I have build a wcf-service (vb.Net with VisualStudio2017) that works well with a testclient, and wcfstorm. SOAPUI can load the wsdl, but when sending a request, it fails with "a:ActionNotSupported"
My Service uses WsHttpbinding, no authentification, no security, with sessions and reliable messaging.
Messagetracing shows that my TestClient succeds with using
< CreateSequence xmlns="http://schemas.xmlsoap.org/ws/2005/02/rm">
where as SOAPUI fails with using
< wsa:Action>http://docs.oasis-open.org/ws-rx/wsrm/200702/CreateSequence< /wsa:Action>
My Questions:
How can i configure my Service to understand/accept the second schema?
I'm a bit puzzled, from what i understand it should already speak SOAP 1.2
How can i get SOAPUI to use a different schema? - or configure the request so it'll work?
SOAPUI-Message
<MessageLogTraceRecord>
<soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope">
<soap:Header xmlns:wsa="http://www.w3.org/2005/08/addressing">
<wsa:Action>http://docs.oasis-open.org/ws-rx/wsrm/200702/CreateSequence</wsa:Action>
<wsa:MessageID>uuid:f610452d-80ef-4439-9cc1-40c7a1731eac</wsa:MessageID>
<wsa:To>http://rmwebservice:8733/TestService</wsa:To>
</soap:Header>
<soap:Body xmlns:wsrm="http://docs.oasis-open.org/ws-rx/wsrm/200702">
<wsrm:CreateSequence>
<wsrm:AcksTo xmlns:wsa="http://www.w3.org/2005/08/addressing">
<wsa:Address>http://www.w3.org/2005/08/addressing/anonymous?id=64f9580f-bfe9-4bd2-9b34-db88e0a5c982</wsa:Address>
</wsrm:AcksTo>
</wsrm:CreateSequence>
</soap:Body>
</soap:Envelope>
</MessageLogTraceRecord>
Response:
<MessageLogTraceRecord>
<s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:a="http://www.w3.org/2005/08/addressing">
<s:Header>
<a:Action s:mustUnderstand="1">http://www.w3.org/2005/08/addressing/fault</a:Action>
<a:RelatesTo>uuid:f610452d-80ef-4439-9cc1-40c7a1731eac</a:RelatesTo>
</s:Header>
<s:Body>
<s:Fault>
<s:Code>
<s:Value>s:Sender</s:Value>
<s:Subcode>
<s:Value>a:ActionNotSupported</s:Value>
</s:Subcode>
</s:Code>
<s:Reason>
<s:Text xml:lang="de-DE">Die Aktion http://docs.oasis-open.org/ws-rx/wsrm/200702/CreateSequence wird von diesem Endpunkt nicht unterstützt. Durch diesen Endpunkt werden nur Nachrichten verarbeitet, die der Spezifikation für WS-ReliableMessaging vom Februar 2005 entsprechen.</s:Text>
</s:Reason>
</s:Fault>
</s:Body>
</s:Envelope>
</MessageLogTraceRecord>
relevant service config:
<system.serviceModel>
<behaviors>
<serviceBehaviors>
<behavior name="myBehavior">
<serviceMetadata httpGetEnabled="true" httpGetUrl="http://myService:8733/" />
<serviceDebug includeExceptionDetailInFaults="true" />
</behavior>
</serviceBehaviors>
</behaviors>
<bindings>
<wsHttpBinding>
<binding name="reliableBinding">
<reliableSession ordered="true" enabled="true" />
<security mode="None">
<message clientCredentialType="None" />
</security>
</binding>
</wsHttpBinding>
</bindings>
<services>
<service name="TestSoapService.TestService"
behaviorConfiguration="myBehavior">
<endpoint address="http://myService:8733/TestService"
binding="wsHttpBinding"
bindingConfiguration="reliableBinding"
contract="TestSoapService.ITestService" />
<endpoint address="http://myService:8733/mex" binding="mexHttpBinding" contract="IMetadataExchange"/>
</service>
</services>
</system.serviceModel>
wsdl:
<?xml version="1.0" encoding="UTF-8"?>
<wsdl:definitions xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/" xmlns:wsaw="http://www.w3.org/2006/05/addressing/wsdl" xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:tns="http://tempuri.org/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:wsam="http://www.w3.org/2007/05/addressing/metadata" xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing" xmlns:soap12="http://schemas.xmlsoap.org/wsdl/soap12/" xmlns:msc="http://schemas.microsoft.com/ws/2005/12/wsdl/contract" xmlns:wsap="http://schemas.xmlsoap.org/ws/2004/08/addressing/policy" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns:wsa10="http://www.w3.org/2005/08/addressing" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsx="http://schemas.xmlsoap.org/ws/2004/09/mex" xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/" targetNamespace="http://tempuri.org/" name="TestService">
