On a particular client when trying to call a WCF Service endpoint I get the following error:
The security check for the received data was not successful.
An unsecured error was received on a secure channel.
A required security header with local name "Security" and namespace "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" was not in the message available. The sender may not have been configured with message security.
I cannot reproduce the error on any other machine however.
The Server binding is as follows
<basicHttpBinding>
<binding name="SecureBinding" transferMode="Streamed" messageEncoding="Mtom" maxReceivedMessageSize="153600">
<security mode="TransportWithMessageCredential">
<message clientCredentialType="UserName"/>
</security>
<readerQuotas maxArrayLength="64000"/>
</binding>
<binding name="SecureBindingNoPassword" transferMode="Buffered" messageEncoding="Mtom" maxReceivedMessageSize="153600">
<security mode="Transport"/>
<readerQuotas maxArrayLength="64000"/>
</binding>
</basicHttpBinding>
<services>
<service behaviorConfiguration="SecureBehavior" name="API.DesignIntegration.DesManService">
<endpoint binding="basicHttpBinding" bindingConfiguration="SecureBinding" contract="API.DesignIntegration.IDesManService"/>
</service>
</services>
And the endpoint call with proxy looks like the following:
HRESULT CommonService::OpenProxy(std::wstring user, std::wstring pass, WsServiceProxy& proxy, WsHeap& heap, WsError& error)
{
HRESULT hr = ERROR_SUCCESS;
if (error.IsCreated())
error.Reset();
else
HR(WsCreateError(NULL, 0, &error));
if (!heap.IsCreated())
{
HR(WsCreateHeap((size_t)pow(1024, 2), 512, NULL, 0, &heap, error));
}
WS_ENDPOINT_ADDRESS address = {};
HR(WS(url, &address.url, heap, error));
// declare and initialize a username credential
WS_STRING_USERNAME_CREDENTIAL cred = {};
cred.credential.credentialType = WS_STRING_USERNAME_CREDENTIAL_TYPE; // set the credential type
HR(WS(user, &cred.username, heap, error));
HR(WS(pass, &cred.password, heap, error));
// declare and initialize a username message security binding
WS_USERNAME_MESSAGE_SECURITY_BINDING usernameBinding = {}; // zero out the struct
usernameBinding.binding.bindingType = WS_USERNAME_MESSAGE_SECURITY_BINDING_TYPE; // set the binding type
usernameBinding.bindingUsage = WS_SUPPORTING_MESSAGE_SECURITY_USAGE; // set the binding usage
usernameBinding.clientCredential = &cred.credential;
WS_SSL_TRANSPORT_SECURITY_BINDING sslBinding = {}; // zero out the struct
sslBinding.binding.bindingType = WS_SSL_TRANSPORT_SECURITY_BINDING_TYPE; // set the binding type
// sslBinding.binding.bindingType = WS_HTTP_HEADER_AUTH_SECURITY_BINDING_TYPE; // set the binding type
//IGNORE BAD CERTS FROM THE DEV SERVER, SHOULDNT BE NECESSARY IN RELEASE
// DWORD dwIgnoreCnCertValue = WS_CERT_FAILURE_CN_MISMATCH | WS_CERT_FAILURE_UNTRUSTED_ROOT | WS_CERT_FAILURE_WRONG_USAGE;
DWORD dwIgnoreCnCertValue = WS_CERT_FAILURE_CN_MISMATCH | WS_CERT_FAILURE_INVALID_DATE | WS_CERT_FAILURE_UNTRUSTED_ROOT | WS_CERT_FAILURE_WRONG_USAGE | WS_CERT_FAILURE_REVOCATION_OFFLINE; WS_SECURITY_BINDING_PROPERTY securityBindingPropertiesArray[] =
