none
SOAPUI got "Invalid Secuirty" and "An error occurred when verifying security for the message." when connecting to WCF service

    Question

  • My MS client talks to WCF very well with customBinding. I used the sample ICalculator service with customBinding as I need a non MS client to connect to WCF by using message lever security. However my SOAPUI client just got "InvalidSecurity" and "An error occurred when verifying security for the message" when talking to WCF web service"  no matter what order (sign+encrypt or encrypt+sign or sign only or encrypt only or even without security configurations) and what parts (sign body or sign body + timestamp or plus sign the signature) to sign.

    Here is the client request:
    <soap:Envelope xmlns:mic="http://Microsoft.ServiceModel.Samples" xmlnsTongue Tiedoap="http://www.w3.org/2003/05/soap-envelope" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
       <soap:Header>
    <wsseTongue Tiedecurity soap:mustUnderstand="true" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"><wsse:BinarySecurityToken EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" wsu:Id="EncCertId-8944349" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">MIIDbTCCAtagAwIBAgIBBDANBgkqhkiG9w0BAQUFADB6MQswCQYDVQQGEwJDQTEQMA4GA1UECBMHT250YXJpbzEPMA0GA1UEBxMGT3R0YXdhMRowGAYDVQQKExFGYW4gWWFuZyBXU0lWIEx0ZDEaMBgGA1UECxMRV1NJViBWZXJpZmljYXRpb24xEDAOBgNVBAMTB0ZhbllhbmcwHhcNMDgwMjA3MDQyMTUzWhcNMDkwMjA2MDQyMTUzWjB5MQswCQYDVQQGEwJDQTEQMA4GA1UECBMHT250YXJpbzEPMA0GA1UEBxMGT3R0YXdhMRowGAYDVQQKExFGYW4gWWFuZyBXU0lWIEx0ZDEaMBgGA1UECxMRV1NJViBWZXJpZmljYXRpb24xDzANBgNVBAMTBndzaXYyOTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA3lVmzvpUYh3p6BEiYW87BidKxRzAOpXBF2RymtQslE6BYh7ka8W3h5KKdkDJCfSXNuprl/PnEQzWvwKZ6Bv5GF9bIsWp6dKcUmoeS0/DdQmDlaBY85c+oR2Td4FzVJcVIbyMcuo18R0uJlbu2n8wkrjyGC56V6xTxV+jTOi1a3kCAwEAAaOCAQIwgf8wCQYDVR0TBAIwADAsBglghkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFFiV0336iYr8mZbiDjAjE+la06dvMIGkBgNVHSMEgZwwgZmAFK4Vq+g0qkkfLuB7GlTCACX3NvIWoX6kfDB6MQswCQYDVQQGEwJDQTEQMA4GA1UECBMHT250YXJpbzEPMA0GA1UEBxMGT3R0YXdhMRowGAYDVQQKExFGYW4gWWFuZyBXU0lWIEx0ZDEaMBgGA1UECxMRV1NJViBWZXJpZmljYXRpb24xEDAOBgNVBAMTB0ZhbllhbmeCAQAwDQYJKoZIhvcNAQEFBQADgYEAab+8Asw8VXnrsERq2GzQT0vj1Hvek/BZqC0zADxxNCZ/VulXP09UmPoFOSMXmcawKLzDzjyQRgegJdNkMV5/RFVHdMEYA7BzGLPf4LsTpOCLRAGVGotl2Lqa9k30wRAMFtBiFOR6xHkD5LihtGMTwnditp4XzqLO2c4xCUsymmg=</wsse:BinarySecurityToken><xenc:EncryptedKey Id="EncKeyId-5097021">
    <xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
    <ds:KeyInfo xmlnsBig Smiles="http://www.w3.org/2000/09/xmldsig#">
    <wsseTongue TiedecurityTokenReference><wsse:Reference URI="#EncCertId-8944349" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"/></wsseTongue TiedecurityTokenReference>
    </ds:KeyInfo>
    <xenc:CipherData><xenc:CipherValue>jQgJg2f0hAzzXgnjLmPLkYweHRwEefpp7VbAC83eVHW5xu3K/dDgVGQs+u/lBWw906wiWoIrUU2LQppni0UQFYOh9oL33PSWai7sgLdnT8WzdIw/0GljHRKcDzAqDpp1rRlGgtfT0cjmohRBM+CbLcY6S8PFQfYvdM+SZ6SmXdU=</xenc:CipherValue></xenc:CipherData>
    <xenc:ReferenceList><xencBig SmileataReference URI="#EncDataId-815536"/></xenc:ReferenceList></xenc:EncryptedKey><wsse:BinarySecurityToken EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" wsu:Id="CertId-8944349" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">MIIDbTCCAtagAwIBAgIBBDANBgkqhkiG9w0BAQUFADB6MQswCQYDVQQGEwJDQTEQMA4GA1UECBMHT250YXJpbzEPMA0GA1UEBxMGT3R0YXdhMRowGAYDVQQKExFGYW4gWWFuZyBXU0lWIEx0ZDEaMBgGA1UECxMRV1NJViBWZXJpZmljYXRpb24xEDAOBgNVBAMTB0ZhbllhbmcwHhcNMDgwMjA3MDQyMTUzWhcNMDkwMjA2MDQyMTUzWjB5MQswCQYDVQQGEwJDQTEQMA4GA1UECBMHT250YXJpbzEPMA0GA1UEBxMGT3R0YXdhMRowGAYDVQQKExFGYW4gWWFuZyBXU0lWIEx0ZDEaMBgGA1UECxMRV1NJViBWZXJpZmljYXRpb24xDzANBgNVBAMTBndzaXYyOTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA3lVmzvpUYh3p6BEiYW87BidKxRzAOpXBF2RymtQslE6BYh7ka8W3h5KKdkDJCfSXNuprl/PnEQzWvwKZ6Bv5GF9bIsWp6dKcUmoeS0/DdQmDlaBY85c+oR2Td4FzVJcVIbyMcuo18R0uJlbu2n8wkrjyGC56V6xTxV+jTOi1a3kCAwEAAaOCAQIwgf8wCQYDVR0TBAIwADAsBglghkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFFiV0336iYr8mZbiDjAjE+la06dvMIGkBgNVHSMEgZwwgZmAFK4Vq+g0qkkfLuB7GlTCACX3NvIWoX6kfDB6MQswCQYDVQQGEwJDQTEQMA4GA1UECBMHT250YXJpbzEPMA0GA1UEBxMGT3R0YXdhMRowGAYDVQQKExFGYW4gWWFuZyBXU0lWIEx0ZDEaMBgGA1UECxMRV1NJViBWZXJpZmljYXRpb24xEDAOBgNVBAMTB0ZhbllhbmeCAQAwDQYJKoZIhvcNAQEFBQADgYEAab+8Asw8VXnrsERq2GzQT0vj1Hvek/BZqC0zADxxNCZ/VulXP09UmPoFOSMXmcawKLzDzjyQRgegJdNkMV5/RFVHdMEYA7BzGLPf4LsTpOCLRAGVGotl2Lqa9k30wRAMFtBiFOR6xHkD5LihtGMTwnditp4XzqLO2c4xCUsymmg=</wsse:BinarySecurityToken><dsTongue Tiedignature Id="Signature-6565372" xmlnsBig Smiles="http://www.w3.org/2000/09/xmldsig#">
    <dsTongue TiedignedInfo>

