WCF gives an unsecured or incorrectly secured fault error

Question

I am trying to consume a remote svc web service  I created the proxy class using svcutil exe  and after that I ve added that class to my console application  but it yields an error      An unsecured error or incorrectly secured fault was received from the other party  See the inner fault exception for the fault code and detail        System ServiceModel FaultException  An error occurred when verifying  security for the message   I didn t create the WCF side  it s a remote svc  Please help      lt  xml version  1 0  encoding  utf-8   gt   lt configuration gt       lt system serviceModel gt           lt bindings gt               lt basicHttpBinding gt                   lt binding name  EloquaDataTransferService  closeTimeout  00 01 00                      openTimeout  00 01 00  receiveTimeout  00 10 00  sendTimeout  00 01 00                      allowCookies  false  bypassProxyOnLocal  false  hostNameComparisonMode  StrongWildcard                      maxBufferSize  65536  maxBufferPoolSize  524288  maxReceivedMessageSize  65536                      messageEncoding  Mtom  textEncoding  utf-8  transferMode  Buffered                      useDefaultWebProxy  true  gt                       lt readerQuotas maxDepth  32  maxStringContentLength  8192  maxArrayLength  16384                          maxBytesPerRead  4096  maxNameTableCharCount  16384    gt                       lt security mode  TransportWithMessageCredential  gt                           lt transport clientCredentialType  None  proxyCredentialType  None                              realm      gt                           lt message clientCredentialType  UserName  algorithmSuite  Default    gt                       lt  security gt                   lt  binding gt               lt  basicHttpBinding gt           lt  bindings gt           lt client gt               lt endpoint address  https   secure eloqua com API 1 2 DataTransferService svc                  binding  basicHttpBinding  bindingConfiguration  EloquaDataTransferService                  contract  DataTransferService  name  EloquaDataTransferService    gt           lt  client gt       lt  system serviceModel gt   lt  configuration gt    This is my app config file  I am providing the username and password in my consoleApp cs file using obj ServiceCredentials UserName UserName  xxxxxx  and  Password  xxxXx    lt  xml version  1 0  encoding  UTF-8   gt   lt configuration gt      lt system serviceModel gt         lt bindings gt            lt basicHttpBinding gt               lt binding name  EloquaDataTransferService  closeTimeout  00 01 00  openTimeout  00 01 00  receiveTimeout  00 10 00  sendTimeout  00 01 00  allowCookies  false  bypassProxyOnLocal  false  hostNameComparisonMode  StrongWildcard  maxBufferSize  65536  maxBufferPoolSize  524288  maxReceivedMessageSize  65536  messageEncoding  Mtom  textEncoding  utf-8  transferMode  Buffered  useDefaultWebProxy  true  gt                  lt readerQuotas maxDepth  32  maxStringContentLength  8192  maxArrayLength  16384  maxBytesPerRead  4096  maxNameTableCharCount  16384    gt                  lt security mode  TransportWithMessageCredential  gt                     lt transport clientCredentialType  None  proxyCredentialType  None  realm      gt                     lt message clientCredentialType  UserName  algorithmSuite  Default    gt                  lt  security gt               lt  binding gt            lt  basicHttpBinding gt         lt  bindings gt         lt client gt            lt endpoint address  https   secure eloqua com API 1 2 DataTransferService svc  binding  basicHttpBinding  bindingConfiguration  EloquaDataTransferService  contract  DataTransferService  name  EloquaDataTransferService    gt         lt  client gt      lt  system serviceModel gt   lt  configuration gt

User · Answer

I had to change the SecurityMode to Message  WSHttpBinding   before it worked  i e     wcf   new ServiceRequestClient new WSHttpBinding SecurityMode Message                               new EndpointAddress  wcfRequestServerAddress

User · Answer

In my case  it was a setting on the IIS application pool   Select the application pool --  Advanced Settings --  Set  Enable 32 Bit Applications  to True   Then recycle the application pool

User · Answer

Same this problem i am facing my client application is WinForms application C  4 0  When i read the solution here  i checked Date  amp  Time of client computer  but that was right and current time was showing  but still i was facing these problem   After some work-around i found that wrong time zone has selected  i am in India and time zone was of Canada  the host server is located in Kuwait   I found that system converts time to universal time   When i changed the time zone to India s time zone  the problem was soled

User · Answer

I was getting this error due to the BasicHttpBinding not sending a compatible messageVersion to the service i was calling  My solution was to use a custom binding like below    lt bindings gt     lt customBinding gt       lt binding name  Soap11UserNameOverTransport  openTimeout  00 01 00  receiveTimeout  00 1 00   gt         lt security authenticationMode  UserNameOverTransport  gt         lt  security gt                   lt textMessageEncoding messageVersion  Soap11WSAddressing10  writeEncoding  utf-8    gt         lt httpsTransport gt  lt  httpsTransport gt       lt  binding gt     lt  customBinding gt         lt  bindings gt

User · Answer

I ve also had this problem from a service reference that was out of date  even with the server  amp  client on the same machine  Running  Update Service Reference  will generally fix it if this is the issue

User · Answer

For what it s worth - I also had this error and found it was caused by the connection string in the web services web config being set to connect to the wrong machine

User · Answer

x000D   x000D   lt wsHttpBinding gt  x000D           lt binding name  ISG Binding Configuration  bypassProxyOnLocal  true  useDefaultWebProxy  false  hostNameComparisonMode  WeakWildcard  sendTimeout  00 30 00  receiveTimeout  00 30 00  maxReceivedMessageSize  2147483647  maxBufferPoolSize  2147483647  gt  x000D             lt readerQuotas maxArrayLength  2147483647  maxStringContentLength  2147483647    gt  x000D             lt security mode  None  gt  x000D               lt message establishSecurityContext  false  clientCredentialType  UserName   gt  x000D             lt  security gt  x000D           lt  binding gt  x000D         lt  wsHttpBinding gt  x000D   x000D   x000D

