0

When I try to call a [Java] web service from .NET, I am getting what appears to be a security credentials issue. 

CWWSS5509E: A security token whose type is [http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#UsernameToken] is required.

Is it even picking up the credentials that I am trying to pass? At this point, I just want to make contact with the web service and get access. In my example, ServiceReference1 is a generated Web proxy class.

Private Sub Button2_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button2.Click

    Dim myLocateProfileBySourceSystemId As New ServiceReference1.locateProfileBySourceSystemId

    Dim myLocateProfileBySourceSystemIdRequestType As New ServiceReference1.LocateProfileBySourceSystemIdRequestType

    myLocateProfileBySourceSystemIdRequestType.includeEmailAddress = True

    myLocateProfileBySourceSystemId.locateProfileBySourceSystemId1 = myLocateProfileBySourceSystemIdRequestType

    System.Net.ServicePointManager.ServerCertificateValidationCallback = New System.Net.Security.RemoteCertificateValidationCallback(AddressOf ValidateRemoteCertificate)

    Dim myNetworkCredential As New System.Net.NetworkCredential
    myNetworkCredential.UserName = "MyUsernameGoesHere"
    myNetworkCredential.Password = "MyPasswordGoesHere"

    Dim myWebProxy As New WebProxy()
    myWebProxy.Credentials = myNetworkCredential
    WebRequest.DefaultWebProxy.Credentials = myNetworkCredential

    Dim myIndividualProfileSoapClient As New ServiceReference1.IndividualProfileSoapClient
    Dim myLocateProfileBySourceSystemIdResponse As ServiceReference1.locateProfileBySourceSystemIdResponse = myIndividualProfileSoapClient.locateProfileBySourceSystemId(myLocateProfileBySourceSystemId)

End Sub

Private Shared Function ValidateRemoteCertificate(ByVal sender As Object,
                                              ByVal certificate As X509Certificate,
                                              ByVal chain As X509Chain,
                                              ByVal policyErrors As SslPolicyErrors) As Boolean    
     ' allow any old dodgy certificate...
     Return True

End Function

What should my App.Config settings be?

            <security mode="Transport">
                <transport clientCredentialType="None" proxyCredentialType="None"
                    realm="" />
                <message clientCredentialType="UserName" algorithmSuite="Default" />
            </security>
Chad
  • 23,658
  • 51
  • 191
  • 321
  • You should be able to add the credentials as a property to the myIndividualProfileSoapClient object – mikey Dec 20 '11 at 16:08
  • That object has a ClientCrdedentials property that is of type System.ServiceModel.Description.ClientCredentials. It has a parameterless constructor but the Username and password properties of this object are readonly. How do I create this object? – Chad Dec 20 '11 at 16:16

1 Answers1

1

Take a look at this.

http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0.pdf

and this

Trying to get WCF client to work with wss 1.0 username token security

and this.

Correct way communicate WSSE Usernametoken for SOAP webservice

ClientCredentials.UserName.UserName = ""
CleintCredentials.UserName.Password = ""
Community
  • 1
  • 1
Keith Beard
  • 1,601
  • 4
  • 18
  • 36
  • 1
    ClientCredentials.UserName.UserName and ClientCredentials.UserName.Password would be correct – Keith Beard Dec 20 '11 at 17:14
  • What about the clientCredentialType in teh config file? Should it be None as indicate in my posting? Basic? etc? – Chad Dec 20 '11 at 18:49
  • @Velika Yes Basic wasn't that section generated for you when you added the reference? – Keith Beard Dec 20 '11 at 20:18
  • Transport and message are 2 different thing. If the server hosting the web service is set up to require basic authentication then you want basic, otherwise you don't. If the web service requires a SOAP Username Token then you want messageClientCredentialType= UserName. It is possible you'd need both transport and message credentials, but I don't think you do. It is hard to know without knowing the web service. – mikey Dec 20 '11 at 21:37
  • @mikey Yeah and base upon his error message i am betting the service needs a SOAP Username token. But without knowing what service it is your trying to consume its hard to go from here. – Keith Beard Dec 20 '11 at 21:57