<wsp:Policy wsu:Id="WSHttpBinding_ITestService_policy">
<wsp:ExactlyOne>
<wsp:All>
<wsrm:RMAssertion xmlns:wsrm="http://schemas.xmlsoap.org/ws/2005/02/rm/policy">
<wsrm:InactivityTimeout Milliseconds="600000"/>
<wsrm:AcknowledgementInterval Milliseconds="200"/>
</wsrm:RMAssertion>
<wsaw:UsingAddressing/>
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
<wsdl:types>
<xsd:schema targetNamespace="http://tempuri.org/Imports">
<xsd:import namespace="http://tempuri.org/" schemaLocation="http://rmwebservice:8733/?xsd=xsd0"/>
<xsd:import namespace="http://schemas.microsoft.com/2003/10/Serialization/" schemaLocation="http://rmwebservice:8733/?xsd=xsd1"/>
</xsd:schema>
</wsdl:types>
<wsdl:message name="ITestService_Echo_InputMessage">
<wsdl:part name="parameters" element="tns:Echo"/>
</wsdl:message>
<wsdl:message name="ITestService_Echo_OutputMessage">
<wsdl:part name="parameters" element="tns:EchoResponse"/>
</wsdl:message>
<wsdl:portType name="ITestService" msc:usingSession="true">
<wsdl:operation name="Echo" msc:isTerminating="false" msc:isInitiating="true">
<wsdl:input message="tns:ITestService_Echo_InputMessage" wsaw:Action="http://tempuri.org/ITestService/Echo"/>
<wsdl:output message="tns:ITestService_Echo_OutputMessage" wsaw:Action="http://tempuri.org/ITestService/EchoResponse"/>
</wsdl:operation>
</wsdl:portType>
<wsdl:binding type="tns:ITestService" name="WSHttpBinding_ITestService">
<wsp:PolicyReference URI="#WSHttpBinding_ITestService_policy"/>
<soap12:binding transport="http://schemas.xmlsoap.org/soap/http"/>
<wsdl:operation name="Echo">
<soap12:operation style="document" soapAction="http://tempuri.org/ITestService/Echo"/>
<wsdl:input>
<soap12:body use="literal"/>
</wsdl:input>
<wsdl:output>
<soap12:body use="literal"/>
</wsdl:output>
</wsdl:operation>
</wsdl:binding>
<wsdl:service name="TestService">
<wsdl:port name="WSHttpBinding_ITestService" binding="tns:WSHttpBinding_ITestService">
<soap12:address location="http://rmwebservice:8733/TestService"/>
<wsa10:EndpointReference>
<wsa10:Address>http://rmwebservice:8733/TestService</wsa10:Address>
</wsa10:EndpointReference>
</wsdl:port>
</wsdl:service>
</wsdl:definitions>
While your error is in German and Google likely made a mess of translating it, it states
The action http://docs.oasis-open.org/ws-rx/wsrm/200702/CreateSequence is not supported by this endpoint. This endpoint only processes messages that meet the February 2005 WS-ReliableMessaging specification.
The suggested fix to test that it is causing the problem is to disable reliableBinding like this:
<wsHttpBinding>
<binding name="reliableBinding">
<reliableSession ordered="true" enabled="false" />
<security mode="None">
<message clientCredentialType="None" />
</security>
</binding>
</wsHttpBinding>
If that works you might try re-enabling it then in SOAP-UI you can enable WS-ReliableMessaging following this article Using WS-Reliable messaging
Update:
For a little more info on what SOAP-UI might support albeit they're discussing an older version see WCF services testing with SOAP-UI
If all else fails, I'd suggest posting in their forum/community
Another answer(s) from SO that might help Problems with wcf reliable session reliable messaging
Related
I am newbie to web services, I am trying to create a Weblogic webservice from wsdl.
I am able to work with the service If i have only 1 operation inside wsdl, but if I add second operation, I am receiving the error Cannot find dispatch method for Request=[SOAPAction="",Payload={//domain . I am just adding the operation in portType and binding. . I am really not sure what I am missing.
I have just added operation in portType and binding . . Do I need to change anything else apart from this ?