    <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <dsTongue TiedignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
    <ds:Reference URI="#id-29246383">
    <ds:Transforms>
    <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    </ds:Transforms>
    <dsBig SmileigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
    <dsBig SmileigestValue>5iFX2zVFLfPHLiz+z+OWnMmdRoI=</dsBig SmileigestValue>
    </ds:Reference>
    </dsTongue TiedignedInfo>
    <dsTongue TiedignatureValue>
    yyCV8Obl9056hHms/F1nHsquAwq783Ts9tW1XCKkhVH8KnPhPFB7DXVahlNAYsmWjyLQs1eF6ZED
    lKmEWQb95KIWOQMSzjBOzrwraqVRReXIxvshHSA1CsraBFMxnEbCYdxG18bpUPcBcOcIPLOEoekN
    KWJPNCQX+P1m+wjESHI=
    </dsTongue TiedignatureValue>
    <ds:KeyInfo Id="KeyId-17246394">
    <wsseTongue TiedecurityTokenReference wsu:Id="STRId-16963628" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"><wsse:Reference URI="#CertId-8944349" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"/></wsseTongue TiedecurityTokenReference>
    </ds:KeyInfo>
    </dsTongue Tiedignature><wsse:BinarySecurityToken EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" wsu:Id="CertId-8944349" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">MIIDbTCCAtagAwIBAgIBBDANBgkqhkiG9w0BAQUFADB6MQswCQYDVQQGEwJDQTEQMA4GA1UECBMHT250YXJpbzEPMA0GA1UEBxMGT3R0YXdhMRowGAYDVQQKExFGYW4gWWFuZyBXU0lWIEx0ZDEaMBgGA1UECxMRV1NJViBWZXJpZmljYXRpb24xEDAOBgNVBAMTB0ZhbllhbmcwHhcNMDgwMjA3MDQyMTUzWhcNMDkwMjA2MDQyMTUzWjB5MQswCQYDVQQGEwJDQTEQMA4GA1UECBMHT250YXJpbzEPMA0GA1UEBxMGT3R0YXdhMRowGAYDVQQKExFGYW4gWWFuZyBXU0lWIEx0ZDEaMBgGA1UECxMRV1NJViBWZXJpZmljYXRpb24xDzANBgNVBAMTBndzaXYyOTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA3lVmzvpUYh3p6BEiYW87BidKxRzAOpXBF2RymtQslE6BYh7ka8W3h5KKdkDJCfSXNuprl/PnEQzWvwKZ6Bv5GF9bIsWp6dKcUmoeS0/DdQmDlaBY85c+oR2Td4FzVJcVIbyMcuo18R0uJlbu2n8wkrjyGC56V6xTxV+jTOi1a3kCAwEAAaOCAQIwgf8wCQYDVR0TBAIwADAsBglghkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFFiV0336iYr8mZbiDjAjE+la06dvMIGkBgNVHSMEgZwwgZmAFK4Vq+g0qkkfLuB7GlTCACX3NvIWoX6kfDB6MQswCQYDVQQGEwJDQTEQMA4GA1UECBMHT250YXJpbzEPMA0GA1UEBxMGT3R0YXdhMRowGAYDVQQKExFGYW4gWWFuZyBXU0lWIEx0ZDEaMBgGA1UECxMRV1NJViBWZXJpZmljYXRpb24xEDAOBgNVBAMTB0ZhbllhbmeCAQAwDQYJKoZIhvcNAQEFBQADgYEAab+8Asw8VXnrsERq2GzQT0vj1Hvek/BZqC0zADxxNCZ/VulXP09UmPoFOSMXmcawKLzDzjyQRgegJdNkMV5/RFVHdMEYA7BzGLPf4LsTpOCLRAGVGotl2Lqa9k30wRAMFtBiFOR6xHkD5LihtGMTwnditp4XzqLO2c4xCUsymmg=</wsse:BinarySecurityToken><dsTongue Tiedignature Id="Signature-28093117" wsu:Id="id-29246383" xmlnsBig Smiles="http://www.w3.org/2000/09/xmldsig#" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
    <dsTongue TiedignedInfo>

