0

I'm having truble with configuration around my WCF service and WS-Seciurity. I don't have access to the client side, so far I'm trying to use SoapUI as a client with WS-A adressing, userName, Password and WSS Password Type 'PasswordDigest' options.

I use IIS and https with a simple certificate, .NET 4.7.

I've tried many versions, but without success. I just want to find simplest, working solution to read 'Seciurity' header from SoapUI/client request with WS-Seciurity PasswordDigest options enabled.

The current error with the current config file 'InvalidSecurity' 'An error occurred when verifying security for the message'

   <system.serviceModel>
    <protocolMapping>
      <add scheme="https" binding="wsHttpBinding"/>
    </protocolMapping>
    <services>
        <service name="SoapService" behaviorConfiguration="SoapServiceConf">
            <!--<endpoint address="SoapService" binding="wsHttpBinding" contract="MPA.SoapService.References.ServiceReference.SentSOAP" /> -->
          <endpoint address="" binding="wsHttpBinding" contract="Interfaces.ISoap" bindingConfiguration="wsHttpBind"/>
          <endpoint contract="IMetadataExchange" binding="mexHttpsBinding" address="mex" />
        </service>
    </services>
    <bindings>
      <wsHttpBinding>
        <binding maxReceivedMessageSize="10485760" name="wsHttpBind">
          <security mode="TransportWithMessageCredential">
            <transport clientCredentialType="Basic"/>
            <message clientCredentialType="UserName" algorithmSuite="Default" establishSecurityContext="false" />
          </security>
          <reliableSession enabled="false" />
          <readerQuotas maxArrayLength="10485760" maxDepth="1024" maxStringContentLength="10485760" />
        </binding>
      </wsHttpBinding>
    </bindings>
    <behaviors>
      <serviceBehaviors>
        <behavior name="SoapServiceConf">
          <serviceCredentials>
            <serviceCertificate findValue="soapservice"
                                storeName="My"
                                x509FindType="FindByIssuerName" />
          </serviceCredentials>
          <serviceMetadata httpGetEnabled="false" httpsGetEnabled="true" />
          <serviceDebug includeExceptionDetailInFaults="False" />
        </behavior>
        <behavior name="MyServiceTypeBehaviors" >
          <!-- Add the following element to your service behavior configuration. -->
          <serviceMetadata httpGetEnabled="false" httpsGetEnabled="true"/>
        </behavior>
      </serviceBehaviors>
    </behaviors>
    <serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" />
  </system.serviceModel>

Thanks.

YorbGG
  • 1
  • 2
  • Did you add WS-Security Configuration to your request?If not, try [this way](https://www.soapui.org/docs/soapui-projects/ws-security/) to see if it works – Jiayao Sep 28 '21 at 03:00
  • @Jiayao Yes I tried it, but the result was the same, Also I had a response from the client (a java client). The repsponse was : "PKIX path building failed: unable to find valid certification path to requested target". So maybe it is something wrong with a certificate, but still firstly I should be able to sent a success message from soapUI I guess. – YorbGG Sep 28 '21 at 11:26
  • Maybe you should solve the eorr [PKIX Path building](https://stackoverflow.com/questions/21076179/pkix-path-building-failed-and-unable-to-find-valid-certification-path-to-requ) failed first, and take a look at the link. – Jiayao Sep 29 '21 at 09:24

0 Answers0