Develop Reference

Migration of code Mule 3 to Mule 4 and 'rest-router' is not supported in Mule 4

I have one application which is Mule 3, now I need to migrate it into Mule 4.
I implemented and changed some code but it through exceptions that tag not supported i.e 'rest-router' is not supported.
<rest-router:router templateUri="${igate.url}">
<!--Migration ERROR: The migration of 'rest-router' is not supported.-->
<!-- For more information refer to:-->
<!-- * https://docs.mulesoft.com/mule-runtime/4.1/migration-connectors>--
<!-- * https://beta.docs.stgx.mulesoft.com/beta-mule-migration-tool/mule-runtime/4.1/migration-tool.html#unsupported_connectors-->
<rest-router:post>
<ee:transform xmlns:ee="http://www.mulesoft.org/schema/mule/ee/core" doc:name="JSON to Object">
<ee:message>
<ee:set-payload>%dw 2.0 output application/java --- payload as Object { class: 'com.ifi.igate.model.Transaction'}</ee:set-payload>
</ee:message>
</ee:transform>
<flow-ref name="igate-object-flow" doc:name="igate-object-flow" />
<ee:transform xmlns:ee="http://www.mulesoft.org/schema/mule/ee/core" doc:name="Object to JSON" mimeType="application/json">
<ee:message>
<ee:set-payload>%dw 2.0 output application/json --- payload</ee:set-payload>
</ee:message>
</ee:transform>
</rest-router:post>
</rest-router:router>
Full XML file in Mule 3 which we need to migrate on Mule 4 -
<spring:beans>
<spring:bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer">
<spring:property name="ignoreUnresolvablePlaceholders" value="true"/>
<spring:property name="location" value="igate.properties"/>
</spring:bean>
<spring:bean id="validation" class="com.ifi.igate.integration.iclient.ValidationTransformer">
<spring:property name="transactionTypes">
<spring:list>
<spring:value>INQ-REQ</spring:value>
<spring:value>DEP-REQ</spring:value>
<spring:value>WIT-REQ</spring:value>
</spring:list>
</spring:property>
</spring:bean>
<spring:bean id="iGateStub" class="com.ifi.igate.stub.IGateStub">
<spring:property name="handlers">
<spring:map>
<spring:entry key="INQ-REQ">
<spring:bean class="com.ifi.igate.stub.handlers.InqHandler"/>
</spring:entry>
<spring:entry key="WIT-REQ">
<spring:bean class="com.ifi.igate.stub.handlers.WitHandler"/>
</spring:entry>
<spring:entry key="DEP-REQ">
<spring:bean class="com.ifi.igate.stub.handlers.DepHandler"/>
</spring:entry>
</spring:map>
</spring:property>
</spring:bean>
</spring:beans>
<rest-router:config/>
<http:connector name="httpConnector" doc:name="HTTP\HTTPS">
<receiver-threading-profile maxThreadsActive="10" />
</http:connector>
<flow name="igate-json-flow" doc:name="igate-json-flow">
<http:inbound-endpoint exchange-pattern="request-response" host="${igate.host}" port="${igate.port}" doc:name="HTTP"/>
<rest-router:router templateUri="${igate.url}">
<rest-router:post>
<json:json-to-object-transformer xmlns:json="http://www.mulesoft.org/schema/mule/json" returnClass="com.ifi.igate.model.Transaction" doc:name="JSON to Object"></json:json-to-object-transformer>
<flow-ref name="igate-object-flow" doc:name="igate-object-flow"/>
<json:object-to-json-transformer xmlns:json="http://www.mulesoft.org/schema/mule/json" doc:name="Object to JSON" mimeType="application/json"></json:object-to-json-transformer>
</rest-router:post>
</rest-router:router>
<rest-router:router templateUri="${igate-stub.url}">
<rest-router:post>
<json:json-to-object-transformer xmlns:json="http://www.mulesoft.org/schema/mule/json" returnClass="com.ifi.igate.model.Transaction" doc:name="JSON to Object"/>
<component doc:name="IGateStub">
<spring-object bean="iGateStub"/>
</component>
<json:object-to-json-transformer xmlns:json="http://www.mulesoft.org/schema/mule/json" doc:name="Object to JSON" mimeType="application/json"/>
</rest-router:post>
</rest-router:router>
</flow>
<sub-flow name="igate-object-flow" doc:name="igate-object-flow">
<transformer ref="validation"/>
<choice>
<when expression="#[message.payload.trxstatus == 0]">
<logger message="#[message.payload.trxreason]" level="ERROR" doc:name="Logger"/>
</when>
<otherwise>
<set-variable variableName="request" value="#[message.payload]" doc:name="save request"/>
<flow-ref name="promotions-flow" doc:name="Promotions Flow"/>
<flow-ref name="ifi-membership-flow" doc:name="Accumulate Spending"/>
<!-- logger message="Before backend" level="ERROR" doc:name="Logger"/-->
<flow-ref name="rewards-flow" doc:name="Rewards Flow"/>
<choice>
<when expression="#[message.payload.values['PTS']>0 || message.payload.trxtype=='INQ-REQ']">
<flow-ref name="${igate.membership}-membership-flow" doc:name="External Membership Flow"/>
</when>
<otherwise>
<vm:outbound-endpoint exchange-pattern="request-response" path="membership/ifi" />
</otherwise>
</choice>
<!-- logger message="After backend" level="ERROR" doc:name="Logger"/-->
<flow-ref name="promotions-flow" doc:name="Promotions Flow"/>
<flow-ref name="rewards-flow" doc:name="Rewards Flow"/>
<flow-ref name="ifi-membership-flow" doc:name="Manage balances"/>
<flow-ref name="pricing-flow" doc:name="Pricing Flow"/>
</otherwise>
</choice>
</sub-flow>
</mule>
'rest-router' is not supported in Mule 4 only need replacement for that tag or How I can migrate it into Mule 4.