here is my wsdl
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<!-- Generated by JAX-WS RI at http://jax-ws.dev.java.net. RI's version is
JAX-WS RI 2.2.6hudson-86 svn-revision#12773. -->
<definitions targetNamespace="http://service.training.indus.com/"
name="CalculatorService" xmlns="http://schemas.xmlsoap.org/wsdl/"
xmlns:wsp="http://www.w3.org/ns/ws-policy"
xmlns:calSvc="http://service.training.indus.com/"
xmlns:calciInOut="http://domain.training.indus.com/"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:wsp1_2="http://schemas.xmlsoap.org/ws/2004/09/policy"
xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/"
xmlns:wsam="http://www.w3.org/2007/05/addressing/metadata"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<types>
<xsd:schema>
<xsd:import namespace="http://domain.training.indus.com/"
schemaLocation="../xsd/CalculatorService_schema1.xsd" />
</xsd:schema>
</types>
<message name="calciInputMsg">
<part name="parameters" element="calciInOut:calciInputRequest" />
</message>
<message name="calciOutputMsg">
<part name="parameters" element="calciInOut:calciOutputResponse" />
</message>
<portType name="CalculatorPort">
<operation name="multiply">
<inputwsam:Action="http://service.training.indus.com/Calculator/multiplyRequest"
message="calSvc:calciInputMsg" />
<output wsam:Action="http://service.training.indus.com/Calculator/multiplyResponse"
message="calSvc:calciOutputMsg" />
</operation>
<operation name="addition">
<input wsam:Action="http://service.training.indus.com/Calculator/multiplyRequest"
message="calSvc:calciInputMsg" />
<output
wsam:Action="http://service.training.indus.com/Calculator/multiplyResponse"
message="calSvc:calciOutputMsg" />
</operation>
</portType>
<binding name="CalculatorPortBinding" type="calSvc:CalculatorPort">
<soap:binding transport="http://schemas.xmlsoap.org/soap/http"
style="document" />
<operation name="multiply">
<soap:operation soapAction="" />
<input>
<soap:body use="literal" />
</input>
<output>
<soap:body use="literal" />
</output>
</operation>
<operation name="addition">
<soap:operation soapAction="" />
<input>
<soap:body use="literal" />
</input>
<output>
<soap:body use="literal" />
</output>
</operation>
</binding>
<service name="CalculatorService">
<port name="CalculatorSvcPort" binding="calSvc:CalculatorPortBinding">
<soap:address location="http://localhost:9010/TestTopDown/CalculatorService" />
</port>
</service>
</definitions>
Is because of this:
<soap:operation soapAction="" />
To solve your problem, put this in your method in your class:
#WebMethod(action="add")
To show my problem I created a simple WCF service with operations that use a message class with [MessageContract] attribute. This message contains the MyHeader property and is annotated with the [MessageHeader] attribute.
[MessageContract] public class HeaderedMessage
{
[MessageHeader] public string MyHeader { get; set; }
}
[ServiceContract] public interface IService
{
[OperationContract] void GetDataUsingDataContract(HeaderedMessage headered);
}
public class Service : IService
{
public void GetDataUsingDataContract(HeaderedMessage headered) { }
}
Then I tried to generate the proxy classes for Silverlight 4 (or 5) using SlSvcUtil.exe:
slsvcutil.exe http://localhost:8732/Design_Time_Addresses/MessageHeaderedService/?wsdl
Without any warning the message headers are totally ignored in the generated classes. Hence the HeaderedMessage does not contain any property at all.
[System.Diagnostics.DebuggerStepThroughAttribute()]
[System.CodeDom.Compiler.GeneratedCodeAttribute("System.ServiceModel", "4.0.0.0")]
[System.ServiceModel.MessageContractAttribute(WrapperName="HeaderedMessage", WrapperNamespace="http://tempuri.org/", IsWrapped=true)]
public partial class HeaderedMessage
{
public HeaderedMessage()
{
}
}
I did not find any information at MSDN or through Google search about this weired behaviour. Has anybody else issues with this?
I also tried to use Portable Class Libraries extension to use the IService contract directly through ChannelFactory within the Silverlight application. As the System.ServiceModel assemblies of Silverlight don't contain the MessageHeaderAttribute class it cannot be compiled.
Update: Missing generated WSDL and the WCF System.ServiceModel section:
<wsdl:definitions xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/" xmlns:wsx="http://schemas.xmlsoap.org/ws/2004/09/mex" xmlns:wsa10="http://www.w3.org/2005/08/addressing" xmlns:tns="http://tempuri.org/" xmlns:soap12="http://schemas.xmlsoap.org/wsdl/soap12/" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns:wsap="http://schemas.xmlsoap.org/ws/2004/08/addressing/policy" xmlns:msc="http://schemas.microsoft.com/ws/2005/12/wsdl/contract" xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing" xmlns:wsam="http://www.w3.org/2007/05/addressing/metadata" xmlns:wsaw="http://www.w3.org/2006/05/addressing/wsdl" xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/" name="Service" targetNamespace="http://tempuri.org/">
