Skip to main content

WCF ERROR - An unsecured or incorrectly secured fault was received from the other party

By

Error  :  “An unsecured or incorrectly secured fault was received from the other party. See the inner FaultException for the fault code and detail”.
 We  got above security while accessing the WCF service deployed on our Development server

Cause  : This type of error we normally receive because of a server time skew. The remote server and the client's system time must be within (typically) 5 minutes of each other. If they are not, security validation will fail and WCF service will throw security error. The Development serve and client time difference was 10mins and Hence the service was throwing an error related to security.


Solution :
We just  have updated the server time same as client machine and then it started working.


Message security mechanism in WCF supports WS-SecurityConversation standard, which consists of establishing a session between client and server. A special request should be sent for a session to be established before any other calls. This results in getting a security token which will be used for subsequent calls. SecurityConversation mechanism has a very bad side effect - the success of conversation depends on difference between client and server system time. By default an acceptable skew between client and server is 5 minutes. If the skew is bigger than a call completes with an error. If system time on client isn't being synchronized with server then we can get (and actually get) a situation when our application stops working suddenly and start giving security related exception.

http://techblog.dorogin.com/2011/10/wcf-and-difference-of-time-of-client.html
http://msdn.microsoft.com/en-us/library/aa738468.aspx
Labels:

Comments

Post a Comment

Popular posts from this blog

WCF MaxReceivedMessageSize max value in .config

By
MaxReceivedMessageSize parameter in binding config   file:   For max file size in WCF, we need to set following parameter in binding files. <binding name="MyService"        maxReceivedMessageSize="2147483647"        maxBufferSize="2147483647" transferMode="Streamed" >        <readerQuotas maxDepth="2147483647" maxStringContentLength="2147483647"      maxArrayLength="2147483647" maxBytesPerRead="2147483647" maxNameTableCharCount="2147483647"/> <!-- other binding info here, such as security --> </binding> Max possible size: MaxReceivedMessageSize to 2147483647 (i.e. Int32.MaxValue), which is 2GB For our case, as we are using WsHttpBinding. <wsHttpBinding>         <binding name="wsHttpBindingSettings" maxReceivedMessageSize="2147483647">           <readerQuotas maxDepth="2147483647" maxStringContentLength
Post a Comment
Read more

biztalk schema remove ns0 prefix

By
We can remove ns0 prefix simply by set the schema elements property or both elements and attributes properties to be qualified. To do that follow my steps: 1-       Open your schema 2-       Right Click <Schema> and select properties 3-       Use schema property editior and Set [Element FromDefult] to Unqualified , and then set [Attribute FromDefault] to Unqualified if you are using attributes in your schema. After applying the steps above, both XML instances below will be valid: Instance 1 (with ns0) < ns0:Root xmlns:ns0 = " http://RandomBizTalkProject.Schema1 " >   < Field1 > Field1_0 </ Field1 >   < Field2 > Field2_0 </ Field2 > </ ns0:Root > Instance 2 (without ns0) < Root xmlns = " http://RandomBizTalkProject.Schema1 " >   < Field1 > Field1_0 </ Field1 >   < Field2 > Field2_0 </ Field2 > </ Root >
Post a Comment
Read more

Object Oriented Programming Concepts

By
OOP Basics Visual Basic was Object-Based, Visual Basic .NET is Object-Oriented , which means that it's a true Object-Oriented Programming Language . Visual Basic .NET supports all the key OOP features like Polymorphism , Inheritance , Abstraction and Encapsulation. It's worth having a brief overview of OOP before starting OOP with VB. Why Object Oriented approach? A major factor in the invention of Object-Oriented approach is to remove some of the flaws encountered with the procedural approach. In OOP, data is treated as a critical element and does not allow it to flow freely. It bounds data closely to the functions that operate on it and protects it from accidental modification from outside functions. OOP allows decomposition of a problem into a number of entities called objects and then builds data and functions around these objects. A major advantage of OOP is code reusability. Some important features of Object Oriented programming are as follows: Emphasis on
5 comments
Read more