WCF Exception - The 'Body', 'http://www.w3.org/2003/05/soap-envelope' required message part was not signed. Issue

Question

I'm running a WCF client locally that always throws a MessageSecurityException with the text: "An unsecured or incorrectly secured fault was received from the other party. See the inner FaultException for the fault code and detail."

The Inner Exception Message Is: "An error occurred when verifying security for the message"

I set up a trace and in that file I can see the "inner inner" exception message as: "The 'Body', 'http://www.w3.org/2003/05/soap-envelope' required message part was not signed. "

The bindings all match perfectly between the client and the service with them all using netTcpBinding with the securityMode="Message".

The ServiceContract decorating the interface behind the service is:

 [ServiceContract(ProtectionLevel = ProtectionLevel.None)]

What could be causing my errors? I'm no WCF expert so I if you need anymore information just comment. Any ideas on what to try would be helpful too, I just have no idea whats going on here.

Answer 1

By default, all messages are signed and encrypted in WCF, and why on earth would you ever want to turn that off??

So in this case, most likely, your client has encrypted and signed the message, but the server doesn't understand it because of your attribute on the service contract.

My recommendation: unless you have a very compelling reason, never tamper and change those settings - just forget about that attribute on your service and leave the defaults:

[ServiceContract(ProtectionLevel = ProtectionLevel.EncryptAndSign)]

or

[ServiceContract]

If you really have to turn it off, you need to turn it off on both sides of the conversation - both the client and the server must agree on whether or not messages are encrypted and signed.

Marc