none
Unable to Find Security Header RRS feed

  • Question

  • I just started encountering this problem last week and it's only happening for one of my clients where multiple people can log into a server and use a WPF app to call the WCF services. I don't know how to reproduce this problem. This is the full error message.

    "Security processor was unable to find a security header in the message. This might be because the message is an unsecured fault or because there is a binding mismatch between the communicating parties.   This can occur if the service is configured for security and the client is not using security."

    "The security protocol cannot verify the incoming message."

    What in the world could possibly cause this to start happening? The bindings between the client and the server match. Always have.

    Client:

    <endpoint address="https://localhost:44300/AdminService.svc"
              behaviorConfiguration="CustomInspectorBehavior" binding="wsHttpBinding"
              bindingConfiguration="WSHttpBinding_IAdminService" contract="AdminService.IAdminService"
              name="WSHttpBinding_IAdminService" />

    <binding name="WSHttpBinding_IAdminService" maxBufferPoolSize="524288"
                maxReceivedMessageSize="1073741824">
              <readerQuotas maxStringContentLength="1073741824" />
              <security mode="TransportWithMessageCredential">
                <transport clientCredentialType="None" />
                <message clientCredentialType="UserName" />
              </security>
            </binding>

    Server:

    <service behaviorConfiguration="UserServiceBehaviors" name="CUneXus.Service.AdminService">
            <endpoint binding="wsHttpBinding" bindingConfiguration="adminHttp"
              bindingNamespace="http://asp.net/ApplicationServices/v200" contract="CUneXus.Service.IAdminService" />
          </service>

    <binding name="adminHttp" maxReceivedMessageSize="1073741824">
              <security mode="TransportWithMessageCredential" >
                <message clientCredentialType="UserName" />
              </security>
            </binding>

    <behavior name="UserServiceBehaviors">
              <serviceMetadata httpGetEnabled="false" />
              <serviceDebug includeExceptionDetailInFaults="false" />
              <serviceCredentials>
                <userNameAuthentication userNamePasswordValidationMode="MembershipProvider"
                  membershipProviderName="AspNetSqlMembershipProvider" />
              </serviceCredentials>
              <serviceAuthorization principalPermissionMode="UseAspNetRoles" />
            </behavior>


    Tuesday, March 15, 2016 8:55 PM

Answers

  • I finally determined this to be an issue with load balancing. It wasn't configured properly to work with message security. Since I don't have any control over the load balancer, I just worked around the issue by setting establishSecurityContext="false" on the message security tag.

    Also, it was hard as hell to determine the root cause of these errors. I had to enable WCF tracing down to the message level just to see what was really happening.  I finally got to this error message "BadContextToken" and that led me down the right rabbit hole.

    • Marked as answer by twilsonxpert Thursday, March 17, 2016 5:16 PM
    Thursday, March 17, 2016 5:16 PM

All replies

  • I finally determined this to be an issue with load balancing. It wasn't configured properly to work with message security. Since I don't have any control over the load balancer, I just worked around the issue by setting establishSecurityContext="false" on the message security tag.

    Also, it was hard as hell to determine the root cause of these errors. I had to enable WCF tracing down to the message level just to see what was really happening.  I finally got to this error message "BadContextToken" and that led me down the right rabbit hole.

    • Marked as answer by twilsonxpert Thursday, March 17, 2016 5:16 PM
    Thursday, March 17, 2016 5:16 PM
  • Hello,

    Thank you very much for sharing the solution to us.

    Best Regards,
    Amy Peng


    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click HERE to participate the survey.

    Friday, March 18, 2016 1:34 AM
    Moderator