WCF WsHttp Binding SOAPUI returns BadContextToken fault
My company has asked me to evaluate SmartBear products to see if we can automate our WCF (SOAP) testing and we have budget to pay for whatever licenses we need for test automation.
However, I cannot get it to work.
I have been using instructions from:
When I try to use SOAPUI to send a request to our endpoints I get a fault "BadContextToken".
<s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:a="http://www.w3.org/2005/08/addressing">
<s:Header>
<a:Action s:mustUnderstand="1">http://www.w3.org/2005/08/addressing/soap/fault</a:Action>
</s:Header>
<s:Body>
<s:Fault>
<s:Code>
<s:Value>s:Sender</s:Value>
<s:Subcode>
<s:Value xmlns:a="http://schemas.xmlsoap.org/ws/2005/02/sc">a:BadContextToken</s:Value>
</s:Subcode>
</s:Code>
<s:Reason>
<s:Text xml:lang="en-CA">The message could not be processed. This is most likely because the action 'http://tempuri.org/IMSCLinkService/GetLenderDetails' is incorrect or because the message contains an invalid or expired security context token or because there is a mismatch between bindings. The security context token would be invalid if the service aborted the channel due to inactivity. To prevent the service from aborting idle sessions prematurely increase the Receive timeout on the service endpoint's binding.</s:Text>
</s:Reason>
</s:Fault>
</s:Body>
</s:Envelope>
This is the binding in the web.config file:
<wsHttpBinding>
<binding name="wsHttpBinding" closeTimeout="00:10:00" openTimeout="00:10:00" sendTimeout="00:10:00" maxBufferPoolSize="2147483647" maxReceivedMessageSize="2147483647">
<readerQuotas maxArrayLength="2147483647" maxNameTableCharCount="2147483647" maxStringContentLength="2147483647" maxDepth="2147483647" maxBytesPerRead="2147483647"/>
<security mode="TransportWithMessageCredential">
<transport clientCredentialType="None"/>
<message clientCredentialType="Certificate"/>
</security>
</binding>
</wsHttpBinding>
This is the request I am sending:
<soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope" xmlns:tem="http://tempuri.org/">
<soap:Header/>
<soap:Body>
<tem:GetLenderDetails>
<!--Optional:-->
<tem:Request>
<!--Optional:-->
<tem:Data unitId="OHFP" posSystem="OTTO"/>
</tem:Request>
</tem:GetLenderDetails>
</soap:Body>
</soap:Envelope>
I have tried to set up "Outgoing WSS" with "Binary Security Token" with "Encryption" or "Signature" but I always seem to get the same result - I am unsure of how to determine the exact configuration I need to use.
Thanks
I found a workaround - so I wanted to share with anyone else struggling with WCF message security.
We simply created a new endpoint and binding in WCF that uses transport security (https) only. This is for our test environments only - not production - but in WCF it can be done using the web.config file.
1. added new binding in WsHttpBinding section
<wsHttpBinding> ... <binding name="wsHttpBindingTransport" closeTimeout="00:10:00" openTimeout="00:10:00" sendTimeout="00:10:00" maxBufferPoolSize="2147483647" maxReceivedMessageSize="2147483647"> <readerQuotas maxArrayLength="2147483647" maxNameTableCharCount="2147483647" maxStringContentLength="2147483647" maxDepth="2147483647" maxBytesPerRead="2147483647"/> <security mode="Transport"> <transport clientCredentialType="None"/> </security> </binding> </wsHttpBinding>
2. Added new endpoint in services section
<services> ... <endpoint address="/test" name="wsHttpBindingTransport" binding="wsHttpBinding" contract="MSC.WebServices.IMSCLinkService" bindingConfiguration="wsHttpBindingTransport"> <identity> <dns value="localhost"/> </identity> </endpoint> ... </services>
So we just need to add /test to the end of our existing URL - https://<url>/service.svc/test
Also, the WS-A "Add default wsa:To" checkbox needs to be checked - which is normal for WCF.
In SOAPUI it shows up as a new interface called wsHttpBindingTransport.