WSE 3.0 Hands on Lab Security

Question

Hi All,

I was trying to implement the hands on lab security  (WSE 3.0 ) on my system (Win XP SP2, VS2005 + .NET 2.0). I installed all the necessary certificates. At first run, it worked fine. But 10 min later it starts giving this error: "System.Net.Exception: The request Failed with HTTP status 401: Unauthorised access".

I removed WSE 3.0 and and the lab and re-installed it again and still had the same problem.
I looked on msdn and they recomended checking that windows integrated authentication is checked! and anonymous user is checked.

this is sample of the code causing the error:

When proxy.ViewInvoices is invoked it causes the error. if I add this line in between:
SecureInvoiceService proxy = GetProxy();
proxy.Credentials = System.Net.CredentialCache.DefaultCredentials;
DataSet ds = proxy.ViewInvoices();

It works fine. But the point is: It was working well at first, then it started generating that bloody error, why! I tried installing the lab on my desktop in the office: Win 2003 server SP1 + VS2005 and had the same error above. the build succeeds but it doesnt function!

All I wanted to learn is how to use UserToken in SOAP and certificate on a simple web service to authenticate requests and replies. I would be grateful if there is another source you recommend or if there is a fix for the above problem.

Ali
PhD student

Answer 1

Hello,

I prefer for starting the normal WSE samples,installed with WSE 3.0, (look in C:\Program Files\Microsoft WSE\v3.0\Samples).

The  solution WSSecurityAnonymousPolicyService.sln in:

...\v3.0\Samples\CS\QuickStart\Security\WSSecurityAnonymous\Policy

gives a sample of anonymous users but with a certificate in the server and the public copy in the clientes. 

If you wish also to autenticate the clients with credentials then you can use the solution:

WSSecurityUsernamePolicyService.sln in:

...\v3.0\Samples\CS\QuickStart\Security\WSSecurityUsername\Policy

 (You will find also the same samples in VB)

There are a lot of samples there and all of them are very interesting.

Regards

Roberto

 

 

Answer 2

Hi Roberto,

Many thanks you for your answer. I managed to run the sample in the Hands on lab security.

When I installed the lab, it created the code in MSDN folder in my documents. When I copied the folder to the C:\ drive root and ran it from there, everything worked fine! no error messages at all. it seems there are some restrictions when the code is run from the desktop or MyDocuments.

Also, the lab says that the setup for WSE sample certificates must be run from VS2005 command prompt. It didnt say that there are two files that need to be in the same place for the certificate installation to work ("setup.bat and winhttpcertcfg.exe").

Regards,

Ali