Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

WCF-Custom binding issues

48 views
Skip to first unread message

Ryan CrawCour

unread,
Nov 4, 2008, 2:31:31 PM11/4/08
to
Hi All,

We have a WCF service using some custom binding stuff which we're
hooking an orch up to; so we've gone with the WCF-Custom adapter.

We're signing (not encrypting) all messages going to the service.
The service gets the request fine, signed correctly, processes the
request and sends the response.
When Bts gets the response it logs the following;

The adapter failed to transmit message going to send port
"SP_ExampleService_CustomSecure" with URL "http://ComputerName/
ExampleService.Host/MyService.svc". It will be retransmitted after the
retry interval specified for this Send Port.
Details:"System.ServiceModel.Security.MessageSecurityException: The
'Body', 'http://www.w3.org/2003/05/soap-envelope' required message
part was not encrypted.

Why is it expecting the body part to be encrypted?
How do I tell it to Sign only and not EncryptAndSign, which is what I
assume it is trying to do.

The call to the service from a simple .NET console app works fine, and
I've imported that config into the WCF-Custom adapter. So somehow,
somewhere Bts seems to default to EncryptAndSign.

I've even tried setting the Transport level protection on the message
to Sign and it didn't seem to make a difference.

Anybody got any ideas?

Paul Somers[MVP]

unread,
Nov 5, 2008, 3:52:00 AM11/5/08
to
I think in bts you select NONE, as the encryption and on the wcf service its
sign only.

It's been over a year since I got this to work, now we just use the
templates, so it's not fresh in my mind, if you don't come right ping me a
mail and i'll look up some of the code i used.

Paul.

"Ryan CrawCour" <ryancr...@gmail.com> wrote in message
news:b956ee0c-3b1b-4003...@j40g2000prh.googlegroups.com...

Ryan CrawCour

unread,
Nov 17, 2008, 9:59:33 PM11/17/08
to
On Nov 5, 9:52 pm, "Paul Somers[MVP]" <p...@somers.com> wrote:
> I think in bts you select NONE, as the encryption and on the wcf service its
> sign only.
>
> It's been over a year since I got this to work, now we just use the
> templates, so it's not fresh in my mind, if you don't come right ping me a
> mail and i'll look up some of the code i used.
>
> Paul.
>
> "Ryan CrawCour" <ryancrawc...@gmail.com> wrote in message

>
> news:b956ee0c-3b1b-4003...@j40g2000prh.googlegroups.com...
>
>
>
> > Hi All,
>
> > We have a WCF service using some custom binding stuff which we're
> > hooking an orch up to; so we've gone with the WCF-Custom adapter.
>
> > We're signing (not encrypting) all messages going to the service.
> > The service gets the request fine, signed correctly, processes the
> > request and sends the response.
> > When Bts gets the response it logs the following;
>
> > The adapter failed to transmit message going to send port
> > "SP_ExampleService_CustomSecure" with URL "http://ComputerName/
> > ExampleService.Host/MyService.svc". It will be retransmitted after the
> > retry interval specified for this Send Port.
> > Details:"System.ServiceModel.Security.MessageSecurityException: The
> > 'Body', 'http://www.w3.org/2003/05/soap-envelope'required message
> > part was not encrypted.
>
> > Why is it expecting the body part to be encrypted?
> > How do I tell it to Sign only and not EncryptAndSign, which is what I
> > assume it is trying to do.
>
> > The call to the service from a simple .NET console app works fine, and
> > I've imported that config into the WCF-Custom adapter. So somehow,
> > somewhere Bts seems to default to EncryptAndSign.
>
> > I've even tried setting the Transport level protection on the message
> > to Sign and it didn't seem to make a difference.
>
> > Anybody got any ideas?- Hide quoted text -
>
> - Show quoted text -

Tried that. didn't seem to work.
The thing that confuses me is that Bts is acting as the client in this
case. the send goes through properly and the service doesn't complain.
then when the response comes back from the service, Bts complains
about it not being encrypted.

