Skip to main content

WCF ERROR - An unsecured or incorrectly secured fault was received from the other party

By

Error  :  “An unsecured or incorrectly secured fault was received from the other party. See the inner FaultException for the fault code and detail”.
 We  got above security while accessing the WCF service deployed on our Development server

Cause  : This type of error we normally receive because of a server time skew. The remote server and the client's system time must be within (typically) 5 minutes of each other. If they are not, security validation will fail and WCF service will throw security error. The Development serve and client time difference was 10mins and Hence the service was throwing an error related to security.


Solution :
We just  have updated the server time same as client machine and then it started working.


Message security mechanism in WCF supports WS-SecurityConversation standard, which consists of establishing a session between client and server. A special request should be sent for a session to be established before any other calls. This results in getting a security token which will be used for subsequent calls. SecurityConversation mechanism has a very bad side effect - the success of conversation depends on difference between client and server system time. By default an acceptable skew between client and server is 5 minutes. If the skew is bigger than a call completes with an error. If system time on client isn't being synchronized with server then we can get (and actually get) a situation when our application stops working suddenly and start giving security related exception.

http://techblog.dorogin.com/2011/10/wcf-and-difference-of-time-of-client.html
http://msdn.microsoft.com/en-us/library/aa738468.aspx
Labels:

Comments

Post a Comment

Popular posts from this blog

WCF MaxReceivedMessageSize max value in .config

By
MaxReceivedMessageSize parameter in binding config   file:   For max file size in WCF, we need to set following parameter in binding files. <binding name="MyService"        maxReceivedMessageSize="2147483647"        maxBufferSize="2147483647" transferMode="Streamed" >        <readerQuotas maxDepth="2147483647" maxStringContentLength="2147483647"      maxArrayLength="2147483647" maxBytesPerRead="2147483647" maxNameTableCharCount="2147483647"/> <!-- other binding info here, such as security --> </binding> Max possible size: MaxReceivedMessageSize to 2147483647 (i.e. Int32.MaxValue), which is 2GB For our case, as we are using WsHttpBinding. <wsHttpBinding>         <binding name="wsHttpBindingSettings" maxReceivedMessageSize="2147483647">      ...
Post a Comment
Read more

Deploying Custom Pipeline Component on BizTalk Server (PROD)

By
Deploying Custom Pipeline Component on BizTalk Server: ·         Deploying BizTalk Custom Pipeline Component   on BizTalk Server 2006 or Older Version : To deploy the custom Pipeline component on BizTalk server 2006 or older version. We need to add the Custom Pipeline component in GAC as well as “ C:\Program Files (x86)\Microsoft BizTalk Server 2006\Pipeline Components ” folder.   At design time it will access the Pipeline component dll located in “….. Microsoft   BizTalk Server 2006\Pipeline Components ” folder and show the component in pipeline toolbox. At runtime the BizTalk will use the Custom Pipeline component from GAC. ·         Deploying BizTalk Custom Pipeline Component   on BizTalk Server 2006 R2 or New Version : To deploy the custom Pipeline component on BizTalk server 2006 R2 or later version. We need to add the Custom Pipeline component only in “C:\Pr...
12 comments
Read more

biztalk schema remove ns0 prefix

By
We can remove ns0 prefix simply by set the schema elements property or both elements and attributes properties to be qualified. To do that follow my steps: 1-       Open your schema 2-       Right Click <Schema> and select properties 3-       Use schema property editior and Set [Element FromDefult] to Unqualified , and then set [Attribute FromDefault] to Unqualified if you are using attributes in your schema. After applying the steps above, both XML instances below will be valid: Instance 1 (with ns0) < ns0:Root xmlns:ns0 = " http://RandomBizTalkProject.Schema1 " >   < Field1 > Field1_0 </ Field1 >   < Field2 > Field2_0 </ Field2 > </ ns0:Root > Instance 2 (without ns0) < Root xmlns = " http://RandomBizTalkProject.Schema1 " >   < Field1 > Field1_0 </ Field1 >   < Field2 >...
Post a Comment
Read more