    <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <dsTongue TiedignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
    <ds:Reference URI="#id-815536">
    <ds:Transforms>
    <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    </ds:Transforms>
    <dsBig SmileigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
    <dsBig SmileigestValue>c4y3XIWD0+hxPro6B0t6rj40cdE=</dsBig SmileigestValue>
    </ds:Reference>
    <ds:Reference URI="#Timestamp-31858476">
    <ds:Transforms>
    <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    </ds:Transforms>
    <dsBig SmileigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
    <dsBig SmileigestValue>1E+ynN2w66RkI3AoI9wrtdU1G7I=</dsBig SmileigestValue>
    </ds:Reference>
    </dsTongue TiedignedInfo>
    <dsTongue TiedignatureValue>
    p1tVi5lk/r9x+RT5LvJLmaj3fwaqDdRbHz65zHk7g1nzcmLQtZyzlnTB0hynccyNZkxWJC51xRhO
    mqDizL12kUqBsB70p/tyof6rIgs5oWEdkkhkrXHgtSsAvcs1pn1AXdyxtFzadjV0NnzIEfVYTJec
    wvyGB2ki72qkPeADM7o=
    </dsTongue TiedignatureValue>
    <ds:KeyInfo Id="KeyId-16607330">
    <wsseTongue TiedecurityTokenReference wsu:Id="STRId-13635841"><wsse:Reference URI="#CertId-8944349" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"/></wsseTongue TiedecurityTokenReference>
    </ds:KeyInfo>
    </dsTongue Tiedignature><wsu:Timestamp wsu:Id="Timestamp-31858476" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"><wsu:Created>2008-05-27T19:21:22.309Z</wsu:Created><wsu:Expires>2008-05-27T19:58:02.309Z</wsu:Expires></wsu:Timestamp></wsseTongue Tiedecurity></soap:Header>
       <soap:Body wsu:Id="id-815536" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"><xenc:EncryptedData Id="EncDataId-815536" Type="http://www.w3.org/2001/04/xmlenc#Content"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/><ds:KeyInfo xmlnsBig Smiles="http://www.w3.org/2000/09/xmldsig#">
    <wsseTongue TiedecurityTokenReference xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"><wsse:Reference URI="#EncKeyId-5097021"/></wsseTongue TiedecurityTokenReference>
    </ds:KeyInfo><xenc:CipherData><xenc:CipherValue>kPtBCc3wLFAVcyLd+chcIGosvu7X+g8iljUFqPro5NBrGm3FPSzhiBc1KBWstyqdSsaG1fOFdf/k
    lE5DGMyhgURxytTLOEECS2u3ewvn8hcO+AOl+4LuCe6olnQ+DwreOWnz1GzoS78Af+H+eWVAGMuC
    r57QBCbNXxBLFeYcISIBf1O8An4eFddsAPEn1LC/jdrK0f6trFdaa1c+7uHlJZvXfcfWzj5A9x/4
    Kc4BiyO0zhlUCakgFuPUrRLULDaU/NoYZBUV4IUvei1hL2tlD0IfL2odkKcYAKKdby/Lnxo9I3yp
    Yx07AqFz089stbDhWvcaFq8dXtmHAYTDQoUiNP1ZS0KSSwl8l36dDcXEW1bmLTgp/W4AgUx6JQgB
    eCVQSe1zRsetQJGtjARmjC19B4B8gI2UDhRjBHQyaZLp1+pCzJAm6dpiB7RS0PpbcSuzdBKCOwXS
    bcl4RwQZkT/uqa2xTQPvuFiXvdpM+Ct6g1K8iVCPbX8b8Ta0szv3YnXhJyBkU1mBCmnG6Q08L2sx
    /U4DC29dL4XsXuixaxChkCw=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedData></soap:Body>
    </soap:Envelope>

