Views: 6K
Replies: 0
Archived
|
Hosting on IIS 7.5 in Windows Server 2008R2: Security Token FailureHi,
I am attempting to host the Patterns in Action solution on IIS 7 on a Windows 2008 R2 Server (no domain) and the WinForms application keeps crashing when it tries to connect from a desktop machine (Windows 7 based, also no domain). The configuration change on the WinForms application was simply: <endpoint address="http://127.0.0.1:4753/ActionService.svc"... to <endpoint address="http://192.168.16.169:4753/ActionService.svc"The irony is that the WinForms application (with that IP address change) works just fine when it runs on the Windows Server machine that is hosting the WCF service, however, when it run from a different machine, it crashes even before showing the main form. I used Wireshark to see if there is communication between the client and the host machine and indeed there is. The conversation goes as follows: POST /ActionService.svc HTTP/1.1 Content-Type: application/soap+xml; charset=utf-8 Host: 192.168.16.169:4753 Content-Length: 1097 Expect: 100-continue Accept-Encoding: gzip, deflate HTTP/1.1 100 Continue <s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:a="http://www.w3.org/2005/08/addressing"> <s:Header> <a:Action s:mustUnderstand="1">http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue</a:Action> <a:MessageID>urn:uuid:c3dfcd17-3de8-4082-82c7-49b7efdd88dd</a:MessageID> <a:ReplyTo> <a:Address>http://www.w3.org/2005/08/addressing/anonymous</a:Address> </a:ReplyTo> <a:To s:mustUnderstand="1">http://192.168.16.169:4753/ActionService.svc</a:To> </s:Header> <s:Body> <t:RequestSecurityToken Context="uuid-44ddd784-6be9-43aa-9b62-cb78dc673fac-7" xmlns:t="http://schemas.xmlsoap.org/ws/2005/02/trust"> <t:TokenType>http://schemas.xmlsoap.org/ws/2005/02/sc/sct</t:TokenType> <t:RequestType>http://schemas.xmlsoap.org/ws/2005/02/trust/Issue</t:RequestType> <t:KeySize>256</t:KeySize> <t:BinaryExchange ValueType="http://schemas.xmlsoap.org/ws/2005/02/trust/spnego" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">TlRMTVNTUAABAAAAt4IY4gAAAAAAAAAAAAAAAAAAAAAGAbAdAAAADw==</t:BinaryExchange> </t:RequestSecurityToken> </s:Body> </s:Envelope> HTTP/1.1 200 OK Content-Length: 1108 Content-Type: application/soap+xml; charset=utf-8 Server: Microsoft-IIS/7.5 X-Powered-By: ASP.NET Date: Thu, 24 Jan 2013 08:39:21 GMT <s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:a="http://www.w3.org/2005/08/addressing"> <s:Header> <a:Action s:mustUnderstand="1">http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/Issue</a:Action> <a:RelatesTo>urn:uuid:c3dfcd17-3de8-4082-82c7-49b7efdd88dd</a:RelatesTo> </s:Header> <s:Body> <t:RequestSecurityTokenResponse Context="uuid-44ddd784-6be9-43aa-9b62-cb78dc673fac-7" xmlns:t="http://schemas.xmlsoap.org/ws/2005/02/trust" xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"> <t:BinaryExchange ValueType="http://schemas.xmlsoap.org/ws/2005/02/trust/spnego" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">TlRMTVNTUAACAAAAHAAcADgAAAA1gpriIt/Bc8QfrmEAAAAAAAAAAJAAkABUAAAABgGwHQAAAA9XAEkATgBTADIASwA4AEkATgBTAFQAQQBMAEwAAgAcAFcASQBOAFMAMgBLADgASQBOAFMAVABBAEwATAABABwAVwBJAE4AUwAyAEsAOABJAE4AUwBUAEEATABMAAQAHABXAEkATgBTADIASwA4AEkATgBTAFQAQQBMAEwAAwAcAFcASQBOAFMAMgBLADgASQBOAFMAVABBAEwATAAHAAgAO3yCTg76zQEAAAAA</t:BinaryExchange> </t:RequestSecurityTokenResponse> </s:Body> </s:Envelope> POST /ActionService.svc HTTP/1.1 Content-Type: application/soap+xml; charset=utf-8 Host: 192.168.16.169:4753 Content-Length: 1638 Expect: 100-continue Accept-Encoding: gzip, deflate HTTP/1.1 100 Continue <s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:a="http://www.w3.org/2005/08/addressing"> <s:Header> <a:Action s:mustUnderstand="1">http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/Issue</a:Action> <a:MessageID>urn:uuid:4efc2653-ffca-4adb-b0c3-154f2dd298bc</a:MessageID> <a:ReplyTo> <a:Address>http://www.w3.org/2005/08/addressing/anonymous</a:Address> </a:ReplyTo> <a:To s:mustUnderstand="1">http://192.168.16.169:4753/ActionService.svc</a:To> </s:Header> <s:Body> <t:RequestSecurityTokenResponse Context="uuid-44ddd784-6be9-43aa-9b62-cb78dc673fac-7" xmlns:t="http://schemas.xmlsoap.org/ws/2005/02/trust" xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"> <t:BinaryExchange ValueType="http://schemas.xmlsoap.org/ws/2005/02/trust/spnego" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">TlRMTVNTUAADAAAAGAAYAIwAAAA+AT4BpAAAABIAEgBYAAAAEAAQAGoAAAASABIAegAAABAAEADiAQAANYKY4gYBsB0AAAAPHtqMVkacaRJuk1ZGBRDvI0wAaQBnAGgAdABuAGkAbgBnAE0AYQBoAGEAcABlAGwAYQBMAEkARwBIAFQATgBJAE4ARwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACP65rHpDcuMnUBVr/tiGxmAQEAAAAAAAA7fIJODvrNASh80e3OFYhxAAAAAAIAHABXAEkATgBTADIASwA4AEkATgBTAFQAQQBMAEwAAQAcAFcASQBOAFMAMgBLADgASQBOAFMAVABBAEwATAAEABwAVwBJAE4AUwAyAEsAOABJAE4AUwBUAEEATABMAAMAHABXAEkATgBTADIASwA4AEkATgBTAFQAQQBMAEwABwAIADt8gk4O+s0BBgAEAAIAAAAIADAAMAAAAAAAAAAAAAAAADAAAN3DeyMG6WCo3V5+f0xSuCf+RR45EtIopV+4xJj9l7+jCgAQAAAAAAAAAAAAAAAAAAAAAAAJACYAaABvAHMAdAAvADEAOQAyAC4AMQA2ADgALgAxADYALgAxADYAOQAAAAAAAAAAAAAAAACEVGC1iENY2dPxs+CMDSud</t:BinaryExchange> </t:RequestSecurityTokenResponse> </s:Body> </s:Envelope> HTTP/1.1 500 Internal Server Error Content-Length: 641 Content-Type: application/soap+xml; charset=utf-8 Server: Microsoft-IIS/7.5 X-Powered-By: ASP.NET Date: Thu, 24 Jan 2013 08:39:21 GMT <s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:a="http://www.w3.org/2005/08/addressing"> <s:Header> <a:Action s:mustUnderstand="1">http://www.w3.org/2005/08/addressing/soap/fault</a:Action> <a:RelatesTo>urn:uuid:4efc2653-ffca-4adb-b0c3-154f2dd298bc</a:RelatesTo> </s:Header> <s:Body> <s:Fault> <s:Code> <s:Value>s:Sender</s:Value> <s:Subcode> <s:Value xmlns:a="http://schemas.xmlsoap.org/ws/2005/02/trust">a:FailedAuthentication</s:Value> </s:Subcode> </s:Code> <s:Reason> <s:Text xml:lang="en-ZA">The request for security token could not be satisfied because authentication failed.</s:Text> </s:Reason> </s:Fault> </s:Body> </s:Envelope> Additionally, the application seems to request a security token in code during startup. Do you reckon this token failure is part of WCF's own security token process or perhaps the security token that the application requests for during its startup? Mahapela Lebona, Jan 24, 2013
|