none
WS-Addressing Action not signed exception RRS feed

  • Question

  • Hi,

    i'm developing a client application which calls a remote web service developed in java (i don't have any access to server side code or server configuration).

    The webservice uses SOAP1.1, WS-Addressing and WS-Security.

    I set up the request and, inspecting the response via telerik fiddler, the server reply to my request without errors and right data.

    But, in my program I receive an exception: "The 'Action', 'http://www.w3.org/2005/08/addressing' required message part was not signed." and response is not deserialized. (inspecting the message in telerick fiddler, i see that reply message from server has only sign on timestamp WS-Security header)

    I tried to set EnableUnsecureResponse on WCF security bindind but still have exception.

    How can i override the exception? can i specify to WCF that i expect only signing the timestamp header? or can i intercept raw xml message to get data manually (IClientMessageInspector.AfterReceiveReply is not fired, seems that exception comes first)?

    Here is stack trace:

       in System.ServiceModel.Security.SecurityVerifiedMessage.OnUnsignedPart(String name, String ns)
       in System.ServiceModel.Security.WSSecurityOneDotZeroReceiveSecurityHeader.ExecuteMessageProtectionPass(Boolean hasAtLeastOneSupportingTokenExpectedToBeSigned)
       in System.ServiceModel.Security.ReceiveSecurityHeader.Process(TimeSpan timeout, ChannelBinding channelBinding, ExtendedProtectionPolicy extendedProtectionPolicy)
       in System.ServiceModel.Security.MessageSecurityProtocol.ProcessSecurityHeader(ReceiveSecurityHeader securityHeader, Message& message, SecurityToken requiredSigningToken, TimeSpan timeout, SecurityProtocolCorrelationState[] correlationStates)
       in System.ServiceModel.Security.AsymmetricSecurityProtocol.VerifyIncomingMessageCore(Message& message, String actor, TimeSpan timeout, SecurityProtocolCorrelationState[] correlationStates)
       in System.ServiceModel.Security.MessageSecurityProtocol.VerifyIncomingMessage(Message& message, TimeSpan timeout, SecurityProtocolCorrelationState[] correlationStates)
       in System.ServiceModel.Channels.SecurityChannelFactory`1.SecurityRequestChannel.ProcessReply(Message reply, SecurityProtocolCorrelationState correlationState, TimeSpan timeout)
       in System.ServiceModel.Channels.SecurityChannelFactory`1.SecurityRequestChannel.Request(Message message, TimeSpan timeout)
       in System.ServiceModel.Dispatcher.RequestChannelBinder.Request(Message message, TimeSpan timeout)
       in System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)
       in System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)
       in System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)

    Thursday, August 29, 2019 9:24 AM

All replies