rest-router seems to be an unsupported and unmaintained (last commit is from 2012) module for Mule 3. You best bet is to migrate from scratch and use APIKit instead. You will need to write a RAML specification for your API and Studio will create all the needed scaffolding from it.

Infant details required in SSR - Enter 4INFT

I'm developing with sabre soap api.
Now, I want to create passenger detail with all passenger types (ADT, CNN, INF)
I have a problem with infant type.
When I post the PassengerDetailRQ -> return 200
But in the EndTransaction response, I received an applicationResults's error message.
I have followed by this link . But not working.
Please tell me how to resolve this problem. Thanks!!!
You can see in the below:
PassengerDetail request:
<PassengerDetailsRQ xmlns="http://services.sabre.com/sp/pd/v3_3" version="3.3.0" IgnoreOnError="true" HaltOnError="false">
<PostProcessing IgnoreAfter="false" RedisplayReservation="true" UnmaskCreditCard="false" />
<PreProcessing IgnoreBefore="false">
<UniqueID ID=""/>
</PreProcessing>
<PriceQuoteInfo>
<Link HostedCarrier="true" NameNumber="1.1" Record="1"/>
<Link HostedCarrier="true" NameNumber="2.1" Record="1"/>
<Link HostedCarrier="true" NameNumber="3.1" Record="2"/>
<Link HostedCarrier="true" NameNumber="4.1" Record="3"/>
</PriceQuoteInfo>
<SpecialReqDetails>
<AddRemarkRQ>
<RemarkInfo>
<Remark Code="H" SegmentNumber="A" Type="General">
<Text>TEST REMARK</Text>
</Remark>
</RemarkInfo>
</AddRemarkRQ>
<SpecialServiceRQ>
<SpecialServiceInfo>
<SecureFlight SegmentNumber="A">
<PersonName DateOfBirth="1980-01-01" Gender="M" NameNumber="1.1">
<GivenName>FATHER MR</GivenName>
<Surname>SUR</Surname>
</PersonName>
</SecureFlight>
<SecureFlight SegmentNumber="A">
<PersonName DateOfBirth="1989-06-25" Gender="F" NameNumber="2.1">
<GivenName>MOTHER MRS</GivenName>
<Surname>LINUX</Surname>
</PersonName>
</SecureFlight>
<SecureFlight SegmentNumber="A">
<PersonName DateOfBirth="2010-03-23" Gender="F" NameNumber="3.1">
<GivenName>CHILD MS</GivenName>
<Surname>SUR</Surname>
</PersonName>
</SecureFlight>
<SecureFlight SegmentNumber="A">
<PersonName DateOfBirth="2018-01-23" Gender="MI" NameNumber="4.1">
<GivenName>INFANT MSTR</GivenName>
<Surname>SUR</Surname>
</PersonName>
</SecureFlight>
<Service SegmentNumber="A" SSR_Code="CHLD">
<PersonName NameNumber="3.1" />
<Text>23MAR10</Text>
</Service>
<Service SegmentNumber="A" SSR_Code="INFT">
<PersonName NameNumber="1.1" />
<Text>SUR/INFANT MSTR/23SEP17</Text>
</Service>
</SpecialServiceInfo>
</SpecialServiceRQ>
</SpecialReqDetails>
<TravelItineraryAddInfoRQ>
<AgencyInfo>
<Ticketing TicketType="7T-"/>
</AgencyInfo>
<CustomerInfo>
<ContactNumbers>
<ContactNumber NameNumber="1.1" LocationCode="HAN" Phone="091-666-3333" PhoneUseType="B"/>
</ContactNumbers>
<Email Address="LYVIETANH#GMAIL.COM" NameNumber="1.1" ShortText="ABC123" Type="CC"/>
<PersonName Infant="false" NameNumber="1.1" PassengerType="ADT">
<GivenName>FATHER MR</GivenName>
<Surname>SUR</Surname>
</PersonName>
<PersonName Infant="false" NameNumber="2.1" PassengerType="ADT">
<GivenName>MOTHER MRS</GivenName>
