Hi,
I tried searching the web as well this forum before posting this question. As i didn't find answer anywhere, i'm posting it here.
I'm trying to interact with a transaction enabled WCF service from a transaction initiator WCF client. I've done all that is required to enable interoperable endpoint for WS-AT. when i run wsatconfig ./show command i get the following output:
WSAT enabled: True
DotNet port enabled: True
TCP port: 2372
Kerberos GACL:
NT AUTHORITY\Authenticated Users
Interop port enabled: True
HTTPS Port: 2373
Identity certificate: 04363965BA1912B17B2619E56861BADE30AA9ECE
Accepted certificates:
BDY5ZboZErF7JhnlaGG63jCqns4=
Default timeout: 60
Maximum timeout enabled: True
Maximum timeout: 3600
Tracing level: Warning
When the request message goes it has following entry in <RegistrationService> element (i've also provided full message below) I'm getting a "DIABLED" address
<RegistrationService>
<Address xmlns="http://schemas.xmlsoap.org/ws/2004/08/addressing">
https://narang/WsatService/Registration/Coordinator/Disabled/</Address>
<ReferenceParameters xmlns="http://schemas.xmlsoap.org/ws/2004/08/addressing">
<mstx:RegisterInfo>
<mstx:LocalTransactionId>e2bf7501-9f54-460a-ac0f-d4354b3928cc
</mstx:LocalTransactionId>
</mstx:RegisterInfo>
</ReferenceParameters>
</RegistrationService>
The communications happens successfully when both service as well as clients are WCF and transaction gets incremented in MSDTC also. However, when i try the same client with a WebSphere service, i get timeout error - that i feel is because of this DISABLED address.
I have some log messages from earlier samples - this address used to be
<Address xmlns="http://schemas.xmlsoap.org/ws/2004/08/addressing">https://dpae12w170d.digitalindiasw.net/WsatService/Registration/Coordinator/Interop/</Address>
Any idea - what's happening here Why am i getting disabled address - how can i avoid that
Here is full message:
<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/"><s:Header><CoordinationContext s:mustUnderstand="1" xmlns="http://schemas.xmlsoap.org/ws/2004/10/wscoor" xmlns:mstx="http://schemas.microsoft.com/mb/2003/12/transactions"><wscoor:Identifier xmlns:wscoor="http://schemas.xmlsoap.org/ws/2004/10/wscoor">uuid:e2bf7501-9f54-460a-ac0f-d4354b3928cc</wscoor:Identifier><Expires>58880</Expires><CoordinationType>http://schemas.xmlsoap.org/ws/2004/10/wsat</CoordinationType><RegistrationService><Address xmlns="http://schemas.xmlsoap.org/ws/2004/08/addressing">https://narang/WsatService/Registration/Coordinator/Disabled/</Address><ReferenceParameters xmlns="http://schemas.xmlsoap.org/ws/2004/08/addressing"><mstx:RegisterInfo><mstx:LocalTransactionId>e2bf7501-9f54-460a-ac0f-d4354b3928cc</mstx:LocalTransactionId></mstx:RegisterInfo></ReferenceParameters></RegistrationService><mstx:IsolationLevel>0</mstx:IsolationLevel><mstx:LocalTransactionId>e2bf7501-9f54-460a-ac0f-d4354b3928cc</mstx:LocalTransactionId><OleTxTransaction xmlns="http://schemas.microsoft.com/mb/2004/02/tx/oletx"><PropagationToken>AQAAAAMAAAABdb/iVJ8KRqwP1DVLOSjMAAAQAAAAAACAAAAAAP///4LS6HlX0uh5clisZ9oT8nlyWKxnxO0SAPQbHwHItxQACO0SAGQ3NjA5YmI3LTJlZmQtNDJjMS05MGEzLTZiNjRhNzllOWJjNgAAAAAGAAAAZM1kzSEAAABOQVJBTkcAABAAAABOAEEAUgBBAE4ARwAAABkAAQAAAAAAAAAgAAAAdGlwOi8vbmFyYW5nLmRpZ2l0YWxpbmRpYXN3Lm5ldC8AAAAA</PropagationToken></OleTxTransaction></CoordinationContext></s:Header><s:Body><Order xmlns="http://dto.service.warehouse.sip.hp" xmlns:i="http://www.w3.org/2001/XMLSchema-instance"><OrderNumber>TEST_OrderNo</OrderNumber><OrderDate>2006-10-02</OrderDate><OrderedBy>Sanjay Narang</OrderedBy><ShipByDate>2006-10-10</ShipByDate><OrderDetails><OrderDetail><PartNumber>TEST_PartNo</PartNumber><Quantity>10</Quantity></OrderDetail></OrderDetails><Status>ACCEPTED</Status></Order></s:Body></s:Envelope>
Thanks
Sanjay
WS-AT - getting Disabled address for Registration Service
Duane Haas
Hmm, if you haven't already done so, restart your WCF client and see if that helps.
