WCF gives unprotected or incorrectly protected error error

This is a very obscure mistake that WCF services throw. The problem is that WCF cannot verify the security of the message that was sent to the service.

This is almost always due to server skew. The remote server and the client system time should be within (usually) 10 minutes of each other. If this is not the case, the security check will fail.

I would call eloqua.com and find out what they have on the server, and compare this with your server.

The same problem that I encountered with my client application is a WinForms C # 4.0 application

When I read the solution here, I checked the date and time of the client computer, but it was correct and the current time was showing, but still I ran into this problem.

After some workday, I found that the wrong time zone was selected, I am in India, and the time zone is in Canada, the host server is in Kuwait.

I found that the system converts time into universal time.

When I changed the time zone in the time zone of India, the problem was resolved.

If you transfer user credentials from the client (according to the code block below), it must match the username / password on the server. otherwise, you will get this error.

FYI, in my case I use "basicHTTPAuthentication" with the security mode "TransportWithMessageCredential". And the WCF service is hosted in IIS on https.

 var service = new TestService(); service.ClientCredentials.UserName.UserName = "InvalidUser"; service.ClientCredentials.UserName.Password = "InvalidPass"; 

Hope this helps someone ... :)

Try changing the security mode to "transport".

You have a mismatch between the security tag and the transport tag.

What is it worth? I also had this error and found that it was caused by the connection string in web services, where web.config is configured to connect to the wrong machine.

In my case, when I changed the wshttpbinding protocol from https to http , it started working.

In my case, I used certificates for authentication using the certificateValidationMode parameter set to "PeerTrust", and I forgot to install the client certificate in the Windows store (LocalMachine \ TrustedPeople) to make it a accepted server.

In most cases, this exception occurs when errors occur on the server, the most common of which is incorrect authentication database configuration or authentication. In my case, there was a different clock synchronization, make sure that both clients and servers have the same settings

Click "Time on the right side" → "Change time settings ..." → "Internet time" → Change settings ... → check the box "Synchronize with the Internet time server" if it is not installed → select "from the server drop-down list" times.windows.com "→ Update Now → OK

I also had this problem from the help desk, outdated, even with the server and client on the same computer. Running the "Update Service Reference" usually fixes this if it is a problem.

In my case, I was getting this error on the same machine, in my test client-server application. But this problem was resolved with the help of the Update Helpdesk.

• Tushar G. Valabalkar

Just for the sake of sharing ... I had a rare case that made me scratch my head for a few minutes. Even at a time when the skew solution was very accurate, and I solved this problem earlier, this time it was different. I was on a new Win8.1 machine, which I remember having a problem with the time zone, and I manually adjusted the time. Well, I kept getting an error, despite the fact that the time displayed on the server and the client only had a difference in seconds. What I did was activate the "summer save" (note that I am really in the summer, but when setting the time manually) in the "setting date and time" then went to the time section on the Internet and updated ... the time in my computer kept the same, but the error disappeared.

Hope this is helpful for everyone!

In my case, there are two problems that will throw this exception.

Please note that my environment uses Single Sign On (or STS if you want) to authenticate the user through the ASP.NET MVC site. The MVC site, in turn, calls a service call to my service endpoint, passing the media token that it requested from the STS server with the Bootstrap token earlier. The error I received is when I made a service call from the MVC site.

• The WCF service was not configured as a relying party in my SSO (or STS, if you prefer).

• The service configuration has not been configured properly. In particular, for the audience uris node for system.identityModel. It must exactly match the service endpoint URL.

   <system.identityModel> <identityConfiguration> <audienceUris> <add value="https://localhost/IdpExample.YService/YService.svc" /> </audienceUris> .... </identityConfiguration> </system.identityModel> 

Make sure your SendTimeout fails after opening the client.

Try the following:

 catch (System.Reflection.TargetInvocationException e1) String excType excType = e1.InnerException.GetType().ToString() choose case excType case "System.ServiceModel.FaultException" System.ServiceModel.FaultException e2 e2 = e1.InnerException System.ServiceModel.Channels.MessageFault fault fault = e2.CreateMessageFault() ls_message = "Class: uo_bcfeWS, Method: registraUnilateral ~r~n" + "Exception(1): " + fault.Reason.ToString() if (fault.HasDetail) then System.Xml.XmlReader reader reader = fault.GetReaderAtDetailContents() ls_message += " " + reader.Value do while reader.Read() ls_message += reader.Value loop end if case "System.Text.DecoderFallbackException" System.Text.DecoderFallbackException e3 e3 = e1.InnerException ls_message = "Class: uo_bcfeWS, Method: registraUnilateral ~r~n" + "Exception(1): " + e3.Message case else ls_message = "Class: uo_bcfeWS, Method: registraUnilateral ~r~n" + "Exception(1): " + e1.Message end choose MessageBox ( "Error", ls_message ) //logError(ls_message) return false 

I was getting this error because BasicHttpBinding did not send a compatible messageVersion to the service that I was calling. My solution was to use custom binding as shown below

  <bindings> <customBinding> <binding name="Soap11UserNameOverTransport" openTimeout="00:01:00" receiveTimeout="00:1:00" > <security authenticationMode="UserNameOverTransport"> </security> <textMessageEncoding messageVersion="Soap11WSAddressing10" writeEncoding="utf-8" /> <httpsTransport></httpsTransport> </binding> </customBinding> </bindings> 

I had to change SecurityMode to Message (WSHttpBinding) before it worked. those.

 _wcf = new ServiceRequestClient(new WSHttpBinding(SecurityMode.Message), new EndpointAddress(_wcfRequestServerAddress)); 

In my case, it was an IIS application pool setup.

Select application pool → Advanced Settings → Set Enable 32-bit Applications to True.

Then restart the application pool.