Session – The security token could not be authenticated or authorized


Event Type: Error
Event Source: Microsoft WSE 2.0
Event Category: None
Event ID: 0
Date:  26/01/2006
Time:  10.21.49
User:  N/A
Computer: PSSCSM2
Description:
Message Dispatch Failure: <?xml version=”1.0″ encoding=”utf-8″?><soap:Envelope xmlns:wsa=”
http://schemas.xmlsoap.org/ws/2004/03/addressing” xmlns:wsse=”http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd” xmlns:wsu=”http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd” xmlns:soap=”http://schemas.xmlsoap.org/soap/envelope/”>

<soap:Header><wsa:Action>http://schemas.xmlsoap.org/ws/2004/03/addressing/fault</wsa:Action>

<wsa:MessageID>uuid:f72d4193-5884-42d3-92f6-3612b2494b0c</wsa:MessageID><wsa:RelatesTo>uuid:d60016fb-ca69-4b03-87bc-ffea68069b7b</wsa:RelatesTo><wsa:To>soap.tcp://client:9823/SessionSnapIn</wsa:To>

<wsse:Security><wsu:Timestamp wsu:Id=”Timestamp-6b703080-475e-435c-ad6a-f1faacb01acb”><wsu:Created>2006-01-26T09:21:49Z</wsu:Created><wsu:Expires>2006-01-26T09:26:49Z</wsu:Expires></wsu:Timestamp></wsse:Security></soap:Header><soap:Body><soap:Fault><faultcode xmlns:code=”http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd”>code:FailedAuthentication</faultcode><faultstring>Microsoft.Web.Services2.Security.SecurityFault: The security token could not be authenticated or authorized
   at Microsoft.Web.Services2.Security.Tokens.UsernameTokenManager.OnLogonUserFailed(UsernameToken token)
   at Microsoft.Web.Services2.Security.Tokens.UsernameTokenManager.LogonUser(UsernameToken token)
   at Microsoft.Web.Services2.Security.Tokens.UsernameTokenManager.AuthenticateToken(UsernameToken token)
   at Microsoft.Web.Services2.Security.Tokens.UsernameTokenManager.VerifyToken(SecurityToken securityToken)
   at Microsoft.Web.Services2.Security.Tokens.SecurityTokenManager.LoadXmlSecurityToken(XmlElement element)
   at Microsoft.Web.Services2.Security.Tokens.SecurityTokenManager.GetTokenFromXml(XmlElement element)
   at Microsoft.Web.Services2.Security.Security.LoadToken(XmlElement element, SecurityConfiguration configuration, Int32&amp; tokenCount)
   at Microsoft.Web.Services2.Security.Security.LoadXml(XmlElement element)
   at Microsoft.Web.Services2.Security.SecurityInputFilter.ProcessMessage(SoapEnvelope envelope)
   at Microsoft.Web.Services2.Pipeline.ProcessInputMessage(SoapEnvelope envelope)
   at Microsoft.Web.Services2.Messaging.SoapReceiver.FilterMessage(SoapEnvelope envelope)
   at Microsoft.Web.Services2.Messaging.SoapReceiver.ProcessMessage(SoapEnvelope message)</faultstring><faultactor>http://session.csf.local/Session/SessionManagerAdmin.ashx</faultactor>

</soap:Fault></soap:Body></soap:Envelope>

 

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

 





 

Event Type: Error
Event Source: SessionManagement
Event Category: None
Event ID: 0
Date:  26/01/2006
Time:  10.21.49
User:  N/A
Computer: PSSCSM2
Description:
SessionManagement http transport adaptor
“Session application recieved invalid soap envelope – The security token could not be authenticated or authorized”

 

For more information, see Help and Support Center at





 

These errors regards communication between Session component and session administrator snap-in.

Assuming that user present in soap header message exists, is active and authorized, one reason of this error can be that session answer came after that message or user token is expired.

Why?  Server load, some kind of deadlock or contention on CSF session DB.

For this reason I kindly disregard it.

Skip to main content