Are you talking about setting NONE on the WCF.TransportProtectionLevel
message context property, or on the WCF-Custom binding config? Or is
it a behavior thing that we need to set on the client somehow?

below is my WCF-Custom config. not that it helps much cause there
doesn't appear to be too much in there.

<?xml version="1.0" encoding="utf-8" ?>
- <configuration>
- <system.serviceModel>
- <client>
- <endpoint address="http://localhost:2884/EnrolmentService.svc"
behaviorConfiguration="EndpointBehavior" binding="customBinding"
bindingConfiguration="CustomBinding_IEnrolmentService"
contract="BizTalk"
name="WcfSendPort_EnrolmentService_CustomBinding_IEnrolmentService">
- <identity>
<certificate encodedValue="GAAAAAEAAAAQAAAAmPh2IZABkChaQNHB4j/
leRkAAAABAAAAEAAAAO/48g7tY/E5Llfg5zecnwQPAAAAAQAAABQAAABse9QP9lBljRnBI/
n7KoPdLtMxTgQAAAABAAAAEAAAAG8bRP1S39MSQJZhvXRN2ssUAAAAAQAAABQAAADFtZuku3S
+ybFIrfjypEC71ksslAIAAAABAAAADAEAABwAAACsAAAAAQAAAAAAAAAAAAAAAAAAAAEAAABlADkAOQBkADAAYwA3AGIAZAAyADgAMQBkAGYAYwA0ADIAYwBlADUAMQA1ADgANwBjAGYANABjAGMAYQBiADIAXwA5AGIAZQA2ADkANQA3ADEALQBiADEAZgAzAC0ANABiADcAOAAtAGIANwAwADAALQA4AGEAMwA4ADgAMwA0AGIAYQAyADYAZQAAAAAAAABNAGkAYwByAG8AcwBvAGYAdAAgAEUAbgBoAGEAbgBjAGUAZAAgAEMAcgB5AHAAdABvAGcAcgBhAHAAaABpAGMAIABQAHIAbwB2AGkAZABlAHIAIAB2ADEALgAwAAAAAAALAAAAAQAAACwAAABOAEkAUwAgAEYAcgBhAG0AZQB3AG8AcgBrACAAUwBlAHIAdgBpAGMAZQAAAAMAAAABAAAAFAAAAOuCWPGwapDRQMBS62wxE7T3sBGjIAAAAAEAAADWBwAAMIIH0jCCBrqgAwIBAgIKMwep
+QABAAACxTANBgkqhkiG9w0BAQUFADCBmzETMBEGCgmSJomT8ixkARkWA2NvbTESMBAGCgmSJomT8ixkARkWAmhwMRYwFAYKCZImiZPyLGQBGRYGYWRhcHBzMRYwFAYKCZImiZPyLGQBGRYGY2NvZGV2MRQwEgYKCZImiZPyLGQBGRYEbmlzMTEqMCgGA1UEAxMhTmF0aW9uYWwgSWRlbnRpZmljYXRpb24gU3lzdGVtIENBMB4XDTA4MTAzMTAyMDI0N1oXDTEwMTAzMTAyMTI0N1owgZ8xEzARBgoJkiaJk/
IsZAEZFgNjb20xEjAQBgoJkiaJk/
IsZAEZFgJocDEWMBQGCgmSJomT8ixkARkWBmFkYXBwczEWMBQGCgmSJomT8ixkARkWBmNjb2RldjEUMBIGCgmSJomT8ixkARkWBG5pczExDjAMBgNVBAMTBVVzZXJzMR4wHAYDVQQDExVOSVMgRnJhbWV3b3JrIFNlcnZpY2UwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALrN
+9G5+IfYg45zE3x8Gqy/EoJP7IrByML21gqS0l/scGSUD+AitOzikq5e5cLUZ4os
+lJ7gNKKUv+33/jIzC3z/eJWU9Rq0g+qlQH4z2XwAdReujoeYwwcvGZddboPRyg2ev/
cTqIE1Q6NQAvucEvQXU0g/chjW0ubbV6E/
Js1AgMBAAGjggSUMIIEkDALBgNVHQ8EBAMCBLAwRAYJKoZIhvcNAQkPBDcwNTAOBggqhkiG9w0DAgICAIAwDgYIKoZIhvcNAwQCAgCAMAcGBSsOAwIHMAoGCCqGSIb3DQMHMB0GA1UdDgQWBBTFtZuku3S
+ybFIrfjypEC71ksslDA9BgkrBgEEAYI3FQcEMDAuBiYrBgEEAYI3FQiCncA/hZ
+MCIbpmy2GuLkNhovaDBGHj9Amhp
+ofAIBZAIBBzAfBgNVHSMEGDAWgBTmaDdb4RO5LdDPd5+
