1

I have a WinForms application that consumes a WCF service hosted on remote server. When I run the application, it runs and loads data, but after 30 seconds or more of the running it shows following MessageSecurityException:

Security processor was unable to find a security header in the message. This might be because the message is an unsecured fault or because there is a binding mismatch between the communicating parties. This can occur if the service is configured for security and the client is not using security.

My Service Config is:

<system.serviceModel>
    <!-- change -->
    <bindings>
      <customBinding>
        <binding name="Wrabind" closeTimeout="00:05:00" openTimeout="00:05:00" sendTimeout="00:25:00">
          <textMessageEncoding/>
          <security authenticationMode="SecureConversation" includeTimestamp="true" messageSecurityVersion="WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10">
            <localClientSettings maxClockSkew="00:30:00" />
            <localServiceSettings maxClockSkew="00:30:00" />
            <secureConversationBootstrap messageSecurityVersion="WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10">
              <localClientSettings maxClockSkew="00:30:00" />
              <localServiceSettings maxClockSkew="00:30:00" />
            </secureConversationBootstrap>
          </security>
          <httpTransport maxBufferPoolSize="20000000" maxReceivedMessageSize="20000000" allowCookies="true" maxBufferSize="20000000" keepAliveEnabled="false" />
        </binding>
      </customBinding>
    </bindings>
    <!-- change -->
    <services>
      <service behaviorConfiguration="WServiceCoreService.Service1Behavior" name="WServiceCoreService.Service1">
        <endpoint address="http://subdomain.domain.com/service1.svc" binding="customBinding" bindingConfiguration="Wrabind" contract="WServiceCoreService.IService1" />
        <endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" />
      </service>
    </services>
    <behaviors>
      <serviceBehaviors>
        <behavior name="WServiceCoreService.Service1Behavior">
          <serviceThrottling
maxConcurrentCalls="200"
maxConcurrentSessions="200"
maxConcurrentInstances="200" />
          <!-- To avoid disclosing metadata information, set the value below to false before deployment -->
          <serviceMetadata httpGetEnabled="false" />

          <!-- To receive exception details in faults for debugging purposes, set the value below to true.  Set to false before deployment to avoid disclosing exception information -->
          <serviceDebug includeExceptionDetailInFaults="true" />

        </behavior>
      </serviceBehaviors>
    </behaviors>
    <serviceHostingEnvironment>
      <baseAddressPrefixFilters>
        <add prefix="http://subdomain.domain.com/" />
      </baseAddressPrefixFilters>
    </serviceHostingEnvironment>


  </system.serviceModel>

My WinForms Client Config is:

<system.serviceModel>

    <bindings>
      <wsHttpBinding>
        <binding name="CustomBinding_IService1"  maxBufferPoolSize="20000000" maxReceivedMessageSize="20000000" allowCookies="true" closeTimeout="00:05:00" openTimeout="00:05:00" sendTimeout="00:25:00">
          <readerQuotas maxDepth="32" maxStringContentLength="5242880" maxArrayLength="16384" maxBytesPerRead="4096" maxNameTableCharCount="16384" />

        </binding>
      </wsHttpBinding>
    </bindings>
    <client>
      <endpoint address="http://subdomain.domain.com/service1.svc" binding="wsHttpBinding"
        bindingConfiguration="CustomBinding_IService1" contract="WCoreService.IService1"
        name="CustomBinding_IService1">
        <identity>
          <userPrincipalName value="WIN-489ESBTC0A0\servewranglein_web" />
        </identity>
      </endpoint>
    </client>
  </system.serviceModel>

I am unable to predict what is the error with this configuration. Please help me to solve this as soon as possible.

UPDATE: I am using .NET 4.0

Aishwarya Shiva
  • 3,460
  • 15
  • 58
  • 107

3 Answers3

1

Please try to set enableUnsecuredResponse to true at client side and let me know it works or not. Also refer this http://support.microsoft.com/kb/971493 for more details.

mit
  • 1,763
  • 4
  • 16
  • 27
  • where do I set it in client configuration? Can you please edit my client config? Because I don't see any property like that in my client security tag. And I am working on .NET 4 – Aishwarya Shiva Oct 03 '13 at 13:08
  • I don't know why you have wsHttpBinding in client config as you are using custom binding at service config. I think you should use custom binding at client side as this enableUnsecuredResponse property only works with customBinding. Please carefully read the link I have given.Anyway I am using this property in my current project authenticationMode="MutualCertificate" > – mit Oct 03 '13 at 14:34
  • Have you tried enableUnsecuredResponse=false with customBinding? – mit Oct 03 '13 at 15:58
  • Actually when I convert wsHttpBinding on client to customBinding, it not at all connects to the service. Also like you I have the same query that I asked here before: http://stackoverflow.com/questions/18420241/why-client-config-shows-wshttpbinding-when-i-have-custombinding-on-server Changing it to CustomBinding is giving me more errors. With current config its working fine. But the exception is coming time to time. – Aishwarya Shiva Oct 03 '13 at 16:05
  • Ok got it. But can you please write manually matching CustomBinding ? may be it works. – mit Oct 03 '13 at 17:11
1

try this (Both host and client):

    <binding name="XXXXX">
      <security mode="None" >
        <transport clientCredentialType="None" />
        <message  establishSecurityContext="False" />
      </security>
    </binding>
dovid
  • 6,354
  • 3
  • 33
  • 73
1

In my case adding the service in a audienceUris tag in the host config file fixed the issue with the same exception.

<system.identityModel>
...
    <identityConfiguration>
    ...
        <audienceUris>
            <add value="serviceName.svc" />
        </audienceUris>
    ...
    </identityConfiguration>
...
</system.identityModel>
user2651221
  • 13
  • 3