WCF gives an unsecured or incorrectly secured fault error

Question

I am trying to consume a remote svc web service. I created the proxy class using svcutil.exe, and after that I\'ve added that class to my console application, b

Answer 1

In my case, it was a setting on the IIS application pool.

Select the application pool --> Advanced Settings --> Set 'Enable 32 Bit Applications' to True.

Then recycle the application pool.

Answer 2

This is a very obscure fault that WCF services throw. The issue is that WCF is unable to verify the security of the message that was passed to the service.

This is almost always because of a server time skew. The remote server and the client's system time must be within (typically) 10 minutes of each other. If they are not, security validation will fail.

I'd call eloqua.com and find out what their server time is, and compare that to your server time.

Answer 3

Make sure your SendTimeout hasn't elapsed after opening the client.

Answer 4

Same this problem i am facing my client application is WinForms application C# 4.0

When i read the solution here, i checked Date & Time of client computer, but that was right and current time was showing, but still i was facing these problem.

After some work-around i found that wrong time zone has selected, i am in India and time zone was of Canada, the host server is located in Kuwait.

I found that system converts time to universal time.

When i changed the time zone to India's time zone, the problem was soled.

Answer 5

In my case, there are two problems that will throw this exception.

Note that, my environment uses Single Sign On (or STS if you prefer) to authenticate a user through ASP.NET MVC site. MVC site in turn makes a service call to my service endpoint by passing bearer token which it requested from STS server with Bootstrap token previously. The error I got was when I made a service call from MVC site.

1. The WCF service wasn't configured as a relying party in my SSO (or STS if you prefer).

2. Service's configuration wasn't configured properly. Particularly on audienceUris node of system.identityModel. It must exactly match the service endpoint url.

   <system.identityModel>
       <identityConfiguration>
           <audienceUris>
               <add value="https://localhost/IdpExample.YService/YService.svc" />
           </audienceUris>
           ....
       </identityConfiguration>
   </system.identityModel>
   

Answer 6

I was getting this error due to the BasicHttpBinding not sending a compatible messageVersion to the service i was calling. My solution was to use a custom binding like below

 <bindings>
  <customBinding>
    <binding name="Soap11UserNameOverTransport" openTimeout="00:01:00" receiveTimeout="00:1:00" >
      <security authenticationMode="UserNameOverTransport">
      </security>          
      <textMessageEncoding messageVersion="Soap11WSAddressing10" writeEncoding="utf-8" />
      <httpsTransport></httpsTransport>
    </binding>
  </customBinding>      
</bindings>