SSL Breaks Message Inspector (WCF bug?)

125 Views Asked by Brent Arias At 20 October 2024 at 22:07

I have a custom message inspector that executes this line of code:

 public object AfterReceiveRequest(ref Message request, IClientChannel channel, InstanceContext instanceContext)
 {
     MessageBuffer contextPatch = request.CreateBufferedCopy(1024 * 128);
     ...
 }

The CreateBufferedCopy works fine when no security is enabled, but it throws an InvalidOperationException when SSL is configured. The exception claims that the Message request object is in the "Written" state. The configuration for all this is here:

  <serviceBehaviors>
    <behavior>
      <serviceCredentials>
        <clientCertificate>
          <authentication certificateValidationMode="PeerTrust" />
          <certificate findValue="sigtest.arbit.com" storeLocation="LocalMachine" storeName="My" x509FindType="FindBySubjectName" />
        </clientCertificate>
        <serviceCertificate findValue="sigtest.arbit.com" storeLocation="LocalMachine" storeName="My" x509FindType="FindBySubjectName" />
      </serviceCredentials>
      <serviceDebug includeExceptionDetailInFaults="false" />
      <serviceMetadata httpGetEnabled="false" httpsGetEnabled="true" />
      <serviceSecurityAudit auditLogLocation="Application" messageAuthenticationAuditLevel="Failure" serviceAuthorizationAuditLevel="Failure" suppressAuditFailure="true" />
      <endToEndLogging traceKeys="CorrelationId|correlationId" createDefaultRequestValue="false" />
    </behavior>
  </serviceBehaviors>

This seems to be a bug in WCF itself. That is, the Message request parameter should not be left (by SSL functionality?) in the "written" state. Thoughts?

In case it is relevant, a custom binding was used for SSL:

  <customBinding>
    <binding name="myCustomBinding">
      <security defaultAlgorithmSuite="Default" authenticationMode="MutualCertificateDuplex" enableUnsecuredResponse="true" requireDerivedKeys="false" securityHeaderLayout="Lax" includeTimestamp="true" messageProtectionOrder="EncryptBeforeSign" messageSecurityVersion="WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10" requireSignatureConfirmation="false" allowSerializedSigningTokenOnReply="true">
        <localClientSettings detectReplays="true" />
        <localServiceSettings detectReplays="true" />
      </security>
      <textMessageEncoding messageVersion="Soap11" />
      <transactionFlow />
      <httpsTransport />
    </binding>
  </customBinding>

Original Q&A

SSL Breaks Message Inspector (WCF bug?)

There are 0 best solutions below

Related Questions in C#

Related Questions in WCF

Related Questions in SSL

Related Questions in IDISPATCHMESSAGEINSPECTOR

Trending Questions

Popular # Hahtags

Popular Questions