<wsdl:types>
<xsd:schema targetNamespace="http://tempuri.org/Imports">
<xsd:import schemaLocation="http://localhost:8732/Design_Time_Addresses/MessageHeaderedService/?xsd=xsd0" namespace="http://tempuri.org/"/>
<xsd:import schemaLocation="http://localhost:8732/Design_Time_Addresses/MessageHeaderedService/?xsd=xsd1" namespace="http://schemas.microsoft.com/2003/10/Serialization/"/>
</xsd:schema>
</wsdl:types>
<wsdl:message name="HeaderedMessage">
<wsdl:part name="parameters" element="tns:HeaderedMessage"/>
</wsdl:message>
<wsdl:message name="HeaderedMessage_Headers">
<wsdl:part name="MyHeader" element="tns:MyHeader"/>
</wsdl:message>
<wsdl:message name="IService_GetDataUsingDataContract_OutputMessage"/>
<wsdl:portType name="IService">
<wsdl:operation name="GetDataUsingDataContract">
<wsdl:input wsaw:Action="http://tempuri.org/IService/GetDataUsingDataContract" name="HeaderedMessage" message="tns:HeaderedMessage"/>
<wsdl:output wsaw:Action="http://tempuri.org/IService/GetDataUsingDataContractResponse" message="tns:IService_GetDataUsingDataContract_OutputMessage"/>
</wsdl:operation>
</wsdl:portType>
<wsdl:binding name="BasicHttpBinding_IService" type="tns:IService">
<soap:binding transport="http://schemas.xmlsoap.org/soap/http"/>
<wsdl:operation name="GetDataUsingDataContract">
<soap:operation soapAction="http://tempuri.org/IService/GetDataUsingDataContract" style="document"/>
<wsdl:input name="HeaderedMessage">
<soap:header message="tns:HeaderedMessage_Headers" part="MyHeader" use="literal"/>
<soap:body use="literal"/>
</wsdl:input>
<wsdl:output>
<soap:body use="literal"/>
</wsdl:output>
</wsdl:operation>
</wsdl:binding>
<wsdl:service name="Service">
<wsdl:port name="BasicHttpBinding_IService" binding="tns:BasicHttpBinding_IService">
<soap:address location="http://localhost:8732/Design_Time_Addresses/MessageHeaderedService/"/>
</wsdl:port>
</wsdl:service>
</wsdl:definitions>
The WCF config:
<system.serviceModel>
<services>
<service name="MessageHeaderedService.Service">
<host>
<baseAddresses>
<add baseAddress = "http://localhost:8732/Design_Time_Addresses/MessageHeaderedService/" />
</baseAddresses>
</host>
<endpoint address ="" binding="basicHttpBinding" contract="MessageHeaderedService.IService">
</endpoint>
<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange"/>
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior>
<serviceMetadata httpGetEnabled="True"/>
<serviceDebug includeExceptionDetailInFaults="False" />
</behavior>
</serviceBehaviors>
</behaviors>
</system.serviceModel>
I'm trying to add to the generated wcf 4.0 web config some binding configurations for my service.
For some reason, after I publish the service to the IIS and logging to the service wsdl, I still see the old configurations (basicHttpBinding instead wsHttpBinding).
Here is my code:
Web.Config
<?xml version="1.0"?>
<configuration>
<system.web>
<compilation debug="true" targetFramework="4.0" />
</system.web>
<system.serviceModel>
<behaviors>
<serviceBehaviors>
<behavior>
<serviceDebug includeExceptionDetailInFaults="false"/>
</behavior>
</serviceBehaviors>
</behaviors>
<serviceHostingEnvironment multipleSiteBindingsEnabled="true" />
<bindings>
<wsHttpBinding>
<binding name="PDFServiceBinding" closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00"
bypassProxyOnLocal="false" transactionFlow="false" hostNameComparisonMode="StrongWildcard"
maxBufferPoolSize="2147483647" maxReceivedMessageSize="2147483647"
useDefaultWebProxy="true" allowCookies="false">
<readerQuotas maxDepth="2147483647" maxStringContentLength="2147483647" maxArrayLength="2147483647"
maxBytesPerRead="2147483647" maxNameTableCharCount="2147483647" />
<security mode="None"/>
</binding>
</wsHttpBinding>
</bindings>
<services>
<service name="PDFService">
<endpoint address="http://localhost/PDFService/PDFService.svc"
binding="wsHttpBinding" bindingConfiguration="PDFServiceBinding"
contract="PDF.Service.IPDFService" />
<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" />
<host>
<baseAddresses>
<add baseAddress="http://localhost/PDFService/" />
</baseAddresses>
</host>
</service>
</services>
</system.serviceModel>
<system.webServer>
<modules runAllManagedModulesForAllRequests="true"/>
</system.webServer>
</configuration>
PDFService.cs
using System;
using System.Collections.Generic;
using System.Linq;
using System.Runtime.Serialization;
using System.ServiceModel;
using System.ServiceModel.Web;
using System.Text;
using System.IO;
namespace PDF.Service
{
public class PDFService : IPDFService
{
...
}
}
IPDFService.cs
namespace PDF.Service
{
[ServiceContract]
public interface IPDFService
{
...
