none
System.ServiceModel.Security.MessageSecurityException: An unsecured or incorrectly secured fault was received from the other party. See the inner FaultException for the fault code and detail RRS feed

  • Question

  • hi,

    i am using windows authentication message layer security.

        Service<ITestService> testProxy = ServiceHelper.GetServiceProxy<ITestService>();

        var result =    testProxy.ProxyContract.CalCulate(4,5);

        testProxy.Close()

    above code working properly. Internally it is creating new proxy everytime. to reduce proxy creation time i tried to implemnet proxy caching.

    in proxy caching we are not closing the proxy once it is created for service. we store it in dictionary.

      if (_cachedChannels.ContainsKey(contractName))
      {
                    // check it fault or not.
                    testProxy = (Service<T>)_cachedChannels[contractName];

                   // if proxy state is closing, closed, faulty then we are aborting proxy and creating new proxy.

      }

      else

    {

       // create proxy object and store it in _cachedChannels

    }

    with above code, i am able to reduce the proxy creation time and also obseved that if we reuse the proxy then it will also improy the perfromance for service call\method.

    now, if my proxy remain idel more than 1 day then i observed that in _cachedChannels i am getting proxy object and it's state is "opened". but when i actually call some service method CalCulate(4,5) it is throwing below fault exception. my binding has 1 minute close timeout, open timeout, receive timeout and message clientcredentialtype="windows". i am using WSHttpBinding.

    exception detail :-

    System.ServiceModel.Security.MessageSecurityException: An unsecured or incorrectly secured fault was received from the other party. See the inner FaultException for the fault code and detail.

    can some one explain why i am receiving this MessageSecurityException for long running process if i try to reuse same proxy/proxy caching. also need suggessation what should i can do to fix this\handle this scenario?

    ==========
    one thing i found that in my current wshttpbinding establishSecurityContext="True" and not using proxy caching. each time user call service method, we are creating new proxy and after service method call we are closing it.

    ==> what establishSecurityContext will do if value is "true" or "False"?

    Actually, if you set establishSecurityContext to false, key exchange and validation must be done per call instead of being done once and cached for the session.  The session is determined by the Security Context Text - similar to a browser cookie determines the SessionId in ASP.NET.  The use of security tokens is good when the client is expected to make several/many calls in a row because you don't have to do key exchange and validation every call. Note that you have to keep the WCF connection (channel) open to benefit from enabling this setting.

    A Boolean value that determines whether the security channel establishes a secure session. A secure session establishes a Security Context Token (SCT) before exchanging the application messages. When the SCT is established, the security channel offers a ISession interface to the upper channels. For more information about using secure sessions.          <security mode="Message">

                <message clientCredentialType="Windows" establishSecurityContext="True" />

              </security>

    so, my question is why it is failling and throwing security.MessageSecurityException when i reuse same proxy\cache proxy ?


    • Edited by DipenGShah Saturday, September 23, 2017 3:59 PM
    Saturday, September 23, 2017 2:23 PM

All replies

  • Hi DipenGShah,

    >> An unsecured or incorrectly secured fault was received from the other party. See the inner FaultException for the fault code and detail.

    Is there any Inner FaultException? If not, I suggest you enable Configuring Tracing to check depth exception message.

    >>in proxy caching we are not closing the proxy once it is created for service. we store it in dictionary.

    When will you close proxy? Do you mean you will use it for one day, one month, even one year?

    I assume this issue did not happen in a short time, would you mind close the proxy if there is no need to call service in a short time?

    Best Regards,

    Edward


    MSDN Community Support
    Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.

    Monday, September 25, 2017 2:20 AM