User · Answer

In my case  there are two problems that will throw this exception   Note that  my environment uses Single Sign On  or STS if you prefer  to authenticate a user through ASP NET MVC site  MVC site in turn makes a service call to my service endpoint by passing bearer token which it requested from STS server with Bootstrap token previously  The error I got was when I made a service call from MVC site    The WCF service wasn t configured as a relying party in my SSO  or STS if you prefer   Service s configuration wasn t configured properly  Particularly on audienceUris node of system identityModel  It must exactly match the service endpoint url    lt system identityModel gt       lt identityConfiguration gt           lt audienceUris gt               lt add value  https   localhost IdpExample YService YService svc    gt           lt  audienceUris gt                    lt  identityConfiguration gt   lt  system identityModel gt

User · Answer

In my case  I was getting this error on the same machine  in my test client-server application  But this problem was resolved by  Update Service Reference     Tushar G  Walavalkar

User · Answer

Try changing your security mode to  transport    You have a mismatch between the security tag and the transport tag

User · Answer

Try with this   catch  System Reflection TargetInvocationException e1          String excType          excType   e1 InnerException GetType   ToString           choose case excType                   case  System ServiceModel FaultException                              System ServiceModel FaultException e2                             e2   e1 InnerException                             System ServiceModel Channels MessageFault fault                             fault   e2 CreateMessageFault                               ls message    Class  uo bcfeWS  Method  registraUnilateral  r n     Exception 1       fault Reason ToString                                if  fault HasDetail  then                                       System Xml XmlReader reader                                       reader   fault GetReaderAtDetailContents                                         ls message          reader Value                                       do while reader Read                                                   ls message    reader Value                                       loop                             end if                   case  System Text DecoderFallbackException                              System Text DecoderFallbackException e3                             e3   e1 InnerException                             ls message    Class  uo bcfeWS  Method  registraUnilateral  r n     Exception 1       e3 Message                    case else                             ls message    Class  uo bcfeWS  Method  registraUnilateral  r n     Exception 1       e1 Message         end choose         MessageBox    Error   ls message             logError ls message          return false

User · Answer

In my case I was using certificates for authentication with certificateValidationMode set to  PeerTrust  and I had forgotten to install the client certificate in windows store  LocalMachine TrustedPeople  to make it accepted by the server

User · Answer

Although your problem was solved with one of the above solutions  for the benefit of others  here s another option   You also can get this exception when incorrect credentials are passed to a basic endpoint  SOAP 1 1  that uses username message credentials as you are   For example  if you are calling the service from code and do something like this   var service   new TestService     service ClientCredentials UserName UserName    InvalidUser   service ClientCredentials UserName Password    InvalidPass     This is different from a WSHTTP endpoint  SOAP 1 2  that throws an AccessDeniedException when invalid credentials are passed through   I personally find the message contained herein a little misleading  it certainly cost me a few minutes the first time I encountered it for this reason  but the underlying cause was clear once I consulted the WCF Diagnostic Trace Logs

User · Answer

Just for the sake of sharing    I had a rare case that got me scratching the back of my head for a few minutes  Even tho the time skew solution was very accurate  and I had that problem solved before  this time was different  I was on a new Win8 1 machine which I remember having a timezone issue and I had manually adjusted the time  Well  I kept getting the error  despite the time displayed in both server and client had only a diference in seconds  What I did is activate  summer saving option   note that I am indeed under summer saving time  but had the time setup manually  in  date and time setup  then went to the internet time section and refreshed    the time in my pc kept exactly the same  but the error dissapeared   Hope this is useful to anybody

User · Answer

Make sure your SendTimeout hasn t elapsed after opening the client

User · Answer

In my case  when I changed the wshttpbinding protocol from https to http it started working

User · Answer

You have obviously a problem with the WCF security subsystem  What binding are you using  What authentication  Encryption  Signing  Do you have to cross domain boundaries   A bit of goggling further reveals that others are experiencing this error if the clocks of client and server are out of sync  more than about five minutes  because some security schemata rely on synchronized clocks

User · Answer

Mostly this exception happens when there is some errors in the server  the most common one is a wrong configuration of the authentication database  or authentication  In my case there was different clock synchronization  make sure both client and server have same settings   Click on Time at your Right-Bottom side -   Change date time settings     -   Internet Time  tab -  Change Settings    -  check the  Synchronise with an internet time server  option if it is unchecked -   from server dropdown select  times windows com  -  Update Now -  OK

User · Answer

This is a very obscure fault that WCF services throw  The issue is that WCF is unable to verify the security of the message that was passed to the service    This is almost always because of a server time skew  The remote server and the client s system time must be within  typically  10 minutes of each other  If they are not  security validation will fail   I d call eloqua com and find out what their server time is  and compare that to your server time

User · Answer

In my case the server time was not correct  So I changed the server Datetime settings to Set time automatically and it resolved the issue

User · Answer

If you are passing user credential from client  As per below code block   then it should match with the username password on server  otherwise you will get this error   FYI  in my case I am using  basicHTTPAuthentication  with  TransportWithMessageCredential  security mode  And the WCF service is hosted in IIS on https   var service   new TestService     service ClientCredentials UserName UserName    InvalidUser   service ClientCredentials UserName Password    InvalidPass     Hope this will help to someone

[c#] WCF gives an unsecured or incorrectly secured fault error

Examples related to c#

Examples related to wcf