}
}
The wsdl after the publish:
<?xml version="1.0" encoding="utf-8" ?>
- <wsdl:definitions name="PDFService" targetNamespace="http://tempuri.org/" xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/" xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap12="http://schemas.xmlsoap.org/wsdl/soap12/" xmlns:tns="http://tempuri.org/" xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns:wsap="http://schemas.xmlsoap.org/ws/2004/08/addressing/policy" xmlns:wsaw="http://www.w3.org/2006/05/addressing/wsdl" xmlns:msc="http://schemas.microsoft.com/ws/2005/12/wsdl/contract" xmlns:wsa10="http://www.w3.org/2005/08/addressing" xmlns:wsx="http://schemas.xmlsoap.org/ws/2004/09/mex" xmlns:wsam="http://www.w3.org/2007/05/addressing/metadata">
- <wsdl:types>
- <xsd:schema targetNamespace="http://tempuri.org/Imports">
<xsd:import schemaLocation="http://localhost/PDFService/PDFService.svc?xsd=xsd0" namespace="http://tempuri.org/" />
<xsd:import schemaLocation="http://localhost/PDFService/PDFService.svc?xsd=xsd1" namespace="http://schemas.microsoft.com/2003/10/Serialization/" />
<xsd:import schemaLocation="http://localhost/PDFService/PDFService.svc?xsd=xsd2" namespace="http://schemas.datacontract.org/2004/07/PDF" />
</xsd:schema>
</wsdl:types>
- <wsdl:message name="IPDFService_Save_InputMessage">
<wsdl:part name="parameters" element="tns:Save" />
</wsdl:message>
- <wsdl:message name="IPDFService_Save_OutputMessage">
<wsdl:part name="parameters" element="tns:SaveResponse" />
</wsdl:message>
- <wsdl:portType name="IPDFService">
- <wsdl:operation name="Save">
<wsdl:input wsaw:Action="http://tempuri.org/IPDFService/Save" message="tns:IPDFService_Save_InputMessage" />
<wsdl:output wsaw:Action="http://tempuri.org/IPDFService/SaveResponse" message="tns:IPDFService_Save_OutputMessage" />
</wsdl:operation>
</wsdl:portType>
- <wsdl:binding name="BasicHttpBinding_IPDFService" type="tns:IPDFService">
<soap:binding transport="http://schemas.xmlsoap.org/soap/http" />
- <wsdl:operation name="Save">
<soap:operation soapAction="http://tempuri.org/IPDFService/Save" style="document" />
- <wsdl:input>
<soap:body use="literal" />
</wsdl:input>
- <wsdl:output>
<soap:body use="literal" />
</wsdl:output>
</wsdl:operation>
</wsdl:binding>
- <wsdl:service name="PDFService">
- <wsdl:port name="BasicHttpBinding_IPDFService" binding="tns:BasicHttpBinding_IPDFService">
<soap:address location="http://localhost/PDFService/PDFService.svc" />
</wsdl:port>
</wsdl:service>
</wsdl:definitions>
Your Service element should be as below:
<service name="PDF.Service.PDFService">
<endpoint address="" binding="wsHttpBinding" bindingConfiguration="PDFServiceBinding" contract="PDF.Service.IPDFService" />
<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" />
</service>
NOTE: your are missing to provide namespace in your service name. The name of the service should be fully qualified.
We are attempting to implement message security between a client and WCF service using x509 certificates. The client sends the soap security headers and the service verifies the headers as expected. The problem is that the service is not signing it’s response message with security headers which we need. I believe below includes all of the information that is needed but let me know if you need anything else. Thanks!
The service’s web.config:
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.web>
<customErrors mode="Off" />
</system.web>
<system.serviceModel>
<services>
<service name="RealIdCardService.AetnaNavigator" behaviorConfiguration="serviceCredentialBehavior">
<endpoint address="" contract="RealIdCardService.IAetnaNav" binding="wsHttpBinding" bindingConfiguration="InteropCertificateBinding"></endpoint>
<endpoint address="mex" binding="mexHttpsBinding" contract="IMetadataExchange" />
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="serviceCredentialBehavior">
<serviceDebug includeExceptionDetailInFaults="true" />
<serviceMetadata httpsGetEnabled="true" />
<serviceCredentials>
<!--certificate storage path in the server-->
<serviceCertificate findValue="WcfClient" x509FindType="FindBySubjectName" storeLocation="LocalMachine" storeName="TrustedPeople" />
<issuedTokenAuthentication allowUntrustedRsaIssuers="true" />
<!--certificate storage path in the client-->
<clientCertificate>
<certificate findValue="WcfServer" x509FindType="FindBySubjectName" storeLocation="LocalMachine" storeName="TrustedPeople" />
<authentication certificateValidationMode="PeerTrust" revocationMode="NoCheck" />
</clientCertificate>
</serviceCredentials>
</behavior>
</serviceBehaviors>
</behaviors>
<bindings>
<wsHttpBinding>
<binding name="InteropCertificateBinding">
<security mode="TransportWithMessageCredential">
<!--security mode of certificate
establishSecurityContext="true"-->
<message negotiateServiceCredential="true" algorithmSuite="Default" establishSecurityContext="false" clientCredentialType="Certificate" />
</security>
</binding>
</wsHttpBinding>
</bindings>
</system.serviceModel>
<system.web>
<compilation debug="true" />
</system.web>
<system.webServer>
<handlers>
<remove name="StaticFile" />
</handlers>
</system.webServer>
</configuration>
The client’s app.config:
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<system.serviceModel>
<behaviors>
<endpointBehaviors>
<behavior>
<!--
The clientCredentials behavior allows one to define a certificate to present to a service.
A certificate is used by a client to authenticate itself to the service and provide message integrity.
This configuration references the "client.com" certificate installed during the setup instructions.
