.NET Tutorials, Forums, Interview Questions And Answers
Welcome :Guest
Sign In
Win Surprise Gifts!!!

Top 5 Contributors of the Month
Gaurav Pal
Post New Web Links

How to properly create SOAP Request that has x509 signed message body and unsigned usernameToken

Posted By:      Posted Date: October 04, 2010    Points: 0   Category :WCF



I'm trying to  create a .NET client that will consume AXIS WS.

Request should be signed (using x509 Signature) and after this usernametoken profile 1.0 should be attached.

Using SOAP-UI I can create Outgoing Security Policy with few steps described below:

1) Define keystore

2) Add WSS Signature entry and mark key identifier type as X509 Certificate or Binary Security Token

3) Add WSS Username entry

The order is important.

I cannot recreate SOAP request that would generate valid response.

I got "The signature or decryption was invalid" most of the time.

Here is valid SOAP Request from SOAP-UI:


 <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:user="http://users.api.swd.zbp.pl" 

View Complete Post

More Related Resource Links

Sign outgoing client request SOAP body with WSE 3.0



We currently have the code in WCF to sign the outgoing client requests' SOAP Body, however we need the same code for use with WSE 3.0.  I can't find any examples of this.  

Is it possible?  If so, does anyone have an example?

Thank you,

view soap request message


I am consuming a .net 2.0 webservice from a class library and calling this class from a web page form . When a user inputs and saves the data in the form it will call the class and inturn send the user inputted data over webservice. I want to view the Soap messages like request and response going from my dll to the webservice. I tried fiddler but with no luck. So I created a class mentioned here: http://msdn.microsoft.com/en-us/library/system.web.services.protocols.soapextension(v=VS.90).aspx

and added the in the dll.config file like this and it was also of no help. By the way the end webservice is https not http.




        <add type="SoapTrace.TraceExtension" priority="2" group="High" />





Any pointers are greatly appreciated, thanks in advance

How to manipulate both envelpe and body of soap message


Can you please help to manipulate the both envelope and body of SOAP message. I am using MessageInspector and in the BeforeSendRequest method,  i have a request like that.

<s:Envelope xmlns:a="http://www.w3.org/2005/08/addressing" xmlns:s="http://www.w3.org/2003/05/soap-envelope">
    <a:Action s:mustUnderstand="1">http://www.aaaa.com/IServices/Method</a:Action>
    <Method xmlns="http://www.aaaa.com">
After manipulation i want to create a Message wwhic will have following XML:

<s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:a="http://www.w3.org/2005/08/addressing" xmlns:SOAP-SEC="http://schemas.xmlsoap.org/soap/security/2000-12">
		<a:Action s:mustUnderstand="1">http://www.aaaa.com/IServices/Method</a:Action>

Urgent: help needed signing a SOAP 1.1 Message's Body+Timestamp, and send over SSL



I have a deadline that is about to whoosh by having underestimated how tricky this would turn out to be.



  • SOAP 1.1
  • WS-Security for timestamp and signing
  • signature has to be single signature made from 2 elements: body + timestamp
  • Asymmetric Algorithm: SHA1
  • Key algorithm: RSA 
  • sent over SSL
  • client has to authenticate to server via cert with well known CN=
  • Server is not .NET but Weblogic, with policies that cannot be changed.

Basically, a secure (SSL) based transport, with signing to protect against tampering as well as replay.



Seemed like a good choice at first as it has WS-Security built in.After setting up a behavior that defines client and server certs setting binding/  

Unfortunately wsHttpBinding creates a signature from too many elements in the message (Body, Action, RelatesTo, Timestamp).

There is no apparent way of controlling what gets selected as an element of the signature.  

For example: as the ws-Security headers (Timestamp, etc.) are not part of the proxy Request message class definition, and are added/injected somewhere down the line, and are no

create user wizard login error message dont show in a message box?




i am using create user wizard and capturing other information within content template when a new user

registers. Some of the textboxes are binded to required field validators.


there is a validation control on the page and ShowMessage box is True.

