none
Sporadic Error : The security context token is expired or is not valid. The message was not processed RRS feed

  • Question

  • Hi,

    We are using WShttpbinding with windows authentication and Message  Security. We have hosted WCF in IIS. We have a Web Application hosted in IIS consuming with WCF Service. We are caching the proxy. and here is the code for that.

    WindowsIdentity currentIdentity = ((WindowsIdentity)HttpContext.Current.User.Identity);
                            using (currentIdentity.Impersonate())
                            {
                                var channelFactory = new ChannelFactory<IService>("*");
                                channelFactory.Credentials.Windows.AllowedImpersonationLevel = TokenImpersonationLevel.Impersonation;
                                service = channelFactory.CreateChannel();
                                
                                var communicationObject = (ICommunicationObject)service;
                                communicationObject.Faulted += OnChannelFaulted;
                                channels.Add(SessionStore.LoginUserName.ToLower(), service);
                                communicationObject.Open(); 
                           }

    Here is the exception

    Exception information: 
        Exception type: MessageSecurityException 
        Exception message: An unsecured or incorrectly secured fault was received from the other party. See the inner FaultException for the fault code and detail.
    
    Server stack trace: 
       at System.ServiceModel.Channels.SecurityChannelFactory`1.SecurityRequestChannel.ProcessReply(Message reply, SecurityProtocolCorrelationState correlationState, TimeSpan timeout)
       at System.ServiceModel.Channels.SecurityChannelFactory`1.SecurityRequestChannel.Request(Message message, TimeSpan timeout)
       at System.ServiceModel.Security.SecuritySessionSecurityTokenProvider.DoOperation(SecuritySessionOperation operation, EndpointAddress target, Uri via, SecurityToken currentToken, TimeSpan timeout)
       at System.ServiceModel.Security.SecuritySessionSecurityTokenProvider.RenewTokenCore(TimeSpan timeout, SecurityToken tokenToBeRenewed)
       at System.IdentityModel.Selectors.SecurityTokenProvider.RenewToken(TimeSpan timeout, SecurityToken tokenToBeRenewed)
       at System.ServiceModel.Security.SecuritySessionClientSettings`1.ClientSecuritySessionChannel.RenewKey(TimeSpan timeout)
       at System.ServiceModel.Security.SecuritySessionClientSettings`1.ClientSecuritySessionChannel.SecureOutgoingMessage(Message& message, TimeSpan timeout)
       at System.ServiceModel.Security.SecuritySessionClientSettings`1.SecurityRequestSessionChannel.Request(Message message, TimeSpan timeout)
       at System.ServiceModel.Dispatcher.RequestChannelBinder.Request(Message message, TimeSpan timeout)
       at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)
       at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)
       at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)
    
    Exception rethrown at [0]: 
       at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)
       at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
       at Customer.Service.WCF.CustomerService.ICustomerService.GetCurrentUsersRoles()
       at Customer.Web.Common.Utility.CustomerWebUtility.<SetCurrentUserRoles>b__b9()
       at Customer.Web.Common.Utility.CustomerWebUtility.RunActionAsImpersonatedUser[T](Func`1 FunctionToExec, WindowsIdentity CurrentUserIdentity)
       at Customer.Web.Common.Utility.CustomerWebUtility.RunActionAsImpersonatedUser[T](Func`1 FunctionToExec)
       at Customer.Web.Common.Utility.CustomerWebUtility.SetCurrentUserRoles()
       at Customer.WebModule.RecordBrowser.Page_Load(Object sender, EventArgs e)
       at System.Web.Util.CalliEventHandlerDelegateProxy.Callback(Object sender, EventArgs e)
       at System.Web.UI.Control.OnLoad(EventArgs e)
       at System.Web.UI.Control.<LoadRecursiveAsync>d__4.MoveNext()
    --- End of stack trace from previous location where exception was thrown ---
       at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
       at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
       at System.Web.Util.WithinCancellableCallbackTaskAwaitable.WithinCancellableCallbackTaskAwaiter.GetResult()
       at System.Web.UI.Page.<ProcessRequestMainAsync>d__14.MoveNext()
    
    The security context token is expired or is not valid. The message was not processed.
    

    Intermittently we are getting the error that Security Context token is expired or is not valid. and then we end up doing recycle app pool. We tried to search a lot on net and one option says to disable establishSecurityContext for message. but wondering is that the only option to fix this issue. Isn't there any other way to fix by keeping establishSecurityContext on ?

    One option is to catch this error and then rebuild the proxy, but that would require a lot of change as we are calling WCF service from many places and it would be hard to catch the exception from all those places. 

    Would appreciate any help with this.

    Thanks in advance.

    Himal



    Himal Patel


    • Edited by Himal Patel Wednesday, September 23, 2015 1:07 PM added exception.
    Wednesday, September 23, 2015 1:04 PM

Answers

  • Hi Himal Patel,

    As far as I know, there is only way to fix this problem with establishSecurityContext.

    Best Regards,

    Grady

    Wednesday, September 30, 2015 1:22 AM
    Moderator

All replies