none
Error : Request message doesn't validate against any of the configured assertion. RRS feed

  • Question

  •  

    Hi,

     

    I'm geting the following error while running and application using CSF OHSBE.

     

    Microsoft.Web.Services3.Security.SecurityFault: Request message doesn't validate against any of the configured assertion.

     

    This is arising at the Product service Mapping Component when OHSBE Monitor Windows service is trying to send a request.

     

    The policy used in OHSBE's SBEPolicy.config file is as below : -

    <!-- Policy of OH-SBE Service -->
      <policy name="OHSBEServicePolicy">
        <dynamicSecurity allowUnsecuredMessage="false">
          <usernameOverTransportSecurity />
          <kerberosSecurity establishSecurityContext="false" renewExpiredSecurityContext="true" requireSignatureConfirmation="false" messageProtectionOrder="SignBeforeEncrypt" requireDerivedKeys="true" ttlInSeconds="300">
            <protection>
              <request signatureOptions="IncludeAddressing, IncludeTimestamp, IncludeSoapBody" encryptBody="false" />
              <response signatureOptions="IncludeAddressing, IncludeTimestamp, IncludeSoapBody" encryptBody="false" />
              <fault signatureOptions="IncludeAddressing, IncludeTimestamp, IncludeSoapBody" encryptBody="false" />
            </protection>
          </kerberosSecurity>
        </dynamicSecurity>
        <requireActionHeader />
      </policy>

     

    Policy used at PSM component (I'm using the MockPSM)

    <policy name="PSMServicePolicy">
        <dynamicSecurity allowUnsecuredMessage="false">
          <usernameOverTransportSecurity />
          <kerberosSecurity establishSecurityContext="false" renewExpiredSecurityContext="true" requireSignatureConfirmation="false" messageProtectionOrder="SignBeforeEncrypt" requireDerivedKeys="true" ttlInSeconds="300">
            <protection>
              <request signatureOptions="IncludeAddressing, IncludeTimestamp, IncludeSoapBody" encryptBody="true" />
              <response signatureOptions="IncludeAddressing, IncludeTimestamp, IncludeSoapBody" encryptBody="true" />
              <fault signatureOptions="IncludeAddressing, IncludeTimestamp, IncludeSoapBody" encryptBody="false" />
            </protection>
          </kerberosSecurity>
        </dynamicSecurity>
        <requireActionHeader />
      </policy>

     

      <policy name="OHSBEClientPolicy">
        <kerberosSecurity establishSecurityContext="false" renewExpiredSecurityContext="true" requireSignatureConfirmation="false" messageProtectionOrder="SignBeforeEncrypt" requireDerivedKeys="true" ttlInSeconds="300">
      <token>
       <kerberos targetPrincipal="ms-practice/ohsbe-service" impersonationLevel="Identification" />
      </token>
            <protection>
              <request signatureOptions="IncludeAddressing, IncludeTimestamp, IncludeSoapBody" encryptBody="false" />
              <response signatureOptions="IncludeAddressing, IncludeTimestamp, IncludeSoapBody" encryptBody="false" />
              <fault signatureOptions="IncludeAddressing, IncludeTimestamp, IncludeSoapBody" encryptBody="false" />
            </protection>
          </kerberosSecurity>
        <requireActionHeader />
      </policy>

     

    The PSM entry for PolicyDocumentReference in UDDI is using the PSMServicePolicy.

     

    Pls let me know where the policy setting from OHSBE is set and guide me as to how it needs to be done at my end.

     

    Wednesday, April 4, 2007 12:33 PM