best way to throw exception from custom UserNameSecurityTokenHandler?

Question

What is the best way to signal authentication failure in a custom UserNameSecurityTokenHandler?  Currently, my custom token handler throws  SecurityTokenValidationException on failure.   This results in a pretty ugly exception on the client side (WSTrustChannel) though:

"System.ServiceModel.Security.MessageSecurityException: An unsecured or incorrectly secured fault was received from the other party. See the inner FaultException for the fault code and detail. ---> System.ServiceModel.FaultException: ID3242: The security token could not be authenticated or authorized.\r\n   --- End of inner exception stack trace ---\r\n\r\nServer stack trace: \r\n   at

Inner exception:

{"ID3242: The security token could not be authenticated or authorized."}

 

Answer 1

Why is this ugly? What do you want - a pretty "authentication failed - please try again" exception? isn't that up to the client to turn it into whatever pretty message you want?

---

Dominick Baier | thinktecture | http://www.leastprivilege.com

Answer 2

Hi Dominick,

I know this is a fairly old post, but there's no harm in asking. 

Like the original poster I have written a custom UserNameSecurityTokenHandler which authenticates the user's credentials and throws an exception if the user has failed to log in.  Can you confirm that recieving a MessageSecurityException on the relying party with such a message is the expected result?  The message "An unsecured or incorrectly secured fault was received from the other party." looks quite scary, and I'm worried that I'm not setting up my security correctly.

I'm still trying to wrap my head around this WIF stuff, so sorry if I have confused my terms.

Lucas

Answer 3

That is the expected error message when authentication (or anything security-related fails for that matter) on the server side.  In theory there could be an inner exception that contains a more useful message, but the idea is to seperate components at the service level, so the exception is generic across platforms.  that way you aren't relying on a specific internal design when all you should be relying on is the contract provided by the service.

As an aside, your users should NOT be seeing the message "An unsecured or incorrectly secured fault was received from the other party".  You should be catching it and display an innocuous error like "Oops! Something bad happened.  Please contact the administrators."  Or if it's occuring at the login prompt, its a safe assumption that you can just output "Login Failed".

---

Developer Security MVP | http://www.steveonsecurity.com

Answer 4

Excellent, thanks for the quick response Steve!