Policy mapping - Unable to determine client token to use RRS feed

  • Question

  • Hi,

    I want to send a message from webservice ServiceLogic to webservice CallControl. The CallControl webservice has a policy, named CallControlPolicy (located in SessionPolicy.config):

    < policy name = "CallControlPolicy">

    < authorization >

    < allow role = "CONTOSO\Requestors@CallControl" />

    < deny user = "*" />

    </ authorization >

    < usernameOverTransportSecurity />

    < requireActionHeader />

    </ policy>

    In SessionPolicy.config I have also a policy named CallControlClientPolicy:

    < policy name = "CallControlClientPolicy" >

    < usernameOverTransportSecurity >

    < clientToken >

    < username username = "CONTOSO\CallControlUser" password = "password" />

    </ clientToken >

    </ usernameOverTransportSecurity >

    </ policy >

    In SessionPolicyMapping.config exists the following line:

    < AddressToPolicyMapping DestinationAddress = http://localhost/CallControlService/Service.ashx PolicyName = "CallControlClientPolicy" />

    The CallControlPolicy is assigned to the CallControl webservice. But when I send a message from ServiceLogic to CallControl, the session webservice reports:

    ... Unable to determine client token to use....

    When I do not assign the policy to the CallControl webservice, the message is succesfully routed to CallControl. But when I assign the CallControlPolicy, I get the error. When I look into the Message Visualizer, I can see the message is routed to the CallControlParticipant, but after that I get a ParticipantStateChangedNotification which tells me that the CallControlParticipant is deactivated. When I look into the InputTrace of the CallControl, the message isn't there...

    Any idea how to get the CallControlClientPolicy mapped onto the message when being routed by Session?



    Monday, October 8, 2007 6:44 AM

All replies

  • After a couple of hours, I found the solution:

    In the session manifest, I specified a policy document for the CallControlParticipant. The reference was a reference to the CallControlPolicy instead of CallControlClientPolicy. And because the policy document overrides the policy mapping, the (correct) mapping was overridden by the wrong policy mapping...


    After removing the policy document section from the session manifest, the correct policy was applied and all went OK!



    Tuesday, October 9, 2007 8:43 AM
  • yes Erik,


    When you add a participant in the session manifest, you need to provide the paricipant policy document as well. Anyways, nice to see that you found the solution yourself.



    Vinay Prasad

    Thursday, October 11, 2007 12:47 PM
  • Hi Erik,


    This link may also help you.



    Please also mark the thread as answred by clicking, that the post is useful.





    Wednesday, November 21, 2007 7:02 AM

    Hi Erik,


    Is your query resolved? If yes, then could you please close this thread?



    Lakshay Gupta


    Wednesday, November 28, 2007 6:07 AM