<Surname>LINUX</Surname>
</PersonName>
<PersonName Infant="false" NameNumber="3.1" PassengerType="CNN" NameReference="C02">
<GivenName>CHILD MS</GivenName>
<Surname>SUR</Surname>
</PersonName>
<PersonName Infant="true" NameNumber="4.1" PassengerType="INF" NameReference="I13">
<GivenName>INFANT MSTR</GivenName>
<Surname>SUR</Surname>
</PersonName>
</CustomerInfo>
</TravelItineraryAddInfoRQ>
</PassengerDetailsRQ>
PassengerDetail response:
<PassengerDetailsRS xmlns="http://services.sabre.com/sp/pd/v3_3">
<ApplicationResults xmlns="http://services.sabre.com/STL_Payload/v02_01" status="Complete">
<Success timeStamp="2018-06-15T12:11:26.163-05:00"/>
<Warning type="BusinessLogic" timeStamp="2018-06-15T12:11:25.226-05:00">
<SystemSpecificResults>
<Message code="WARN.SWS.HOST.ERROR_IN_RESPONSE">.INVALID ACTION</Message>
</SystemSpecificResults>
</Warning>
<Warning type="BusinessLogic" timeStamp="2018-06-15T12:11:25.451-05:00">
<SystemSpecificResults>
<Message code="WARN.SWS.HOST.ERROR_IN_RESPONSE">CHECK ITINERARY</Message>
</SystemSpecificResults>
</Warning>
</ApplicationResults>
<TravelItineraryReadRS>
<TravelItinerary>
<CustomerInfo>
<ContactNumbers>
<ContactNumber LocationCode="HAN" Phone="091-666-3333-B-1.1" RPH="001"/>
</ContactNumbers>
<PersonName WithInfant="false" NameNumber="01.01" RPH="1">
<Email Comment="CC/ABC123">LYVIETANH#GMAIL.COM</Email>
<GivenName>FATHER MR</GivenName>
<Surname>SUR</Surname>
</PersonName>
<PersonName WithInfant="false" NameNumber="02.01" RPH="2">
<GivenName>MOTHER MRS</GivenName>
<Surname>LINUX</Surname>
</PersonName>
<PersonName WithInfant="false" NameNumber="03.01" NameReference="C02" RPH="3">
<GivenName>CHILD MS</GivenName>
<Surname>SUR</Surname>
</PersonName>
<PersonName WithInfant="true" NameNumber="04.01" NameReference="I13" RPH="4">
<GivenName>INFANT MSTR</GivenName>
<Surname>SUR</Surname>
</PersonName>
</CustomerInfo>
<ItineraryInfo>
... I REMOVED THIS DATA ...
</ItineraryInfo>
<RemarkInfo>
<Remark RPH="001" Type="General">
<Text>TEST REMARK</Text>
</Remark>
</RemarkInfo>
<SpecialServiceInfo RPH="001" Type="AFX">
<Service SSR_Code="OSI">
<PersonName NameNumber="04.01">I/SUR/INFANT MSTR</PersonName>
<Text>VN INF</Text>
</Service>
</SpecialServiceInfo>
</TravelItinerary>
</TravelItineraryReadRS>
EndTransaction request:
<EndTransactionRQ Version="2.0.8" xmlns="http://webservices.sabre.com/sabreXML/2011/10" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<EndTransaction Ind="true" />
<Source ReceivedFrom="SWS TEST" />
</EndTransactionRQ>
EndTransaction response:
<EndTransactionRS xmlns="http://webservices.sabre.com/sabreXML/2011/10" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:stl="http://services.sabre.com/STL/v01" Version="2.0.8">
<stl:ApplicationResults status="NotProcessed">
<stl:Error type="BusinessLogic" timeStamp="2018-06-15T12:11:31-05:00">
<stl:SystemSpecificResults>
<stl:Message>INFANT DETAILS REQUIRED IN SSR - ENTER 4INFT/...</stl:Message>
<stl:ShortText>ERR.SWS.HOST.ERROR_IN_RESPONSE</stl:ShortText>
</stl:SystemSpecificResults>
</stl:Error>
</stl:ApplicationResults>
</EndTransactionRS>