{
{ WS_SECURITY_BINDING_PROPERTY_CERT_FAILURES_TO_IGNORE , &dwIgnoreCnCertValue, sizeof(dwIgnoreCnCertValue) }
};
ULONG maxReceivedMessageSize = 2147483647;
WS_CHANNEL_PROPERTY channelProperties[] =
{
//{ WS_CHANNEL_PROPERTY_ENVELOPE_VERSION, &soapVersion, sizeof(soapVersion) },
//{ WS_CHANNEL_PROPERTY_ENCODING, &encoding, sizeof(encoding) },
//{ WS_CHANNEL_PROPERTY_MAX_STREAMED_MESSAGE_SIZE, &maxReceivedMessageSize, sizeof(maxReceivedMessageSize) },
{ WS_CHANNEL_PROPERTY_MAX_BUFFERED_MESSAGE_SIZE, &maxReceivedMessageSize, sizeof(maxReceivedMessageSize) },
//{ WS_CHANNEL_PROPERTY_MAX_HTTP_REQUEST_HEADERS_BUFFER_SIZE, &maxHeaderSize, sizeof(maxHeaderSize) }
};
//allow sending large "xml" files, necessary for uploading the cof, w4l, w4j, etc
WS_XML_WRITER_PROPERTY xmlProp[] = { { WS_XML_WRITER_PROPERTY_MAX_MIME_PARTS_BUFFER_SIZE, &maxReceivedMessageSize, sizeof(maxReceivedMessageSize) } };
WS_XML_WRITER_PROPERTIES xmlProps;
xmlProps.properties = xmlProp;
xmlProps.propertyCount = 1;
//allow recieving large "xml" files, necessary for downloading the cof, w4l, w4j, etc
WS_XML_READER_PROPERTY xmlRead[] = { { WS_XML_READER_PROPERTY_STREAM_MAX_ROOT_MIME_PART_SIZE, &maxReceivedMessageSize, sizeof(maxReceivedMessageSize) } };
WS_XML_READER_PROPERTIES xmlReads;
xmlReads.properties = xmlRead;
xmlReads.propertyCount = 1;
WS_MESSAGE_PROPERTY msgprop[] =
{
{ WS_MESSAGE_PROPERTY_XML_WRITER_PROPERTIES, &xmlProps, sizeof(xmlProps) },
{ WS_MESSAGE_PROPERTY_XML_READER_PROPERTIES, &xmlReads, sizeof(xmlReads) }
};
WS_MESSAGE_PROPERTIES msgprops;
msgprops.properties = msgprop;
msgprops.propertyCount = 2;
//set the message xml properties to override the default message size quotas
WS_PROXY_PROPERTY props[1] =
{
{WS_PROXY_PROPERTY_MESSAGE_PROPERTIES, &msgprops, sizeof(msgprops)}
};
//create the binding template to send the un/pw and security settings
WS_HTTP_SSL_USERNAME_BINDING_TEMPLATE templ = {};
templ.usernameMessageSecurityBinding.clientCredential = &cred.credential;
templ.sslTransportSecurityBinding.securityBindingProperties.properties = securityBindingPropertiesArray;
templ.sslTransportSecurityBinding.securityBindingProperties.propertyCount = 1;
templ.channelProperties.properties = channelProperties;
templ.channelProperties.propertyCount = 1;
//create the server proxy from the specified template and custom message properties
HR(BasicHttpBinding_IDesManService_CreateServiceProxy(&templ, props, 1, &proxy, error));
if (FAILED(hr))
{
return hr;
}
HR(WsOpenServiceProxy(proxy, &address, NULL, error));
if (FAILED(hr))
{
return hr;
}
return hr;
}
HRESULT CommonService::PullProject( std::wstring un, std::wstring pw, std::wstring oe, DesManProject** desman, WsHeap& heap, WsError& error )
{
HRESULT hr;
WsServiceProxy proxy;
HR( OpenProxy( un, pw, proxy, heap, error ) );
if (FAILED(hr))
{
return hr;
}
WCHAR* pchar = (WCHAR*)oe.c_str();
HR( BasicHttpBinding_IDesManService_PullDesManProject( proxy, pchar, desman, heap, NULL, 0, NULL, error ) );
if (FAILED(hr))
{
return hr;
}
return hr;
}
The error occurs when trying to call CommonService::PullProject.
Any ideas on what could be the problem?