-->
<clientCredentials>
<clientCertificate findValue="WcfServer" x509FindType="FindBySubjectName" storeLocation="LocalMachine" storeName="TrustedPeople"/>
<serviceCertificate>
<defaultCertificate findValue="qanav2.sourceonedirect.com"
storeLocation="LocalMachine"
storeName="TrustedPeople" x509FindType="FindBySubjectName" />
<authentication revocationMode="NoCheck" certificateValidationMode="PeerTrust"
trustedStoreLocation="LocalMachine" />
</serviceCertificate>
</clientCredentials>
</behavior>
</endpointBehaviors>
</behaviors>
<bindings>
<wsHttpBinding>
<binding name="WSHttpBinding_RealIdCardService" closeTimeout="00:01:00"
openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00"
bypassProxyOnLocal="false" transactionFlow="false" hostNameComparisonMode="StrongWildcard"
maxBufferPoolSize="524288" maxReceivedMessageSize="655360"
messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true"
allowCookies="false">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="1638400"
maxBytesPerRead="4096" maxNameTableCharCount="16384" />
<reliableSession ordered="true" inactivityTimeout="00:10:00"
enabled="false" />
<security mode="TransportWithMessageCredential">
<transport clientCredentialType="None" proxyCredentialType="None"
realm="" />
<message clientCredentialType="Certificate" negotiateServiceCredential="true"
algorithmSuite="Default" establishSecurityContext="false" />
</security>
</binding>
</wsHttpBinding>
</bindings>
<client>
<endpoint address="https://qanav2.sourceonedirect.com/AetnaNavigator/RealIdCardService.svc"
binding="wsHttpBinding" bindingConfiguration="WSHttpBinding_RealIdCardService"
contract="RealIdCardService" name="WSHttpBinding_RealIdCardService" />
</client>
</system.serviceModel>
</configuration>
The request from the client showing the message security:
<s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:a="http://www.w3.org/2005/08/addressing" xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<s:Header>
<a:Action s:mustUnderstand="1">http://service.sourceOne.realIdcard.com/RealIdCardService/getImage</a:Action>
<a:MessageID>urn:uuid:5d1170db-cc7f-485b-9d19-e88edb49a957</a:MessageID>
<a:ReplyTo>
<a:Address>http://www.w3.org/2005/08/addressing/anonymous</a:Address>
</a:ReplyTo>
<a:To s:mustUnderstand="1" u:Id="_1">https://qanav2.sourceonedirect.com/AetnaNavigator/RealIdCardService.svc</a:To>
<o:Security s:mustUnderstand="1" xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<u:Timestamp u:Id="_0">
<u:Created>2011-08-11T16:39:51.548Z</u:Created>
<u:Expires>2011-08-11T16:44:51.548Z</u:Expires>
</u:Timestamp>
<o:BinarySecurityToken u:Id="uuid-8c46f875-8e7c-449d-ba8b-c9263a04db89-1" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">MIIBsTCCAV+gAwIBAgIQW2xiwVBnILpOlvTOe4BlezAJBgUrDgMCHQUAMBYxFDASBgNVBAMTC1Jvb3QgQWdlbmN5MB4XDTExMDgxMTE0NTA1M1oXDTM5MTIzMTIzNTk1OVowFDESMBAGA1UEAxMJV2NmU2VydmVyMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC4xaSGyke2NPJfXOHtZBz3yHXIjl0nA4WxKWY5Ettgs0DxUU7UKONgEKTloYnkmmiiHjRHzbClfaAbPrDQEe/DihmohWKDGa6aQ1Cat+CsZDGDgLhIcv85n1uLNriA5CJ2ebwgOoh6VxOLOQvjfNGBGfQBSZDe7DMOPntjO7ryhQIDAQABo0swSTBHBgNVHQEEQDA+gBAS5AktBh0dTwCNYSHcFmRjoRgwFjEUMBIGA1UEAxMLUm9vdCBBZ2VuY3mCEAY3bACqAGSKEc+41KpcNfQwCQYFKw4DAh0FAANBACfb7CnUN1dfyAgWbrxgwMr7wZgUo467YgT2+nOwiWlbbYJcqTx/5FkeVg3XXsaI2VINhUURrzvtJxFosKDzNR4=</o:BinarySecurityToken>
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
<SignedInfo>
<CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<Reference URI="#_0">
<Transforms>
<Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<DigestValue>3Lo6p2VdFuYvSkrkqqxY06OseoM=</DigestValue>
</Reference>
<Reference URI="#_1">
<Transforms>
<Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<DigestValue>n/l/ydDWJXU8w/T5oZhXNoH2ZI0=</DigestValue>
</Reference>
</SignedInfo>
<SignatureValue>cLvhF1zEuaizz+SyaqKRWDmE/HF64ODiP0E6B1jEkRWwNdyp7qwgtZaTQj8qcJKYGi76HpZm6DOd+Re0561h/o8o/vD+ijVHvMZc0AF12MN/HgItNBmYF6ify0y6g9PLlc0SFCGc/1aeLDj5yZylYTmMdqgps77q0kCV8s6hmWo=</SignatureValue>
<KeyInfo>
<o:SecurityTokenReference>
<o:Reference ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" URI="#uuid-8c46f875-8e7c-449d-ba8b-c9263a04db89-1"/>
</o:SecurityTokenReference>
</KeyInfo>
</Signature>
</o:Security>
</s:Header>
<s:Body>