If you check in the response PassengerDetailsRS/TravelItineraryReadRS/TravelItinerary/SpecialServiceInfo you'll see that none of the special services were added, and for that reason it is requested at the time of the EndTransaction call.
Without knowing the status of the itinerary, it is impossible to state the cause of the 2 warnings returned:
<ApplicationResults xmlns="http://services.sabre.com/STL_Payload/v02_01" status="Complete">
<Success timeStamp="2018-06-15T12:11:26.163-05:00"/>
<Warning type="BusinessLogic" timeStamp="2018-06-15T12:11:25.226-05:00">
<SystemSpecificResults>
<Message code="WARN.SWS.HOST.ERROR_IN_RESPONSE">.INVALID ACTION</Message>
</SystemSpecificResults>
</Warning>
<Warning type="BusinessLogic" timeStamp="2018-06-15T12:11:25.451-05:00">
<SystemSpecificResults>
<Message code="WARN.SWS.HOST.ERROR_IN_RESPONSE">CHECK ITINERARY</Message>
</SystemSpecificResults>
</Warning>
</ApplicationResults>
I would guess UC segments in the itinerary.

Between the "CHECK ITINERARY" error and the "ENTER 4INFT/..." message on save, it would appear you are working with an AA itinerary, and are sending a 3INFT command.
When airline is AA, you need to switch almost all commands starting with a 3 to starting with a 4. ie instead of sending 3INFT/... you send 4INFT/...
Hope this helps!

OTA_HotelResRQ direct sell fails with FORMAT ERROR ON OPTIONAL FIELD

I'm making the following sequence of calls to reserve a hotel room using the direct sell request:
HotelPropertyDescriptionRQ
PassengerDetailsRQ
OTA_HotelResRQ
The final response errors with:
FORMAT ERROR ON OPTIONAL FIELD
I'm unable to work out what is causing this error - is it perhaps the RPH of the room is not being correctly added to the PassengerDetailsRQ?
The OTA_HotelResRQ is:
<OTA_HotelResRQ xmlns="http://webservices.sabre.com/sabreXML/2011/10" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" ReturnHostCommand="true" TimeStamp="2017-02-13T12:45:24" Version="2.2.0">
<Hotel>
<BasicPropertyInfo RPH="001">
<ConfirmationNumber>PWBA-POW-131c-02</ConfirmationNumber>
</BasicPropertyInfo>
<Guarantee Type="G">
<CC_Info>
<PaymentCard Code="VI" ExpireDate="2018-10" Number="4111111111111111"/>
<PersonName>
<Surname>TEST</Surname>
</PersonName>
</CC_Info>
</Guarantee>
<RoomType NumberOfUnits="1"/>
</Hotel>
The HotelPropertyDescriptionRQ:
<HotelPropertyDescriptionRQ Version="2.3.0" xmlns="http://webservices.sabre.com/sabreXML/2011/10">
<AvailRequestSegment>
<GuestCounts Count="1" />
<HotelSearchCriteria>
<Criterion>
<HotelRef HotelCode="0007855" />
</Criterion>
</HotelSearchCriteria>
<TimeSpan End="2016-12-17" Start="2016-12-10"/>
</AvailRequestSegment>
</HotelPropertyDescriptionRQ>
The PassengerDetailsRQ:
<PassengerDetailsRQ xmlns="http://services.sabre.com/sp/pd/v3_3" version="3.3.0" IgnoreOnError="false" HaltOnError="true">
<PostProcessing IgnoreAfter="false" RedisplayReservation="true" UnmaskCreditCard="true">
<EndTransactionRQ>
<EndTransaction Ind="true"></EndTransaction>
<Source ReceivedFrom="PW TESTING"/>
</EndTransactionRQ>
</PostProcessing>
<PreProcessing IgnoreBefore="false">
<UniqueID ID=""/>
</PreProcessing>
<SpecialReqDetails>
<AddRemarkRQ>
<RemarkInfo>
<FOP_Remark>
<CC_Info Suppress="true">
<PaymentCard Code="VI" ExpireDate="2017-12" Number="4444333322221111" SuppressApprovalCode="true"/>
</CC_Info>
</FOP_Remark>
</RemarkInfo>
</AddRemarkRQ>
</SpecialReqDetails>
<TravelItineraryAddInfoRQ>
<AgencyInfo>
<Address>
<AddressLine>XXXXXXXXXXX Ltd</AddressLine>
<CityName>London</CityName>
<CountryCode>GB</CountryCode>
<PostalCode>XXXX XXX</PostalCode>
<StateCountyProv StateCode="LN" />
<StreetNmbr>2 Some Rome</StreetNmbr>
</Address>
</AgencyInfo>
<CustomerInfo>
<ContactNumbers>
<ContactNumber NameNumber="1.1" Phone="817-555-1212" PhoneUseType="H" />
</ContactNumbers>
<PersonName Infant="false" NameNumber="1.1">
<GivenName>Iain</GivenName>
<Surname>TESTING</Surname>
</PersonName>
</CustomerInfo>
</TravelItineraryAddInfoRQ>
</PassengerDetailsRQ>

I believe it is because you are adding a confirmation number to the sell request, which is an optional field when selling passive segments, but it should not be expected when actually requesting the room to the hotel.
<ConfirmationNumber>PWBA-POW-131c-02</ConfirmationNumber>
I would try removing that.

