true" />
      <serviceDebug includeExceptionDetailInFaults="false" />
    </behavior>
  </serviceBehaviors>
</behaviors>

everything seems to be fine , i can add service in add service reference in VS 2010 and the proxy is created successively but in client when try to call a service operation i get a error this is the client code

ServiceReference1.MessagingServicesClient mscClient = new MessagingServicesClient();

           // mscClient.Open();

            mscClient.ClientCredentials.UserName.UserName = "test";
            mscClient.ClientCredentials.UserName.Password = "test";
            mscClient.ClientCredentials.ClientCertificate.SetCertificate(StoreLocation.LocalMachine, StoreName.My, X509FindType.FindByIssuerName, "KService.local");

             // error is here
            var msg = mscClient.SendMessage("rnd.test", "rnd.test", "Hello brother!");

            mscClient.Close();

and this is error

The identity check failed for the outgoing message. The expected identity is 'identity(http://schemas.xmlsoap.org/ws/2005/05/identity/right/possessproperty: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/thumbprint)' for the 'http://192.168.100.24:16027/MessagingServices.svc' target endpoint.

what's wrong here ? and how can i fix this problem ?

1
c#wcfsecurity
Why are you setting a Certificate on client-side? - as-cii

1 Answers

0
votes

You should set endpoint identity at client side when using message security.
The code you provided sets client credentials, not an endpoint identity.

See <identity> and <certificateReference> elements in WCF configuration schema, if you want to set up identity via .config file, or X509CertificateEndpointIdentity class, if you want to set up identity in code:

var certificate = ...; // load X509Certificate2 instance from the X509Store
var address = new EndpointAddress(uri, new X509CertificateEndpointIdentity(certificate));

Note, that service certificate must be validated before use at client side. For more information, see <authentication> of <serviceCertificate> element page.