SOAP Header not understood by .NET client when calling Webservice

Question

I've been trying to call a third-party webservice from a .NET client. I have had to set some custom headers for each request in order to adhere to their Authentication requirements.

I have used this answer in order for me to get the request header values to appear as so:

<?xml version="1.0" encoding="UTF-8"?>
<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/">
   <s:Header>
      <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" s:mustUnderstand="0">
         <wsse:UsernameToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="UsernameToken-2">
            <wsse:Username>Jimbob</wsse:Username>
            <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">P@ssword</wsse:Password>
         </wsse:UsernameToken>
      </wsse:Security>
   </s:Header>
   <s:Body>
   ...
   </s:Body>
</s:Envelope>

(I am doing this by setting the a custom <endpoint><headers /></endpoint> section in config)

I have inspected the request via Fiddler and it is sending the correct header values, and the webservice is returning expected results.

However, the client is throwing the following exception when it receives the result:

System.ServiceModel.ProtocolException : The header 'Security' from the namespace ' http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd ' was not understood by the recipient of this message, causing the message to not be processed. This error typically indicates that the sender of this message has enabled a communication protocol that the receiver cannot process. Please ensure that the configuration of the client's binding is consistent with the service's binding.

The relevant part of the repsonse (from Fiddler) is this:

<?xml version="1.0" encoding="UTF-8"?>
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
   <soap:Header>
      <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" soap:mustUnderstand="1">
         <wsse:UsernameToken wsu:Id="UsernameToken-371676">
            <wsse:Username>SOMEUSERTOKEN</wsse:Username>
            <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">SOMEUSERTOKEN</wsse:Password>
         </wsse:UsernameToken>
      </wsse:Security>
   </soap:Header>
   <soap:Body>
   ...
   <soap:Body>
</soap:Envelope>

Basically I'm now lost. I presume I need to perform some sort of message inspection to flag that header as understood, but it does seem quite a lot of heavy lifting just to interpret a result (which I'm already getting from the webservice).

Any help is much appreciated.

Answer 1

If you just want to do the authentication , I did used the following code for my c# console application and it worked. I used this code in the config file though under <system.serviceModel> -> <client> -> <endpoint>

<headers>
  <wsse:Security mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" >
     <wsse:UsernameToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
        <wsse:Username>SOMEUSERTOKEN</wsse:Username>
        <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">SOMEUSERTOKEN</wsse:Password>
     </wsse:UsernameToken>
  </wsse:Security>
</headers>