To reserve a hotel room using the direct sell request from sabre used OTA_HotelResRQ request.
Here is one example for request (i already used this request and get response from sabre)
<?xml version="1.0"?>
-<OTA_HotelResRQ Version="2.2.0" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
-<Hotel xmlns="http://webservices.sabre.com/sabreXML/2011/10">
<BasicPropertyInfo RPH="001"/>
<Customer NameNumber="01.01"/>
-<Guarantee Type="G">
-<CC_Info>
<PaymentCard Number="3782 8224 6310 005" ExpireDate="2021-09" Code="AX"/>
-<PersonName>
<Surname>tailor</Surname>
</PersonName>
</CC_Info>
</Guarantee>
<RoomType NumberOfUnits="1"/>
</Hotel>
</OTA_HotelResRQ>

Passenger type mismatch in search request and response

I send 3 adults and 2 childs in search request(action: BargainFinderMax_RQ ) and in response(action: BargainFinderMax_RS) we receive 5 adults.
Sabre returns as info :
CNN NOT APPLICABLE - ADT FARE USED - VERIFY RESTRICTIONS
I would like to ask if there is any parameter supplied that Sabre provides that will let me receive only given passenger type.
Edit: Here is the BargainFinderMaxRQ:
<s:Body xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<OTA_AirLowFareSearchRQ PrimaryLangID="En" Version="1.8.5" ResponseType="OTA" ResponseVersion="1.8.5" xmlns="http://www.opentravel.org/OTA/2003/05">
<OriginDestinationInformation RPH="1">
<DepartureDateTime>2016-08-26T12:00:00</DepartureDateTime>
<DepartureWindow>00002359</DepartureWindow>
<OriginLocation LocationCode="KRR" />
<DestinationLocation LocationCode="DLM" />
</OriginDestinationInformation>
<OriginDestinationInformation RPH="2">
<DepartureDateTime>2016-09-02T12:00:00</DepartureDateTime>
<DepartureWindow>00002359</DepartureWindow>
<OriginLocation LocationCode="DLM" />
<DestinationLocation LocationCode="KRR" />
</OriginDestinationInformation>
<TravelPreferences>
<TPA_Extensions>
<DiversityParameters AdditionalNonStopsNumber="10" />
</TPA_Extensions>
</TravelPreferences>
<TravelerInfoSummary>
<SeatsRequested>5</SeatsRequested>
<AirTravelerAvail>
<PassengerTypeQuantity Code="ADT" Quantity="3" />
<PassengerTypeQuantity Age="8" Code="CNN" Quantity="2" />
</AirTravelerAvail>
</TravelerInfoSummary>
</OTA_AirLowFareSearchRQ>
</s:Body>

You need to use the XOFares element:
<!--"Value" (required) Indicator for whether to return only fares with a passenger type the same as the passenger type specified in the request.-->
<!--Value="true" Returns only fares with a passenger type the same as the passenger type specified in the request.-->
<!--Value="false" (default) Uses standard Bargain Finder Max logic.-->
<XOFares Value="true"/>

WCF client - The EncryptedKey clause was not wrapped with the required encryption token

