How to configure custom binding to consume this WS secure Webservice using WCF?

Question

Hello all,

I'm trying to configure a WCF client to be able to consume a webservice that returns the following response message:

Response message

<env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:ns0="http://myservice.wsdl"&gt;
  <env:Header>
    <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:env="http://schemas.xmlsoap.org/soap/envelope/" env:mustUnderstand="1" />
  </env:Header>
  <env:Body>
    <ns0:StatusResponse>
      <result>
        ...
      </result>
    </ns0:StatusResponse>
  </env:Body>
</env:Envelope>

To do this, I've constructed a custom binding (which doesn't work). I keep getting a "Security header is empty" message.

My binding:

<customBinding>
    <binding name="myCustomBindingForVestaServices">
      <security authenticationMode="UserNameOverTransport"
            messageSecurityVersion="WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11"
            securityHeaderLayout="Strict"
            includeTimestamp="false"
            requireDerivedKeys="true">
      </security>
      <textMessageEncoding messageVersion="Soap11" />
      <httpsTransport authenticationScheme="Negotiate" requireClientCertificate ="false" realm =""/>
    </binding>
  </customBinding>

My request seems to be using the same SOAP and WS Security versions as the response, but use different namespace prefixes ("o" instead of "wsse"). Could this be the reason why I keep getting the "Security header is empty" message?

Request message

<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"&gt;
  <s:Header>
    <o:Security s:mustUnderstand="1" xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"&gt;
      <o:UsernameToken u:Id="uuid-d3b70d1f-0ebb-4a79-85e6-34f0d6aa3d0f-1">
        <o:Username>user</o:Username>
        <o:Password>pass</o:Password>
      </o:UsernameToken>
    </o:Security>
  </s:Header>
  <s:Body>
    <getPrdStatus xmlns="http://myservice.wsdl"&gt;
      <request xmlns="" xmlns:a="http://myservice.wsdl" xmlns:i="http://www.w3.org/2001/XMLSchema-instance"&gt;
        ...
      </request>
    </getPrdStatus>
  </s:Body>
</s:Envelope>

How do I need to configure my WCF client binding to be able to consume this webservice?

Any help greatly appreciated!

Sander

Answer 1

It seems my problem is addressed in the following kb article: http://support.microsoft.com/kb/971493/

Haven't been able to download the fix yet, because no download link seems to be available... Will keep this thread updated.