开发者

IBM DataPower 3.7.1.x issues with WCF clients

I'm trying to consume an IBM DataPower 3.7.1.x web service in WCF getting the following error message:

Cannot find a token authenticator for the 'System.IdentityModel.Tokens.X509SecurityToken' token type. Tokens of that type cannot be accepted according to current security settings.

The HTTP response is coming back as 200 and I can see the correct SOAP response while debugging it in Fiddler.

However, the WCF clients doesn'开发者_如何转开发t seem to know how to process the BinarySecurityToken element in the SOAP response.

Here is my WCF config:

  <bindings>
    <basicHttpBinding>
      <binding name="TestBinding">
        <security mode="TransportWithMessageCredential">
          <message clientCredentialType="Certificate" />
        </security>
      </binding>
    </basicHttpBinding>
  </bindings>

  <behaviors>
    <endpointBehaviors>
      <behavior name="TestBehavior">
        <callbackDebug includeExceptionDetailInFaults="true" />
        <clientCredentials>
          <clientCertificate storeLocation="LocalMachine" 
                             storeName="My" 
                             x509FindType="FindBySubjectName" 
                             findValue="test-cert"  />
          <serviceCertificate>
            <authentication certificateValidationMode ="PeerOrChainTrust" />
          </serviceCertificate>
        </clientCredentials>
      </behavior>
    </endpointBehaviors>
  </behaviors>

  <client>
     <endpoint  address="https://serviceURL"
                binding="basicHttpBinding"
                bindingConfiguration="TestBinding"
                behaviorConfiguration="TestBehavior"
                contract="ContraceGoesHere"
                name="ContraceNameGoesHere" />
  </client>

I've seen other people reporting similar problems both to Microsoft and IBM and there are some StackOverflow questions about it, however I haven't found a single solution that works.

Any help would be appreciated.


please publish the soap that you send, the one which comes back and your config.

also try to add this attribute:

<security allowSerializedSigningTokenOnReply="true" />

(as described here)


How to convert from Binding to Custom Binding:

http://webservices20.cloudapp.net/default.aspx

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