We need to consume a DataPower webservice running SSL and WS-Security.
I have setup a WCF web service running HTTP and custom username password authentication, to be accessed within our network. This web service is consumed from our Oracle database(Oracle cannot do direct connections with WS-Security).
When our local web service is invoked, it makes the call to the external web service, adding in all the WS-Security headers and certificates.
The external web service requires certificate authentication on Transport, and x509 certificates for singing and encrypting the message.
I have setup a CustomBinding in the client app.config (web service is self-hosted as a windows service) and am able to make a connection to the external web service. The guys that maintain the external web service say they are receiving my messages successfully, processing the data and sending the response.
The problem is when my client tries to process the response, I get a "The EncryptedKey clause was not wrapped with the required encryption token 'System.IdentityModel.Tokens.X509SecurityToken'." error.
With the WCF logging, I can see the message I receive, and see the HTTP OK status.
<?xml version="1.0"?>
<configuration>
<system.web><compilation debug="true" /></system.web>
<system.serviceModel>
<client>
<endpoint address="https://xxx.fff.eee/Service"
behaviorConfiguration="WSSecBehavior" binding="customBinding"
bindingConfiguration="Soap11_Secure" contract="xxx.yyy"
name="ddddddd" />
</client>
<behaviors>
<serviceBehaviors>
<behavior name="TEST_Service_Behavior">
<serviceMetadata httpGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
<serviceCredentials>
<userNameAuthentication userNamePasswordValidationMode="Custom"
customUserNamePasswordValidatorType="Test_Proxy.PasswordValidator, Test_Proxy" />
</serviceCredentials>
</behavior>
</serviceBehaviors>
<endpointBehaviors>
<behavior name="WSSecBehavior">
<clientCredentials>
<clientCertificate storeLocation="LocalMachine"
storeName="TrustedPeople"
x509FindType="FindByThumbprint"
findValue="dfgasdfgsdgsgfds" />
<issuedToken defaultKeyEntropyMode="CombinedEntropy" cacheIssuedTokens="True" />
<serviceCertificate>
<authentication certificateValidationMode="PeerOrChainTrust" />
<scopedCertificates >
<add targetUri="https://xxx.fff.eee/Service"
storeLocation="LocalMachine"
storeName="TrustedPeople" x509FindType="FindByThumbprint" findValue="sdfgsdfgsdfgsfdg" />
</scopedCertificates>
<defaultCertificate storeLocation="LocalMachine"
storeName="TrustedPeople" x509FindType="FindByThumbprint" findValue="sdfgsdfgsdfgsdfgsdfg" />
</serviceCertificate>
</clientCredentials>
</behavior>
</endpointBehaviors>
</behaviors>
<services>
<service behaviorConfiguration="TEST_Service_Behavior" name="Test_Proxy.TEST_Service">
<endpoint address="" binding="basicHttpBinding" bindingConfiguration="soap11Binding"
name="Soap11" bindingName="Soap11" contract="Test_Proxy.ITEST_Service" />
<endpoint address="mex" binding="mexHttpBinding" name="mex" contract="IMetadataExchange" />
<host>
<baseAddresses>
<add baseAddress="http://localhost:8449/GCOS_WebService/" />
</baseAddresses>
</host>
</service>
</services>
<bindings>
<basicHttpBinding>
<binding name="soap11Binding" maxBufferPoolSize="2147483647"
maxBufferSize="2147483647" maxReceivedMessageSize="2147483647">
<readerQuotas maxDepth="2147483647" maxStringContentLength="2147483647"
maxArrayLength="2147483647" maxBytesPerRead="2147483647" />
<security mode="TransportCredentialOnly">
<transport clientCredentialType="Basic" />
</security>
</binding>
</basicHttpBinding>
<customBinding>
<binding name="Soap11_Secure">
<textMessageEncoding messageVersion="Soap11" />
<security defaultAlgorithmSuite="Basic128Rsa15" allowSerializedSigningTokenOnReply="False"
enableUnsecuredResponse="false" authenticationMode="MutualCertificate" messageProtectionOrder="SignBeforeEncrypt"
