.NET Framework Bookmark and Share   
 index > ASMX Web Services and XML Serialization > WSE 3.0 - The header 'Security' from the namespace was not understood
 

WSE 3.0 - The header 'Security' from the namespace was not understood
We are accessing the service hosted on the OWSM (Oracle Web service Manager) and the client is unable to understand the encrypted response from the server. The initial portion works fine when client sends encrypted request to the server.

I would really appreciate urgent help on the following issue, I have tried various ways to resolve this with no luck.

****** Exception Raised ******
System.Web.Services.Protocols.SoapException:
SOAP-Fault code: http://schemas.xmlsoap.org/soap/envelope/:MustUnderstand
Message: The header 'Security' from the namespace 'http://docs.oasis-open.org/ws
s/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd' was not understood by the
recipient of this message, causing the message to not be processed. This error
typically indicates that the sender of this message has enabled a communication
protocol that the receiver cannot process. Please ensure that the configuration
of the client's binding is consistent with the service's binding.
at System.Web.Services.Protocols.SoapHttpClientProtocol.ReadResponse(SoapClie
ntMessage message, WebResponse response, Stream responseStream, Boolean asyncCal
l)
at System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String methodN
ame, Object[] parameters)
at WSE3ConsoleClient.CalcClient.Calc.Add(Int32 n1, Boolean n1Specified, Int32
n2, Boolean n2Specified, Int32& AddResult, Boolean& AddResultSpecified) in D:\S
ourceCode\WSE30Service\WSE3ConsoleClient\Web References\CalcClient\Reference.cs:
line 79
at WSE3ConsoleClient.Program.Run() in D:\SourceCode\WSE30Service\WSE3ConsoleC
lient\Program.cs:line 78
at WSE3ConsoleClient.Program.Main(String[] args) in D:\SourceCode\WSE30Servic
e\WSE3ConsoleClient\Program.cs:line 37


Theactual response received from the server looks like the message below:

<?xml version="1.0" encoding="UTF-8" ?>
- <s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/">
- <s:Header>
- <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" s:mustUnderstand="1">
<wsse:BinarySecurityToken ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" wsu:Id="aONp0PJ9VxASxF8h57Chl8g22" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">MIICEDCCAXkCBEnWXZUwDQYJKoZIhvcNAQEEBQAwTzELMAkGA1UEBhMCWVoxCzAJBgNVBAgTAlhZMQowCAYDVQQHEwFaMQowCAYDVQQKEwFZMQowCAYDVQQLEwFYMQ8wDQYDVQQDEwZDbGllbnQwHhcNMDkwNDAzMTkwMzQ5WhcNMDkwNzAyMTkwMzQ5WjBPMQswCQYDVQQGEwJZWjELMAkGA1UECBMCWFkxCjAIBgNVBAcTAVoxCjAIBgNVBAoTAVkxCjAIBgNVBAsTAVgxDzANBgNVBAMTBkNsaWVudDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAszPImYnDDAfZsPtccyY4t1U5AF96VVQARJHmzjIbwjqDx2KHzophdZcAuTElQ78vd0lH8IOrCmhjTJxbtvwsf56l4aFCrkaGNHxKr8CZwEs27qf2c1wALQ0LXgh05iwpIpVoIKb/zqYVWjMGQ4sK6uQq6u209kKNlZz5zvRYonUCAwEAATANBgkqhkiG9w0BAQQFAAOBgQCbrpvn5I5e9YdUEEEQL9p5aTIIEiRr4JDdKi1OVBAFOMl22UG64iPw+31osPAcmptAksGPQoAzgikP7iedw1VXjE2T/pOI1Cz5UVCcKMMOhUrJRdlOhAHBU+eT5RWZQjOUuAeR5Uznf/WMVWVDpJDvfuwuDujIe8+MbCwsoa7JWQ==</wsse:BinarySecurityToken>
- <xenc:EncryptedKey xmlns="http://www.w3.org/2001/04/xmlenc#" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
- <xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p">
<dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" />
</xenc:EncryptionMethod>
- <dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
- <wsse:SecurityTokenReference xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:Reference URI="#aONp0PJ9VxASxF8h57Chl8g22" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" />
</wsse:SecurityTokenReference>
</dsig:KeyInfo>
- <xenc:CipherData>
<xenc:CipherValue>ZxdwDOW7nycJem2DO7gjyorEd1CffuZKwZ4NRK1fWwXujm4ejCerr0Oq1CzJyektrfesSaBWDDjDKhi/7kcb0nPn2kB1BV5dm9gl29g/f4zXXm5ecSsLVnL0PyOdRhz4s/4Yz8SbLRvQITsu6a36WD5028D2P6dFTMs9KWYVmRo=</xenc:CipherValue>
</xenc:CipherData>
- <xenc:ReferenceList>
<xenc:DataReference URI="#_YUwcc1Tb009QEEzYdO6yhA22" />
</xenc:ReferenceList>
</xenc:EncryptedKey>
</wsse:Security>
</s:Header>
- <s:Body>
- <xenc:EncryptedData xmlns="http://www.w3.org/2001/04/xmlenc#" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" Type="http://www.w3.org/2001/04/xmlenc#Content" Id="_YUwcc1Tb009QEEzYdO6yhA22">
<xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc" />
- <xenc:CipherData>
<xenc:CipherValue>mm7bLZukdSZ1Atv7eFIT+cf9HJCkkE45dwsJmFwyEyt1Acl2j2ARk82wDPvvScvbPchFvmJ8Eky2eNUvQxrpFsaHjM1wUabNL5LO7sFEurvkJFZZtEr8qGOa2/a/V/izTNULzgw3NfqtC8RI5OUuhJifkZCssAXV9Ymjiq9eHnR/tnGwXzteBVzTB+ERFYg3z2Yo12I7tpg9P/7o0RsF+k+BZ+byV5Cx9MdzIN0cf0NHS1qh+8lftL/EcELA2rllek20uCcoTCZQzrUd9njC5ZAJWZHy5ZZqrvbj4o+x3sSYIAqlsPe3VH2xFl3Aw0uSYjB//roAx7mB47dyVSxtJiEYhHSxalkyNT5bI71kSR+cOvPLbzpbgqK7QSKY7I+dxnoyVRksWK5Sftl6uzWEUT2NLriJkILY6nqP4qyW77JlIbhJZCiy0ztNGGx0nJwikTwXI6aABTFTqJpXnbK3m/Y9ZG2I6J09j2VzqE/SfqD2a16zqbblBPvoRgWlNBkdKEFbjslzZcOblf/1S2Y7tk9Co+mmVqXJ6SU3uTdcHUX7qyOMok4sXsSDnR59nDwZOoWFThvWH2H0EIdr85reIO5vskBczg3yNbsF6nVqmvYRVnmuBzlp14Lk0h03VgVoh+dP4RIp7ImW7wKJLvFIksOvAD3rAahtBqRx6jPMr5vCMJ1hcbEj1LrcgW4WgEoa4tyrux+aupuxrxnsgdnW96g4mZmuUJJNThZ8/PzCo7NuDP1fEVVIJSmbuKpjiKjaIhzgwEXrmLgG4vIyQBQJOk24++/r6VJDMs6u4JcFhjoYEQtyg6opw3YfBQGzFXVU4Z3kswI9MAeZxfbGs6MUl6JVO/6C3EFUHLYwqbIxS6y6Jh7MUiDcG/58KHnvyMR4</xenc:CipherValue>
</xenc:CipherData>
</xenc:EncryptedData>
</s:Body>
</s:Envelope>

Bunty Patni
The response looks ok.

- Do you use WSE3 policy or code? In either case can you show it?
- Are there any special customization (.net web service extensions) or is it a small straigt forward poc client?
- (Stupid question) Have you seen the request is encrypted or do you just assume this since you are getting response?
- Does not seem to be the case, but maybe this exception is the content of the encrypted soap response. i.e. this is a soap fault coming back from the server. Check in the server that the method is actually called.


Some advances ways to debug this:

- Configure a WSE response filter and check if it is called at all (e.g. to check if WSE is used in the response at all).
- Build a WSE service with similar configuration to the actuall service and see if the client can work with it. If yes then compare the working service response to the non working one.
http://webservices20.blogspot.com/
WCF Security, Performance And Testing Blog
Yaron Naveh

You can use google to search for other answers

Custom Search

More Threads

• How to avoid the Excel prompt window when exporting data to Excel 2007
• method accessed through secure channel
• Permissions for calling unmanaged DLL in ASP.NET web service on win2k
• Server did not recognize the value of HTTP Header SOAPAction
• how to change wsdl from http to https when initially developed behind firewall but deployed to external site
• SOAP FAULT Security
• How to Convert Entity Collections and Structures into XML format?
• How Can I Specify the Source IP of a SoapHttpClientProtocol?
• The simplest way to pass userID and Pwd to my webservice
• Long response time on asmx-service with com-objects
Home          Copyright 2009-2010 by netframeworkdev.com All rights reserved