Geek Answers Handbook

WCF error - security processor could not find security header in message

I get what now appears as a security error in my WCF service. Initially, my error was falted (removed using the client proxy to clear this error), but found more information by enabling tracing.

I was not able to run my solution after detecting this error, and even my backup now gets the same error. I'm not sure what caused this, I canceled the changes made (nothing related to WCF) and still get the same error.

Trace Error - System.ServiceModel.Security.MessageSecurityException: The security processor could not find the security header in the message. This may be due to the fact that the message is an unsecured error or because there is a connecting mismatch between the communicating parties. This can happen if the service is configured for security and the client is not using security.

I'm not quite sure what I need to do to fix this, any help would be helpful. The application previously worked.

+6
c # wcf wcf-security
source share
3 answers

Perhaps your problem is with this thread:

WCF Service Errors After Installing WindowsXP Updates

0
source share

Despite the binding mismatch, you can get WCF to work by setting


security enableUnsecuredResponse = true

Below is an example of code that you can use to compare with your own settings ...

<security enableUnsecuredResponse="true" authenticationMode="MutualCertificateDuplex" defaultAlgorithmSuite="TripleDesRsa15" includeTimestamp="false" messageSecurityVersion="Default" > <issuedTokenParameters defaultMessageSecurityVersion="Default"> <issuer address="" binding="" bindingConfiguration=""> <identity> <certificateReference storeLocation="CurrentUser" x509FindType="FindBySerialNumber" findValue="0b 8d a9 18 59 65 36 b9 de 65 8b 21 ba 6c ab cc" isChainIncluded="true" /> </identity> </issuer> </issuedTokenParameters> </security>
+6
source share

If you want to avoid configuring custom bindings, you can get a link to the current basicHttpBinding, create a custom binding from it, and enable the EnabledUnsecuredResponse property:

  //client is a reference to your gerenated proxy client class var elements = client.Endpoint.Binding.CreateBindingElements(); elements.Find<SecurityBindingElement>().EnableUnsecuredResponse = true; client.Endpoint.Binding = new CustomBinding(elements);
+5
source share

More articles:


All Articles