<getImage xmlns="http://service.sourceOne.realIdcard.com/">
<arg0 xmlns:i="http://www.w3.org/2001/XMLSchema-instance"></arg0>
</getImage>
</s:Body>
</s:Envelope>
The response from the service without the certificate based security:
<s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:a="http://www.w3.org/2005/08/addressing" xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<s:Header>
<a:Action s:mustUnderstand="1">http://service.sourceOne.realIdcard.com/RealIdCardService/getImageResponse</a:Action>
<a:RelatesTo>urn:uuid:5d1170db-cc7f-485b-9d19-e88edb49a957</a:RelatesTo>
<o:Security s:mustUnderstand="1" xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<u:Timestamp u:Id="_0">
<u:Created>2011-08-11T16:39:57.496Z</u:Created>
<u:Expires>2011-08-11T16:44:57.496Z</u:Expires>
</u:Timestamp>
</o:Security>
</s:Header>
<s:Body>
<getImageResponse xmlns="http://service.sourceOne.realIdcard.com/">
<getImageResult xmlns:i="http://www.w3.org/2001/XMLSchema-instance">
<CumbID>W261748481</CumbID>
<HMOID i:nil="true"/>
<IDCardImage>/9j/QAxb/wATayS9uZhG </IDCardImage>
<MailDate>7/1/2011 12:00:00 AM</MailDate>
</getImageResult>
</getImageResponse>
</s:Body>
</s:Envelope>
Your security setting is completely wrong based on your description. You want signatures in message? => you need message security but you are using transport security and only passing certificate as client identification. That has several implications:
Client connects to service over HTTPS - it validates trust to certificate used by service to build HTTPS connection
HTTPS itself (transport security) ensures encryption and integrity on the transport level
Certificate is only for client authentication - service doesn't have any certificate (certificate you configured is not used).
Client passes the certificate (public key) to the service and use its private key to sign headers.
Service receives the certificate and validate that it trust it
Service uses received public key to validate signatures
Service process the request and returns response
Service doesn't have any own certificate and client doesn't expect any => it cannot sign headers (client certificate cannot be used as well because service doesn't know clients private key)
Client receives the response and it is simply trusted because it returns over established HTTPS connection
If you want to have signatures in both request and response you must move to full message security (HTTPS will not be needed) which means changing security mode from TransportWithMessageSecurity to Message. After that both client and service will have its own certificate and use them to secure each message separately. By default whole content of your message will be also encrypted and signed. If you don't want it you must configure ProtectionLevel on your contracts.
I have a long xml file the content of the file are below:
<?xml version="1.0" encoding="utf-8"?>
<s:Envelope xmlns:a="http://www.w3.org/2005/08/addressing" xmlns:s="http://schemas.xmlsoap.org/soap/envelope/">
<s:Header>
<a:Action s:mustUnderstand="1">http://example.org/person</a:Action>
</s:Header>
<s:Body>
<OrderDataBDO xmlns:i="http://www.w3.org/2001/XMLSchema-instance" xmlns:x="http://www.w3.org/2001/XMLSchema" xmlns="http://schemas.datacontract.org/2004/07/BasWare.OM.BusinessDataObjects">
<selected i:type="x:boolean" xmlns="">false</selected>
<isSaved i:type="x:boolean" xmlns="">false</isSaved>
<metadata i:nil="true" xmlns=""/>
<hasUnsavedValues i:type="x:boolean" xmlns="">false</hasUnsavedValues>
<hasChanged i:type="x:boolean" xmlns="">false</hasChanged>
<defaultResourceId i:type="x:string" xmlns="">BWRc.OM.BUSINESSOBJECTS.ORDERDATABDO.ORDER_DATA</defaultResourceId>
<_x0031_ xmlns:d4p1="http://schemas.datacontract.org/2004/07/BasWare.ProductFramework.BDOFramework" i:type="d4p1:ADate" xmlns="">
<_x0031_ i:type="x:boolean">false</_x0031_>
<_x0032_ i:type="x:boolean">false</_x0032_>
<_x0033_ i:type="x:boolean">false</_x0033_>
<_x0034_ i:nil="true"/>
<_x0035_ i:type="x:boolean">true</_x0035_>
<_x0036_ i:type="x:dateTime">1753-01-01T12:00:00</_x0036_>
<_x0037_ i:type="x:string">d</_x0037_>
<_x0038_ i:type="x:string">ActualDeliveryDate</_x0038_>
</_x0031_>
<_x0032_ xmlns:d4p1="http://schemas.datacontract.org/2004/07/BasWare.ProductFramework.BDOFramework" i:type="d4p1:AString" xmlns="">
