I'm trying to consume an IBM DataPower 3.7.1.x web service in WCF getting the following error message:
Cannot find a token authenticator for the 'System.IdentityModel.Tokens.X509SecurityToken' token type. Tokens of that type cannot be accepted according to current security settings.
The HTTP response is coming back as 200 and I can see the correct SOAP response while debugging it in Fiddler.
However, the WCF clients doesn'开发者_如何转开发t seem to know how to process the BinarySecurityToken element in the SOAP response.
Here is my WCF config:
<bindings>
<basicHttpBinding>
<binding name="TestBinding">
<security mode="TransportWithMessageCredential">
<message clientCredentialType="Certificate" />
</security>
</binding>
</basicHttpBinding>
</bindings>
<behaviors>
<endpointBehaviors>
<behavior name="TestBehavior">
<callbackDebug includeExceptionDetailInFaults="true" />
<clientCredentials>
<clientCertificate storeLocation="LocalMachine"
storeName="My"
x509FindType="FindBySubjectName"
findValue="test-cert" />
<serviceCertificate>
<authentication certificateValidationMode ="PeerOrChainTrust" />
</serviceCertificate>
</clientCredentials>
</behavior>
</endpointBehaviors>
</behaviors>
<client>
<endpoint address="https://serviceURL"
binding="basicHttpBinding"
bindingConfiguration="TestBinding"
behaviorConfiguration="TestBehavior"
contract="ContraceGoesHere"
name="ContraceNameGoesHere" />
</client>
I've seen other people reporting similar problems both to Microsoft and IBM and there are some StackOverflow questions about it, however I haven't found a single solution that works.
Any help would be appreciated.
please publish the soap that you send, the one which comes back and your config.
also try to add this attribute:
<security allowSerializedSigningTokenOnReply="true" />
(as described here)
How to convert from Binding to Custom Binding:
http://webservices20.cloudapp.net/default.aspx
精彩评论