    The service configuration file:
    <?xml version="1.0" encoding="utf-8" ?>
    <configuration>
      <system.serviceModel>
        <services>
          <service name="Microsoft.ServiceModel.Samples.CalculatorService"
                   behaviorConfiguration="CalculatorServiceBehavior">
            <!-- use base address provided by host -->
    <!--
            <endpoint address=""
                      binding="wsHttpBinding"
              bindingConfiguration="Binding1"
              contract="Microsoft.ServiceModel.Samples.ICalculator" />
    -->
            <endpoint address=""
              binding="customBinding" bindingConfiguration="InteropBinding" name="InteropBinding"
              contract="Microsoft.ServiceModel.Samples.ICalculator" />

            <!-- the mex endpoint is exposed at http://localhost/servicemodelsamples/service.svc/mex -->
            <endpoint address="mex"
                      binding="mexHttpBinding"
                      contract="IMetadataExchange" />
          </service>
        </services>

        <bindings>
          <!-- Fan: customBinding for turn off secureConversation-->
          <customBinding>
            <binding name="InteropBinding">
              <textMessageEncoding messageVersion="Soap12"
              writeEncoding="utf-8">
                <readerQuotas maxDepth="32"
                maxStringContentLength="999999999"
                maxArrayLength="999999999" maxBytesPerRead="4096"
                maxNameTableCharCount="999999999" />
              </textMessageEncoding>
              <security defaultAlgorithmSuite="Basic128"
              allowSerializedSigningTokenOnReply="true"
              authenticationMode="MutualCertificate"
              requireDerivedKeys="false"
              securityHeaderLayout="Lax" includeTimestamp="true"
              keyEntropyMode="CombinedEntropy"
              messageProtectionOrder="SignBeforeEncrypt"
              requireSecurityContextCancellation="false">
                <secureConversationBootstrap />
              </security>
              <httpTransport authenticationScheme="Anonymous" />
            </binding>
          </customBinding>
          <wsHttpBinding>
            <!--
            This configuration defines the security mode as Message and
            the clientCredentialType as Certificate.
            -->
            <binding name="Binding1">
              <security mode ="Message">
                <!-- Fan: turn off negotiation here-->
                <message clientCredentialType="Certificate"
                         negotiateServiceCredential="false"
                         establishSecurityContext="false" />
              </security>
            </binding>
          </wsHttpBinding>
        </bindings>

        <!--For debugging purposes set the includeExceptionDetailInFaults attribute to true-->
        <behaviors>
          <serviceBehaviors>
            <behavior name="CalculatorServiceBehavior">
              <serviceMetadata httpGetEnabled="True"/>
              <serviceDebug includeExceptionDetailInFaults="False" />
              <!--
            The serviceCredentials behavior allows one to define a service certificate.
            A service certificate is used by the service to authenticate itself to its clients and to provide message protection.
            This configuration references the "localhost" certificate installed during the setup instructions.
            -->
              <serviceCredentials>