+Fs3ffBSmnTCCAWgGA1UdHwSCAV8wggFbMIIBV6CCAVOgggFPhoHobGRhcDovLy9DTj1OYXRpb25hbCUyMElkZW50aWZpY2F0aW9uJTIwU3lzdGVtJTIwQ0EsQ049TklTREVWREMwMSxDTj1DRFAsQ049UHVibGljJTIwS2V5JTIwU2VydmljZXMsQ049U2VydmljZXMsQ049Q29uZmlndXJhdGlvbixEQz1uaXMxLERDPWNjb2RldixEQz1hZGFwcHMsREM9aHAsREM9Y29tP2NlcnRpZmljYXRlUmV2b2NhdGlvbkxpc3Q/
YmFzZT9vYmplY3RDbGFzcz1jUkxEaXN0cmlidXRpb25Qb2ludIZiaHR0cDovL25pc2RldmRjMDEubmlzMS5jY29kZXYuYWRhcHBzLmhwLmNvbS9DZXJ0RW5yb2xsL05hdGlvbmFsJTIwSWRlbnRpZmljYXRpb24lMjBTeXN0ZW0lMjBDQS5jcmwwggGMBggrBgEFBQcBAQSCAX4wggF6MIHdBggrBgEFBQcwAoaB0GxkYXA6Ly8vQ049TmF0aW9uYWwlMjBJZGVudGlmaWNhdGlvbiUyMFN5c3RlbSUyMENBLENOPUFJQSxDTj1QdWJsaWMlMjBLZXklMjBTZXJ2aWNlcyxDTj1TZXJ2aWNlcyxDTj1Db25maWd1cmF0aW9uLERDPW5pczEsREM9Y2NvZGV2LERDPWFkYXBwcyxEQz1ocCxEQz1jb20/
Y0FDZXJ0aWZpY2F0ZT9iYXNlP29iamVjdENsYXNzPWNlcnRpZmljYXRpb25BdXRob3JpdHkwgZcGCCsGAQUFBzAChoGKaHR0cDovL25pc2RldmRjMDEubmlzMS5jY29kZXYuYWRhcHBzLmhwLmNvbS9DZXJ0RW5yb2xsL05JU0RFVkRDMDEubmlzMS5jY29kZXYuYWRhcHBzLmhwLmNvbV9OYXRpb25hbCUyMElkZW50aWZpY2F0aW9uJTIwU3lzdGVtJTIwQ0EoMSkuY3J0MDMGA1UdJQQsMCoGCCsGAQUFBwMCBggrBgEFBQcDBAYKKwYBBAGCNwoDDAYIKwYBBQUHAwEwQQYJKwYBBAGCNxUKBDQwMjAKBggrBgEFBQcDAjAKBggrBgEFBQcDBDAMBgorBgEEAYI3CgMMMAoGCCsGAQUFBwMBMEgGA1UdEQRBMD
+gPQYKKwYBBAGCNxQCA6AvDC1uaXNmcmFtZXdvcmtzZXJ2aWNlQG5pczEuY2NvZGV2LmFkYXBwcy5ocC5jb20wDQYJKoZIhvcNAQEFBQADggEBAB9MCnD3cpWs
+I2fiIP90edE7w304W/oQUkU/OoVHtIwvZhu6/ZSoGAmnVPSw/
7jzIzk1FxzqwvEGGyz40cneAgPHzOzhYp4Rqcz0v
+iZz971Sm5THflEeMo56PPzRGoRZ87HdHYp3mtFbBw8aiMUbaNZAM/
ykwkX0eHwlLYx78jPyscZ4fx5hchTBPsRHo5jGIH27sN0UkkUNGiLHkxk2xHGTkd54Z4VlbWw0tBwTc68h
+nV4Eh9I6rvhPzKGiKyu0nQWDjb4o5s3H95nn9svlHXAWfhkg2epk/ydJ0No/
TVdJH4V9SVONKHFTFtbnKOAsP71boj8w90/59ilha/EE=" />
</identity>
</endpoint>
</client>
- <behaviors>
- <endpointBehaviors>
- <behavior name="EndpointBehavior">
- <clientCredentials>
<clientCertificate findValue="NIS Framework Agent"
x509FindType="FindBySubjectName" />
</clientCredentials>
</behavior>
</endpointBehaviors>
</behaviors>
- <bindings>
- <customBinding>
- <binding name="CustomBinding_IEnrolmentService">
- <security defaultAlgorithmSuite="Basic128Rsa15"
authenticationMode="MutualCertificate" requireDerivedKeys="false"
securityHeaderLayout="Lax" messageProtectionOrder="SignBeforeEncrypt"
messageSecurityVersion="WSSecurity10WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10">
<secureConversationBootstrap />
</security>
- <mtomMessageEncoding messageVersion="Soap12">
<readerQuotas maxDepth="32" maxStringContentLength="8192"
maxArrayLength="16384" maxBytesPerRead="4096"
maxNameTableCharCount="16384" />
</mtomMessageEncoding>
<httpTransport />
</binding>
</customBinding>
</bindings>
</system.serviceModel>
</configuration>