messageSecurityVersion="WSSecurity10WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10"
securityHeaderLayout="Strict" requireDerivedKeys="False">
</security>
<httpsTransport maxReceivedMessageSize="5000000" authenticationScheme="Negotiate"
maxBufferSize="5000000" requireClientCertificate="true" />
</binding>
</customBinding>
</bindings>
<diagnostics performanceCounters="All" wmiProviderEnabled="True">
<messageLogging
logEntireMessage="True"
logMalformedMessages="True"
logMessagesAtServiceLevel="True"
logMessagesAtTransportLevel="True"
maxMessagesToLog="5000"
maxSizeOfMessageToLog="50000" logKnownPii="True"/>
</diagnostics>
</system.serviceModel>
<startup>
<supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.0" />
</startup>
<system.diagnostics>
<trace autoflush="true"/>
<sharedListeners>
<add name="sharedListener"
type="System.Diagnostics.XmlWriterTraceListener"
initializeData="Test_Service_Proxy.svclog" />
</sharedListeners>
<sources>
<source name="System.ServiceModel" switchValue="Verbose, ActivityTracing" >
<listeners>
<add name="sharedListener" />
</listeners>
</source>
<source name="System.ServiceModel.MessageLogging" switchValue="Verbose" >
<listeners>
<add name="sharedListener" />
</listeners>
</source>
</sources>
</system.diagnostics>
</configuration>
Any help or direction please.
Request sent:
<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<s:Header>
<o:Security s:mustUnderstand="1" xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<u:Timestamp u:Id="uuid-1717e10e-8265-4ada-9dee-d01782ed03a9-1">
<u:Created>2013-10-27T18:14:45.248Z</u:Created>
<u:Expires>2013-10-27T18:19:45.248Z</u:Expires>
</u:Timestamp>
<o:BinarySecurityToken>
<!-- Removed-->
</o:BinarySecurityToken>
<e:EncryptedKey Id="_0" xmlns:e="http://www.w3.org/2001/04/xmlenc#">
<e:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/>
<KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
<o:SecurityTokenReference>
<o:KeyIdentifier ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509SubjectKeyIdentifier" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">5ldE9AdwhGZ/xckWL9rimuji1eY=</o:KeyIdentifier>
</o:SecurityTokenReference>
</KeyInfo>
<e:CipherData>
<e:CipherValue>HPG3N2VwCSqS3ImLrKLzodnK/I23oPFk097vp8Iru2ZVmR7EotdnL9tU61C6/b8fUU36ntkDVnsECdp0nYqSSbgu9Hoo6LUIEXVLEySqjcj7M3YNeutHwuY1SK5FKdcfFcTuT7a5drxXHzkpJAEyiW7PAxF4c7BF/iVNYXhgcm0lZDpAct2cGhzdSx6gq+K4SMUVq44Vg6Z89yUVyQsERN3nY++DuJC4yn0Z718fD1+tiNlNXNuX2d1JAP1kh9UO0sYIb06lgg5lXmHAzU2XC5MFcPoK6w0HmKH3cyVThFDfnCMeB//xtVcUS7lgDo81o6YF2sstpH+aLHUemuhQTg==</e:CipherValue>
</e:CipherData>
</e:EncryptedKey>
<c:DerivedKeyToken u:Id="_1" xmlns:c="http://schemas.xmlsoap.org/ws/2005/02/sc">
<o:SecurityTokenReference>
<o:Reference URI="#_0"/>
</o:SecurityTokenReference>
<c:Offset>0</c:Offset>
<c:Length>16</c:Length>
<c:Nonce>
<!-- Removed-->
</c:Nonce>
</c:DerivedKeyToken>
<e:ReferenceList xmlns:e="http://www.w3.org/2001/04/xmlenc#">
<e:DataReference URI="#_3"/>
</e:ReferenceList>
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
<SignedInfo>
<CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<Reference URI="#_2">
<Transforms>
<Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<DigestValue>eBkrZ4r7IEHLDZANylfLVRCNnrc=</DigestValue>
</Reference>
<Reference URI="#uuid-1717e10e-8265-4ada-9dee-d01782ed03a9-1">
<Transforms>
<Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<DigestValue>EqW8YFzg8XMFLjUNfDlxY6fQR5k=</DigestValue>
</Reference>
</SignedInfo>
<SignatureValue>CGzogpiUa6jTUmLdd9EiqQdd7VeV3naM59raFqjtjtEf5pPk1a4uwk0ihuzWR7RZTXCa+oieqEE/oEQgEdXzjvDxXUUrmEcIV+be5HSBRw0GPj52Cp55kBHV5hfOCUfsmXcgGQ2mxFNyFQchbKQ20sAGgse+z/GzLnkFnGy/RWQ=</SignatureValue>
<KeyInfo>
<o:SecurityTokenReference>
<o:Reference ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" URI="#uuid-1bb3eb61-bd9e-42a9-9d0d-81de76cbbe73-3"/>
</o:SecurityTokenReference>
</KeyInfo>
</Signature>
</o:Security>
</s:Header>
