An error occurred when verifying security for the message

戏子无情 提交于 2019-11-28 22:54:48

I was getting this same error message and it turned out to be due to a time difference between my workstation machine and the server hosting the WCF service. The server was about 10 minutes behind my machine and WCF security doesn't seem to like that very much.

To find the root problem I turned on serviceSecurityAuditing in the server's config file. Add the following to the configuration/system.serviceModel/behaviors/serviceBehaviors/behavior section for your service:

<serviceSecurityAudit 
    auditLogLocation="Application" 
    serviceAuthorizationAuditLevel="Failure" 
    messageAuthenticationAuditLevel="Failure" 
    suppressAuditFailure="true"/>

The following site was helpful in figuring this out:

http://blogs.microsoft.co.il/blogs/urig/archive/2011/01/23/wcf-quot-an-error-occurred-when-verifying-security-for-the-message-quot-and-service-security-audit.aspx

Another cause of this message is when some of your machines are not synchronized in time. WCF, by default, allows a five-minute gap; beyond this, it throws an error if things are out of synch.

The solution is to synch all your machines. time.windows.com is notorious for not working, so I suggest using something else. (If you're in a corporate environment, a local domain controller may be the correct choice here.)

This ended up being an problem on the consuming side, not with the service itself. Software AG's webMethods 8 was consuming this server but there was no Security Handler added to the service so the credentials were not being added to the header thus resulting the in the aforementioned error.

I was getting the same error on my IIS 7.5 server. I forgot to add Read permission on the certificate's private key to the app pool virtual account (e.g. IIS AppPool\ASP.NET v4.0).

For info, whilst testing various combinations of accounts and permissions, I noticed that the app pool needed to be recycled to lose access to the key, once it had been retrieved once.

(0x80131501 - An error occurred when verifying security for the message.)

I was getting the same error and none of the above help for me.

I finally tracked it down to connectionStrings in a parent web.config (my service was deployed to a child application to an admin site).

Yes sounds ridiculous, but as soon as I wrapped the connection strings in the parent web.config with a location element all started working.

For clarity, in parent web.config, I changed this

<connectionStrings>
    <add name="..." />
</connectionStrings>

to this

<location path="." inheritInChildApplications="false">
    <connectionStrings>
        <add name="..." />
    </connectionStrings>
</location>

Note this error also resulted in this very unhelpful serviceSecurityAudit log message:

Message authentication failed.
Service: ...
Action: http://schemas.xmlsoap.org/ws/2005/02/trust/RST/SCT
ClientIdentity:
ActivityId:
ArgumentNullException: Value cannot be null.
Parameter name: manager

I was getting the same error. I forgot to add Read permission on the membership database aspnetdb to the (IIS APPPOOL\DefaultAppPool).

Message authentication failed. Service:....

Action: http://schemas.xmlsoap.org/ws/2005/02/trust/RST/SCT

ClientIdentity:

ActivityId:

SqlException: Cannot open database "aspnetdb" requested by the login. The login failed.

Login failed for user 'IIS APPPOOL\DefaultAppPool'.

I had a similar issue. I was building my datetime formatted strings using my local time, but my service/server was expecting GMT.

I needed to get the GMT time (JAVA):

final Date currentTime = new Date();    
final SimpleDateFormat sdf = 
new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss'.000Z'");
sdf.setTimeZone(TimeZone.getTimeZone("GMT"));
System.out.println(sdf.format(currentTime));

The username and password is the server you connection,not your system login username and password.

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!