Ryan CrawCour

unread,
Nov 17, 2008, 10:00:30 PM11/17/08
to
On Nov 5, 9:52 pm, "Paul Somers[MVP]" <p...@somers.com> wrote:
> I think in bts you select NONE, as the encryption and on the wcf service its
> sign only.
>
> It's been over a year since I got this to work, now we just use the
> templates, so it's not fresh in my mind, if you don't come right ping me a
> mail and i'll look up some of the code i used.
>
> Paul.
>
> "Ryan CrawCour" <ryancrawc...@gmail.com> wrote in message

>
> news:b956ee0c-3b1b-4003...@j40g2000prh.googlegroups.com...
>
>
>
> > Hi All,
>
> > We have a WCF service using some custom binding stuff which we're
> > hooking an orch up to; so we've gone with the WCF-Custom adapter.
>
> > We're signing (not encrypting) all messages going to the service.
> > The service gets the request fine, signed correctly, processes the
> > request and sends the response.
> > When Bts gets the response it logs the following;
>
> > The adapter failed to transmit message going to send port
> > "SP_ExampleService_CustomSecure" with URL "http://ComputerName/
> > ExampleService.Host/MyService.svc". It will be retransmitted after the
> > retry interval specified for this Send Port.
> > Details:"System.ServiceModel.Security.MessageSecurityException: The
> > 'Body', 'http://www.w3.org/2003/05/soap-envelope'required message
> > part was not encrypted.
>
> > Why is it expecting the body part to be encrypted?
> > How do I tell it to Sign only and not EncryptAndSign, which is what I
> > assume it is trying to do.
>
> > The call to the service from a simple .NET console app works fine, and
> > I've imported that config into the WCF-Custom adapter. So somehow,
> > somewhere Bts seems to default to EncryptAndSign.
>
> > I've even tried setting the Transport level protection on the message
> > to Sign and it didn't seem to make a difference.
>
> > Anybody got any ideas?- Hide quoted text -
>
> - Show quoted text -

Not coming right, so if you could look up some of the code u used that
would be fantastic and most appreciated

Thanks
Ryan

0 new messages