WCF security implementation error

0
votes

This is the error iam getting:

The message could not be processed. This is most likely because the action 'http://tempuri.org/xxxxxx' is incorrect or because the message contains an invalid or expired security context token or because there is a mismatch between bindings. The security context token would be invalid if the service aborted the channel due to inactivity. To prevent the service from aborting idle sessions prematurely increase the Receive timeout on the service endpoint's binding

HERE is my web.config copy:

<?xml version="1.0"?>
<configuration>
  <system.web>
    <compilation debug="true" targetFramework="4.0">
      <assemblies>
        <add assembly="System.Data.Entity, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/>
      </assemblies>
    </compilation>
  </system.web>  
   <system.serviceModel>
    <bindings>
      <wsHttpBinding>
        <binding name="wsUserNameToken">
          <security mode="TransportWithMessageCredential">
            <transport clientCredentialType="None"/>
            <message clientCredentialType="UserName"/>
          </security>
        </binding>
      </wsHttpBinding>
    </bindings>
    <services>
      <service name="ServiceName" behaviorConfiguration="userNameTokenBehavior">
        <endpoint address="" binding="wsHttpBinding" bindingConfiguration="wsUserNameToken" name="userNameTokenService" contract="ContractName"/>
        <endpoint address="mex" binding="wsHttpBinding" bindingConfiguration="wsUserNameToken" name="MexHttpsBindingEndpoint" contract="IMetadataExchange" />
      </service>
    </services>
    <behaviors>
      <serviceBehaviors>
        <behavior name="userNameTokenBehavior">
          <serviceMetadata httpsGetEnabled="true"/>
          <serviceDebug includeExceptionDetailInFaults="false"/>
          <serviceCredentials>
            <serviceCertificate findValue="xxxxxxxxxxxxx" x509FindType="FindByThumbprint" storeLocation="LocalMachine" storeName="My" />
            <userNameAuthentication userNamePasswordValidationMode="Custom" customUserNamePasswordValidatorType="xxxxx.xxxxx.UsernameValidator, App_Code"/>
          </serviceCredentials>
        </behavior>
      </serviceBehaviors>
    </behaviors>
  </system.serviceModel>  
  <system.webServer>
    <modules runAllManagedModulesForAllRequests="true"/>
  </system.webServer>
 </configuration>

Can anyone please figure out whats wrong with my config file?

2
wcfsecurity
WCF is a dance between client and the server. Can you include your client config as well. - Petar Vučetin
Your service name attribute and endpoint contract attribute should be fully qualified names. Also enable tracing on your service to know the reason on why things fail - Rajesh

2 Answers

0
votes

In your wsHttpBinding element can you add the property recieveTimeout and set its value to something large and check. Below is a sample:

<binding name="wsUserNameToken" closeTimeout="00:01:00" openTimeout="00:01:00"
          receiveTimeout="00:10:00" sendTimeout="00:01:00" bypassProxyOnLocal="false"
          transactionFlow="false" hostNameComparisonMode="StrongWildcard"
          maxBufferPoolSize="2147483647" maxReceivedMessageSize="2147483647"
          useDefaultWebProxy="true" allowCookies="false">

Also try enabling Tracing on your service and inspect the log to determine the reason on why the request fails.

Hope that helps.

0
votes

Check your metadata binding. The binding should be mexHttpsBinding and not wsHttpBinding