If it does not, please run the following program on your client machine and send me back the whereabouts.dat output file. Email is 'jessey' @ the standard microsoft.com address.
byte[] whereabouts = TransactionInterop.GetWhereabouts();File.WriteAllBytes("whereabouts.dat", whereabouts);
Blast
arkiboys
Can you check the EventLog and look for a message from Microsoft.Transaction.Bridge right after you restart MSDTC There should be a message saying that WS-AT initialized correctly. If you do not see this message you most likely do not have the appropriate QFE installed for COM+ / MSDTC. Head on over to http://support.microsoft.com/ kbid=912817 (WinXP) or http://support.microsoft.com/ kbid=912818 (Win2k3) and install the update.
Also, the certificate you use needs to have a SubjectName matching the FQDN of your machine -- so something like machine2.domain.com.
I'm somewhat perplexed, however, about what you are seeing from the WsatConfig tool though. If you are indeed on Feburary CTP bits, the output you are receiving from that tool seems to indicate a somewhat older version.
luca82
Thanks again
I've sent you the output file that i got from your program
Sanjay
vishwanatha
Jesse,
Thank you so much for your time on this thread. I'm sorry for delayed response. Here are answers to your questions:
1. I get success message in event viewer when MSDTC is started. Infact i got a message from source as Microsoft.Transactions.Bridge. Here are the event infos:
Event Type: Information
Event Source: MSDTC
Event Category: TM
Event ID: 2444
Date: 10/9/2006
Time: 8:40:02 PM
User: N/A
Computer: NARANG
Description:
MS DTC started with the following settings:
Security Configuration (OFF = 0 and ON = 1):
Network Administration of Transactions = 0,
Network Clients = 0,
Inbound Distributed Transactions using Native MSDTC Protocol = 1,
Outbound Distributed Transactions using Native MSDTC Protocol = 1,
Transaction Internet Protocol (TIP) = 0,
XA Transactions = 0
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Event Type: Information
Event Source: Microsoft.Transactions.Bridge
Event Category: WS-AT
Event ID: 13
Date: 10/9/2006
Time: 8:40:02 PM
User: NT AUTHORITY\NETWORK SERVICE
Computer: NARANGhow
Description:
The WS-AT protocol service successfully completed startup and recovery.
Protocol ID: cc228cf4-a9c8-43fc-8281-8565eb5889f2
Protocol Name: WS-AtomicTransactions 1.0
Process Name: msdtc
Process ID: 3572
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
2. I changed the subject of certificate that is being used by WS-AT to FQDN of my machine, however the result is same
3. I'm sure I'm using Feb CTP, the top lines of WSAT config show the following:
WSAT Configuration Tool
[Microsoftr .NET Framework, Version 3.0.50727.357]
Copyright (c) Microsoft Corporation. All rights reserved.
Here's all i can provide now. Let me know if you need any more info.
Thanks once again
Sanjay
eric1969
Hi Jesse,
Thank you so much for your response. Here are answers to your questions:
1, MSDTC both inbound as well as outbound security are enabled and the option selected is "Mutual Authenication Required". I've restarted MSDTC 2-3 times just to make sure that all configurations are enabled. Still i'm getting the disabled address. (I'm using it on a Win XP SP2 machine)
2. Yes, as you pointed out WebSphere 6.0.2.9 doesn't support WS-AT with WCF. We tried that few months back, we could solve message schema problems with some referesh packs, but HTTPS was a probles. Now as WAS 6.1 supports secure transactions - we are trying with that.
3. I'm using a self signed certificate created by makecert.exe (from Visual Studio 2005 and NOT from Windows SDK). It has a priate key and is installed in both "personal" as well as "Trusted Root Certifications Authority" (to make the certicate trusted) stores of local computer account (NOT user account) - but still i get disabled address. The command that i used to create the certificate was:
makecert -r -pe -n "CN=SIP Project" -ss my -sr localMachine -sky exchange c:\temp\TestCertMy.cer
I'd appreciate if you can help in solving disabled address problem with above information - i'd get my colleague to configure WAS as per their documention
Cheers
Sanjay
Vaneet375270
Can you tell me what WCF version you are using
Thanks,
Andy Milligan
AlexBB
Hi Sanjay,
A few things here:
- WCF to WCF communication works because we bypass true WS-AT processing for ease of deployment and optimization purposes
- Which version of WebSphere are you using If it’s anything less than 6.0.2.9 then things will probably not work. Not only were there message schema problems in that version but HTTPS transaction security as we require for WS-AT could not be enabled either.
- Please contact WebSphere support for determining how to enable transaction security in their newer versions
- If you a seeing a ‘Disabled’ address that’s probably because ‘Outbound’ transaction security for MSDTC is turned off. Please enable that.
- WS-AT communication is secure. There’s no way around that. Our chosen method of implementing interoperable security is through the use of x509 certificates over https communication. Can you describe your certificates a bit What is the SubjectName and is this certificate fully trusted and does it have a private key