none
SecurityAccessDeniedException {“Failed to assert identity with UsernameToken.”} RRS feed

  • Question

  • My development Env : .net framework 4.0 , VS2010 , C#
    Below is the security part in wsdl :

    <wsp:UsingPolicy WL5G3N1:Required="true" />
    <wsp:Policy WL5G3N0:Id="WS-Policy-WSSE-PasswordDigest">
     <wssp:Identity xmlns:wssp="http://www.bea.com/wls90/security/policy">
      <wssp:SupportedTokens>
        <wssp:SecurityToken TokenType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#UsernameToken">
          <wssp:UsePassword Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest" />
        </wssp:SecurityToken>
      </wssp:SupportedTokens>
    </wssp:Identity>

    I've finished UsernameToken with PasswordDigest by following : WriteTokenCoreLink

    The final soap header is:

    <s:Header>
      <a:Action> ... </a:Action>
      <a:MessageID> ...</a:MessageID>
      <a:ReplyTo> ... </a:ReplyTo>
      <a:To> ... </a:To>
      <o:Security  
         s:mustUnderstand="1"  
         xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">  
         <o:UsernameToken  
            u:Id="uuid-3ef12f9d-75ab-407f-abe0-f833d063ac5b-1"  
            xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
            <o:Username>MyUserName</o:Username>
            <o:Password  
               Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">  
               EncryptedPassword
            </o:password>
            <o:Nonce  
               EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">  
               StringWith28Chars  
            </o:Nonce>
            <u:Created>2013-11-26T12:21:22.627Z</u:Created>
         </o:UsernameToken>
      </o:Security>
    </s:Header>
    1. my Nonce length is 28, Password length same length, is it OK?
      I see most samples length 24, and ended with == in Password.

    2. Main problem is Identity. It is from Weblogic which used in java.
      There is Identity property in UsernameToken in framework 4.5 , but not in 4.0
      And I am not sure it is the "Identity" as I expected or not.

    3. Once I guess I can try HttpWebRequest instead of "Add service Reference", but still not very clear.

    Can anybody help on this issue?





    • Edited by MatrixZero Tuesday, December 3, 2013 7:39 AM
    Tuesday, December 3, 2013 7:27 AM

Answers