                <serviceCertificate findValue="a9f4ebcf4a0a213de81e7d493f1919473e4b96f1" storeLocation="LocalMachine" storeName="My" x509FindType="FindByThumbprint" />
                <clientCertificate>
                  <!--
                Setting the certificateValidationMode to PeerOrChainTrust means that if the certificate
                is in the user's Trusted People store, then it will be trusted without performing a
                validation of the certificate's issuer chain. This setting is used here for convenience so that the
                sample can be run without having to have certificates issued by a certificate authority (CA).
                This setting is less secure than the default, ChainTrust. The security implications of this
                setting should be carefully considered before using PeerOrChainTrust in production code.
                -->
                  <authentication certificateValidationMode="PeerOrChainTrust" />
                </clientCertificate>
              </serviceCredentials>
            </behavior>
          </serviceBehaviors>
        </behaviors>
      </system.serviceModel>
    </configuration>

    The wsdl file generated is:

    <wsdlBig Smileefinitions name="CalculatorService" targetNamespace="http://tempuri.org/">
        <wspStick out tongueolicy wsu:Id="InteropBinding_policy">
        <wsp:ExactlyOne>
        <wsp:All>
        <spTongue TiedymmetricBinding>
        <wspStick out tongueolicy>
        <spStick out tonguerotectionToken>
        <wspStick out tongueolicy>
        <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
        <wspStick out tongueolicy>
    <sp:RequireThumbprintReference/>
    <sp:WssX509V3Token10/>
    </wspStick out tongueolicy>
    </sp:X509Token>
    </wspStick out tongueolicy>
    </spStick out tonguerotectionToken>
        <sp:AlgorithmSuite>
        <wspStick out tongueolicy>
    <sp:Basic128/>
    </wspStick out tongueolicy>
    </sp:AlgorithmSuite>
        <sp:Layout>
        <wspStick out tongueolicy>
    <sp:Lax/>
    </wspStick out tongueolicy>
    </sp:Layout>
    <sp:IncludeTimestamp/>
    <spSurprisenlySignEntireHeadersAndBody/>
    </wspStick out tongueolicy>
    </spTongue TiedymmetricBinding>
        <sp:EndorsingSupportingTokens>
        <wspStick out tongueolicy>
        <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
        <wspStick out tongueolicy>
    <sp:RequireThumbprintReference/>
    <sp:WssX509V3Token10/>
    </wspStick out tongueolicy>
    </sp:X509Token>
    </wspStick out tongueolicy>
    </sp:EndorsingSupportingTokens>
        <sp:Wss11>
        <wspStick out tongueolicy>
    <sp:MustSupportRefKeyIdentifier/>
    <sp:MustSupportRefIssuerSerial/>
    <sp:MustSupportRefThumbprint/>
    <sp:MustSupportRefEncryptedKey/>
    <sp:RequireSignatureConfirmation/>
    </wspStick out tongueolicy>
    </sp:Wss11>
        <sp:Trust10>
        <wspStick out tongueolicy>
    <sp:MustSupportIssuedTokens/>
    <sp:RequireClientEntropy/>
    <sp:RequireServerEntropy/>
    </wspStick out tongueolicy>
    </sp:Trust10>
    </wsp:All>
    </wsp:ExactlyOne>
    </wspStick out tongueolicy>
        <wspStick out tongueolicy wsu:Id="InteropBinding_GetCallerIdentity_Input_policy">
        <wsp:ExactlyOne>
        <wsp:All>
        <spTongue TiedignedParts>
    <sp:Body/>
    </spTongue TiedignedParts>
        <sp:EncryptedParts>
    <sp:Body/>
    </sp:EncryptedParts>
    </wsp:All>
    </wsp:ExactlyOne>
    </wspStick out tongueolicy>
        <wspStick out tongueolicy wsu:Id="InteropBinding_GetCallerIdentity_output_policy">
        <wsp:ExactlyOne>
        <wsp:All>
        <spTongue TiedignedParts>
    <sp:Body/>
    </spTongue TiedignedParts>
        <sp:EncryptedParts>
    <sp:Body/>
    </sp:EncryptedParts>
    </wsp:All>
    </wsp:ExactlyOne>
    </wspStick out tongueolicy>

    ...

    Does anybody know the reason? How do I debug this?
    Does the SOAPUI2.0.2 support this?
    My purpose is to use a non-MS client to talk to the WCF by using signature/encryption. Or probably there is a better tool other than SOAPUI?

    Thanks

    Fan


    Tuesday, May 27, 2008 8:26 PM

All replies