I've been trying to create a Metro based client for a WCF service, using both Transport and Message security, and mutual certificate authentication.
I have each mode working individually, not together - i.e. only Message security works, body is encrypted and sent over HTTP, or only SSL works, message is not encrypted. Activating both of them makes the client send unencrypted messages over SSL.
This is my current binding:
<customBinding>
<binding name="customBind">
<transactionFlow />
<security authenticationMode="MutualCertificate" allowSerializedSigningTokenOnReply="true" defaultAlgorithmSuite="Basic128" includeTimestamp="true" securityHeaderLayout="Lax">
</security>
<textMessageEncoding messageVersion="Soap11" />
<httpsTransport requireClientCertificate="false"/>
<!--<httpTransport />-->
</binding>
</customBinding>
With httpTransport, messages are encrypted, with httpsTransport, they are not. The server responds with "An error occurred when verifying security for the message.", as the message is not encrypted. The Metro client fails with "com.sun.xml.wss.XWSSecurityException: Security Requirements not met - No Security header in message".
Has anyone encountered this before? Any clue as to why this might be happening, or possible things I can explore? Additional info: Using Netbeans 7.1.1 and Metro 2.2.
I managed to solve this by removing the TransportBinding element from the wsdl, and letting Java handle transport security instead of Metro.