<_x0031_ i:type="x:boolean">false</_x0031_>
<_x0032_ i:type="x:boolean">false</_x0032_>
<_x0033_ i:type="x:boolean">false</_x0033_>
<_x0034_ i:nil="true"/>
<_x0035_ i:type="x:boolean">true</_x0035_>
<_x0036_ i:type="x:string"/>
<_x0037_ i:nil="true"/>
<_x0038_ i:type="x:string">BuyerCode</_x0038_>
</_x0032_>
<_x0033_ xmlns:d4p1="http://schemas.datacontract.org/2004/07/BasWare.ProductFramework.BDOFramework" i:type="d4p1:AID" xmlns="">
<_x0031_ i:type="x:boolean">false</_x0031_>
<_x0032_ i:type="x:boolean">false</_x0032_>
<_x0033_ i:type="x:boolean">false</_x0033_>
<_x0034_ i:nil="true"/>
<_x0035_ i:type="x:boolean">true</_x0035_>
<_x0036_ i:type="x:string"/>
<_x0037_ i:nil="true"/>
<_x0038_ i:type="x:string">BuyerId</_x0038_>
</_x0033_>
<!--etc-->
<_x0034_6 xmlns:d4p1="http://schemas.datacontract.org/2004/07/BasWare.ProductFramework.BDOFramework" i:type="d4p1:AMoney" xmlns="">
<_x0031_ i:type="x:boolean">false</_x0031_>
<_x0032_ i:type="x:boolean">false</_x0032_>
<_x0033_ i:type="x:boolean">false</_x0033_>
<_x0034_ i:nil="true"/>
<_x0035_ i:type="x:boolean">true</_x0035_>
<_x0036_ i:type="x:decimal">0</_x0036_>
<_x0037_ i:type="x:string">N2</_x0037_>
<_x0038_ i:type="x:string">TaxSum</_x0038_>
</_x0034_6>
<_x0034_7 xmlns:d4p1="http://schemas.datacontract.org/2004/07/BasWare.ProductFramework.BDOFramework" i:type="d4p1:AString" xmlns="">
<_x0031_ i:type="x:boolean">false</_x0031_>
<_x0032_ i:type="x:boolean">false</_x0032_>
<_x0033_ i:type="x:boolean">false</_x0033_>
<_x0034_ i:nil="true"/>
<_x0035_ i:type="x:boolean">true</_x0035_>
<_x0036_ i:type="x:string"/>
<_x0037_ i:nil="true"/>
<_x0038_ i:type="x:string">Text1</_x0038_>
</_x0034_7>
<_x0034_8 xmlns:d4p1="http://schemas.datacontract.org/2004/07/BasWare.ProductFramework.BDOFramework" i:type="d4p1:AString" xmlns="">
<_x0031_ i:type="x:boolean">false</_x0031_>
<_x0032_ i:type="x:boolean">false</_x0032_>
<_x0033_ i:type="x:boolean">false</_x0033_>
</_x0034_8>
</OrderDataBDO>
</s:Body>
</s:Envelope>
You need to set various of your settings - play around with the values, and see which work.
First, use whatever binding you're using and tweak the <readerQuotas> (maxStringContentLength, maxArrayLength, maxNameTableCharCount) - if that works, fine!
<system.serviceModel>
<bindings>
<wsHttpBinding>
<binding name="LargeMessages">
<readerQuotas maxDepth="32"
maxStringContentLength="2147483647"
maxArrayLength="2147483647"
maxBytesPerRead="4096"
maxNameTableCharCount="2147483647" />
</binding>
</wsHttpBinding>
</bindings>
</system.serviceModel>
If that doesn't solve your problem, you'll need to create your own custom binding in config, and set the limits on the message level as well - something like this:
<system.serviceModel>
<bindings>
<customBinding>
<binding name="ExtraLargeMessages">
<textMessageEncoding>
<readerQuotas maxDepth="32"
maxStringContentLength="2147483647"
maxArrayLength="2147483647"
maxBytesPerRead="4096"
maxNameTableCharCount="2147483647" />
</textMessageEncoding>
<httpsTransport
maxBufferPoolSize="1048576"
maxReceivedMessageSize="1048576"
maxBufferSize="1048576"/>
</binding>
</customBinding>
</bindings>
</system.serviceModel>
Hope this helps.
Marc
UPDATE:
I would tryto add this behavior to your service, and then call the method again.
<system.serviceModel>
<behaviors>
<serviceBehaviors>
<behavior name="DetailedDebug" >
<serviceDebug includeExceptionDetailInFaults="true"/>
</behavior>
</serviceBehaviors>
</behaviors>
<services>
<service name="yourService" behaviorConfiguration="DetailedDebug">
.....
</service>
</services>
</system.serviceModel>
You should now get detailed exception info on your client - can you tell us what it is?? Maybe it's something totally different.......
Marc
Change your Max Message Size (for example, depending on your binding) on the client and server as described here.
Something else may be going wrong. Can you enable tracing for WCF and use the trace log viewer to narrow down the exception?
Maybe it's the number of objects: try adding something like this
<serviceBehaviors>
<behavior name="PutTheNameOfYourBehaviorHere">
<dataContractSerializer maxItemsInObjectGraph="10000000" />
</behavior>
</serviceBehaviors>
to your config file.