If they dont complete some of the text boxes then the message box pops Up with the error message.

It does not however include information errors like "User already exists" or Email address already exists

from the create user wizard membership  UserName and Password Textboxes


is it possilbe to hook all of these up so I get one message box with all errors including membership ones?




Secure It: WS-Security and Remoting Channel Sinks Give Message-Level Security to Your SOAP Packets


As more organizations adopt XML-based Web Services, the need for message-level security has become evident. WS-Security, now supported in the Microsoft .NET Framework, addresses this need. Using the WS-Security framework, developers can implement channel sinks to intercept Remoting messages as they pass through the .NET Remoting infrastructure. The sink can read the message, change it, and pass it along. During this process, the message can be signed for added security. This article explains how to implement a Remoting channel sink that will modify the Remoting message by including a UserName token in the header, then sign the body using the token.

Neeraj Srivastava

MSDN Magazine November 2003

DIME: Sending Files, Attachments, and SOAP Messages Via Direct Internet Message Encapsulation


Direct Internet Message Encapsulation (DIME) is a new specification for sending and receiving SOAP messages along with additional attachments, like binary files, XML fragments, and even other SOAP messages, using standard transport protocols like HTTP. In this article, the author explains what DIME is and how it differs from MIME encapsulation. A detailed description of the message format and how it is parsed, as well as working with SOAP and extending it with WSDL, is also included.

Jeannine Hall Gailey

MSDN Magazine December 2002

need regular expression to get message body

I have text like this: <tr class="NormalRow_Small"> <td colspan=2>&nbsp;</td> <td colspan=3> </td> </tr> <tr class="NormalRow_Small"> <!--description--> <td colspan="5"> <font size="2">Hi All,<div><!br /></div><div>I'm glad to introduce ...</div><div><!br /></div><div>Actually we already have ... <font size=1>(see link for full text)</font></font><br> <font size="1"> </td> </tr> <tr> <td colspan=5><hr /></td> </tr>   I want to get bold text, please help me.   Thanks, Alex.

How to Add Custom SOAP Headers Into The Server Response Message in WSE3.0?

Hi Dear All, Assuming I am the service provider, may i know how many ways are there to insert a custom header into the server response message? So far I tried several ways, and it can be done in custom SoapFilters (by playing with SOAPEnvelope object), and SoapExtension (SOAPMessage object). Just wondering if this could be done at web service class by specifying a SOAPHeader attribute, just like adding a SOAPHeader into the SOAP request message at consumer side? If can, it might be much smarter than SoapFilter and SoapExtension.   Thanks in advance!   Best Regards, Charles

sending xml inside a soap request with HttpWebRequest

Im trying to send some xml inside a soap request to a webservice using the HttpWebRequest class.  I know this isnt the best way, but my hands are tied by company policy so i have to do it this way.  My webmethod has an input parameter  "SourceXML"  so my soap request has this node<SourceXML></SourceXML>I need to insert the xml in this node but whenver I insert it and try to send it to my web method I get an error "400 bad request"Is this even possible ?  I need to insert the xml as a string literal and read it in the web methodStringBuilder sb = new StringBuilder(_soapEnv); -- soap enevlope template containing the SourceXML node sb.Insert(sb.ToString().IndexOf("</SourceXML>"), the xml I want to insert in the node); sendmessage(url, webmethod, sb.ToString()) -- send the message to the webserviceIf I put plain text in the string builderegsb.Insert(sb.ToString().IndexOf("</SourceXML>"), "this is a test");everything works ok, but as soon as i put some xml in it fails. Am I going about this in the right way ?basically my webmethod will have 2 input parameters, some xml and an object, but I just cant get it to work. Can anyone help ?

Work with SOAP requests via Raw request

I will handle SOAP requests via IHttpRequest. What best way to work with raw SOAP requests (mean how desearialize etc)?

