Dienstag, 13. März 2012 17:56
I have a WCF net.tcp server/client with authentication and encryption (using verisign certificate) .
So far, I have 2 people complaining from about 100-150 who tested my application :
System.Reflection.TargetInvocationException: An exception occurred during the operation, making the result invalid. Check InnerException for exception details. ---> System.ServiceModel.Security.MessageSecurityException: An unsecured or incorrectly secured fault was received from the other party. See the inner FaultException for the fault code and detail. ---> System.ServiceModel.FaultException: An error occurred when verifying security for the message.
System.Reflection.TargetInvocationException: An exception occurred during the operation, making the result invalid. Check InnerException for exception details. ---> System.ServiceModel.CommunicationException: The server did not provide a meaningful reply; this might be caused by a contract mismatch, a premature session shutdown or an internal server error.
Any ideas on what might be causing this exceptions ?
Dienstag, 13. März 2012 18:09
Exception thrown by server would be my guess, after that I'd say contract mismatch is a close second. Is the service set to return exceptions? You can turn on WCF logging if you want to see the raw messages.
If this answers your question, please Mark as Answer
Mittwoch, 21. März 2012 12:01
Now I have this huge log and I can't figure out what's causing it . This is for a user that gets the first exception I mentioned :
- Bearbeitet FAndrei Mittwoch, 21. März 2012 12:02
Mittwoch, 21. März 2012 13:40
You say your using verisign for authentication and encryption. Are you using message or transport security?
What binding are you using?
Does the client have to provide a certificate? or is it only the service that provides the certificate for security?
Mittwoch, 21. März 2012 15:20
I'm using Message security . This is my binding:
selfHost.Credentials.UserNameAuthentication.UserNamePasswordValidationMode = System.ServiceModel.Security.UserNamePasswordValidationMode.Custom;
selfHost.Credentials.UserNameAuthentication.CustomUserNamePasswordValidator = new Passwordvalidator();
selfHost.Credentials.ServiceCertificate.SetCertificate(StoreLocation.LocalMachine, StoreName.My, X509FindType.FindBySubjectName, "...");
selfHost.Credentials.IssuedTokenAuthentication.CertificateValidationMode = System.ServiceModel.Security.X509CertificateValidationMode.None;
selfHost.Credentials.IssuedTokenAuthentication.RevocationMode = X509RevocationMode.NoCheck;
selfHost.Credentials.ClientCertificate.Authentication.CertificateValidationMode = System.ServiceModel.Security.X509CertificateValidationMode.None;
selfHost.Credentials.IssuedTokenAuthentication.TrustedStoreLocation = StoreLocation.LocalMachine;
NetTcpBinding binding = new NetTcpBinding();
binding.Security.Mode = SecurityMode.Message;
binding.Security.Message.ClientCredentialType = MessageCredentialType.UserName;
binding.ReceiveTimeout = TimeSpan.MaxValue;
binding.MaxReceivedMessageSize = int.MaxValue;
binding.MaxConnections = 1000000;
binding.ReaderQuotas.MaxArrayLength = 200000;
binding.ReaderQuotas.MaxBytesPerRead = 200000;
binding.ReaderQuotas.MaxStringContentLength = 10000;
binding.ReaderQuotas.MaxNameTableCharCount = 50000;
binding.MaxBufferPoolSize = 1000000;
binding.MaxBufferSize = 1000000;
binding.MaxReceivedMessageSize = 1000000;
binding.TransferMode = TransferMode.Buffered;
binding.SendTimeout = TimeSpan.FromSeconds(50.0);
binding.CloseTimeout = TimeSpan.FromSeconds(50.0);
ServiceThrottlingBehavior throttling = new ServiceThrottlingBehavior();
throttling.MaxConcurrentSessions = 10000000;
throttling.MaxConcurrentCalls = 10000000;
throttling.MaxConcurrentInstances = 10000000;
selfHost.Description.Behaviors.Find<ServiceDebugBehavior>().IncludeExceptionDetailInFaults = true;
Mittwoch, 21. März 2012 18:52
I think i fixed the problem by changing the clock skew:
I'm waiting for the people who couldn't connect to confirm .
Sonntag, 29. April 2012 11:04
Actually the problem wasn't solved ...
Same people can't connect and furthermore , all connected users are disconnected after 24 hours . (connection failed event is triggered)
clockskew timespan is set to 24 hours .
Samstag, 5. Mai 2012 17:40
People that couldn't connect before still have the same problem.
Furthermore, changing clock skew only causes users that didn't had any problems to get disconnected after 24 hours (clock skew timespan) and they are not able to reconnect until I restart the server .
Any ideas ?
- Bearbeitet FAndrei Samstag, 5. Mai 2012 17:58
Sonntag, 6. Mai 2012 20:49Up....
Mittwoch, 9. Mai 2012 16:03Up....
Donnerstag, 17. Mai 2012 13:00Can you at least recommend me another forums where i might get some answers?
Freitag, 1. Juni 2012 18:04Up....