Need help in reading Soap request and response on invoking WCF client assembly

Hi All,   I'm new to WCF and i'm using .Net 3.5. I have created a library from the proxy class generated through svcutil. I'm able to succesfully invoke service methods. I was wondering how to capture the request and response soap xmls so that i could render it on browser. If you have any code piece for this kind of problem please share it with me. Regards, Rahul

Seeing the SOAP request sent from a Web Service Client/Consumer

Hello, I am building a web service consumer in C# in VS2010.  Using the provided WSDL, I need to build appropriate headers and use certificates, SSL (user name & pass), & WS security.  I am getting an error from the webservice side, specifically processing the <wsse:Security> header. Is it possible for me to see the exact request I am sending to the Webservice? I'd like to see the values of the pieces of the header that get put in and such. Is it possible to have human readable serialization of what's being passed in right before the error? Thank You

ws-addressing 'Action' required message part not signed exception

I have a WCF client calling a Java-based service. The service vendor is supporting WCF clients. The WCF client binding uses authenticationMode="MutualCertificate", messageVersion="Soap11WSAddressing10" and the message is signed and encrypted (SignBeforeEncrypt). WCF, in this case, is automatically signing all the ws-addressing ( <Action>, <MessageID> and <To> ) headers. The message gets to the service and comes back with what appears to be valid encrypted data in the response BUT the client is throwing a "The 'Action', 'http://www.w3.org/2005/08/addressing' required message part was not signed" exception (mscorlib). Questions: Is there a way to NOT sign the ws-addressing headers in the request message while still using both signing and encryption (X.509 certs)? If the client DOES sign the ws-addressing headers in the request, is there a way to configure WCF to accept UNsigned ws-addressing headers in the response? If the answer is NO on both questions, I guess I will have to ask the service vendor to sign the ws-addressing headers in the response. Thanks.

Query Correlation faliure using custom Request/Reply Message Contract classes.

Hi,I have a service which is correlated by a Guid query. When I'm using designer created Message Content/Parameters feature for message definition, everithing working lika a charm. But If I define custom [MessageContract] Request/Reply classes (where request class has Guid SvcUID property for correlation), and choose'em as Message Content in the designer with proper CorrelatesOn definition of course, I have got a service exception about correlation query faliure. Have you folks tried to apply your custom [MessageContract] classes for correlated communication?

Signing The Body of a Web Service Request (From Client)

Hello, I attempting to consume a webservice, which has numerous security factors, one of which is SSL. I am using WS-Security and attempting to sign the body of my request.  Right now it is only currently signing the timestamp and to: (endpoint).  I've been scouring the forums, but seem to come to a dead end with threads dying off... http://social.msdn.microsoft.com/Forums/en-US/wcf/thread/034f71cd-408e-447c-a95c-e0cf4baa5742 I'm assuming I will have to modify the reference.cs file or maybe even the WSDL, but here's some of the code I've done for the binding..is this on the right track? WSHttpBinding myBinding = new WSHttpBinding(); myBinding.Security.Mode = SecurityMode.TransportWithMessageCredential; myBinding.Security.Message.ClientCredentialType = MessageCredentialType.Certificate; myBinding.Security.Message.NegotiateServiceCredential = false; myBinding.Security.Message.EstablishSecurityContext = false;

"The Server could not complete your request" on trying to connect to a site or create a new site wit

I am trying out SharePoint Designer 2010 on windows 2008 with SharePoint 2010 beta installed. When I try to connect to a site or create a new site I get the error: "The server could not complete your request.  For more specific information, click the Details button." When I clicked the Details button it says "Object moved" on one line then on the next it says "Object moved to here". I wanted to see the new workflow stuff but I cannot connect to a site.
ASP.NetWindows Application  .NET Framework  C#  VB.Net  ADO.Net  
Sql Server  SharePoint  Silverlight  Others  All   

Hall of Fame    Twitter   Terms of Service    Privacy Policy    Contact Us    Archives   Tell A Friend