<s:Body u:Id="_2" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<e:EncryptedData Id="_3" Type="http://www.w3.org/2001/04/xmlenc#Content" xmlns:e="http://www.w3.org/2001/04/xmlenc#">
<e:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
<KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
<o:SecurityTokenReference xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<o:Reference ValueType="http://schemas.xmlsoap.org/ws/2005/02/sc/dk" URI="#_1"/>
</o:SecurityTokenReference>
</KeyInfo>
<e:CipherData>
<e:CipherValue>OC8ylIHfJ/QZs9HRTD+SMuYAsGdNTtn6iS/2Lo4GLzxqaOqfOl4dxqCM/0Vp2lwkOldDW3zZR90yiVbK58bdMrRwjJ5HeJop/NtM9e7ysrOeJjroyuVXtMdhRj5bUkz+scM+KsUgSLLCasm0NzWqFRK60CrqZFhTApQN5+EMlQm4HAUGkhW4Fg9C4bYodxR25FTqiTI3VEuAAB3mx1AAvhqnxttI2ghEl9D9Yvm70bl+Z5VfQxQ4DZbFipnSxpZCp3+29rgH4aa6yCYzc2qd630BYJ8ikzZM1YcWQCBsCxU5RB6Y8TF6G9f2Oi97glPeOIXjRaSzj0Vp7f42aappL1dmO6tNpogYOrh9GUsJdNr2CeNzxNGbpYNXmWi/CSOxNjKv8BvpLa12k22va0iHZt0NoOYwzsvY2mhbScUO0rkgLtYuRR4Hvf/rDwjdCjjusNodIEkQXmGxh9tg2vRGZaWounm8DFDlVcscGxeli8wFN1u8jpNeVy4k95sSKzvixqfvNDRZbL3hah7oiWaSYdwbyGl21xGqhuo8yI2T2iax7BZ2v/a02bqF9uj5sjvAnjxCpJK8iADPbbNrzCmL2i2Mo2yjgYyqCx3Jr3VylsymxBCVZqVO8pU8yoU/fYJJJtYQ0FMQs5VoD+yUhXcC5mxqOeMAVUPSntNJ/NhzOtZvMz7FGMR2EitPZ69a9utQfyOzfQzUW3xyE+iJcXxnBLzRAfQoguM0Tj8rBCqNvGTkyljz4URJnVe+a8diaO1YanZAq8K/u/Ei0I7GXDWl3hlE3aBP3wLPHce4eQZxRbZnlezF78H9XDlb3vqLsJ0ynFaS0oLcQ1SRhf1vV0XzTvNdphNRoaAH7EBQvUdj5z6zYjoP1ubndMtFKw+d/WVF7bc72NLR9vHHHiYQ3VN4dsFmH4R2G7mcD44LQgx0UKgwlbF5uixUXW/I4VHzHwehM4DdH8P/euy+KrmjFPrSyhMqPbaKwjIJswJjavUYdKkYJpLpCp8hfb0FvwGNC9Zyzafko5zuRheX/+f7P4kB1ZjXWC9QVb5Q8YaqIYTPXG53W+9usdxeQvPXXwx1lN7odz7OVrGGlvSN1TRybHDn9ysM+zhSwhggeoGkKtWsRoO6RKT9G3lVVuo7tcCXDJHXbPFE0gor1G5mh0iZZtwKagvNZr+TRp9WCh+nXTwU/GZh+utBl49euPA7hNVuunf/RE4ZDvnop0IVe+2f8CkM6ABy7R+T47w51r9NCMuSG7BnPHDfVFZc/ZhRee2eEyEyu4T+HnbRRyd3YJnU6+Y1wu9YTKFrbMLFjq3byZxBJgs70lW7PDXbFk1jegwg0CckjU+oTOyt9RK8iHUgniFEkAd6Z5NgCysoT0PZgOBn7wCeopTyA5ZRp9dFbeOn4vBEUcnP9iegg7nB27Pqi8HY3rgtOrIf0d8Ix2z5J1FRNZY=</e:CipherValue>
</e:CipherData>
</e:EncryptedData>
</s:Body>
</s:Envelope>
Response Received:
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
<soap:Header>
<wsse:Security soap:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<xenc:EncryptedKey xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
<xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"/>
<dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
<wsse:SecurityTokenReference>
<wsse:KeyIdentifier ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509SubjectKeyIdentifier" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">y1cWMPtJ5ta+ZXxOOHKhkAwG5zM=</wsse:KeyIdentifier>
</wsse:SecurityTokenReference>
</dsig:KeyInfo>
<xenc:CipherData xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
<xenc:CipherValue>T1TGYnixXqFJcR82RDV9t43jzD6w31zg8uV3Yv84ZG2+wXms2ajayviZ9Ps7+ak4nPVd8uP4u/zYl2jLCpCwEquA2mJ13P6guqcLQt4091ndJAjnBv1EljANCUB7sE4+W6VLZ6zZLhU7kzdH8dF1SUiDS4soSv8/hfWjK3OOrS4=</xenc:CipherValue>
</xenc:CipherData>
<xenc:ReferenceList>
<xenc:DataReference URI="#body"/>
</xenc:ReferenceList>
</xenc:EncryptedKey>
<wsu:Timestamp wsu:Id="Timestamp-3c6a0000-8873-44a3-a1ce-7020c285baed" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsu:Created>2013-10-27T18:14:55Z</wsu:Created>
<wsu:Expires>2013-10-27T18:19:55Z</wsu:Expires>
</wsu:Timestamp>
<wsse:BinarySecurityToken>
<!-- Removed-->
</wsse:BinarySecurityToken>
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
<SignedInfo>
<CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<Reference URI="#Id-9c1b48c4-0bde-48af-9086-f8ce71eb74dd">
<Transforms>
<Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<DigestValue>F3pP+zcm2Iq8GewW/A4GX5kK8aU=</DigestValue>
</Reference>
<Reference URI="#Timestamp-3c6a0000-8873-44a3-a1ce-7020c285baed">
<Transforms>
<Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<DigestValue>MiDu5ZphIhMIAb9ISBj1EKOIfOY=</DigestValue>
</Reference>
</SignedInfo>
<SignatureValue>gEjjen88BeWVuTD7t2txOCFXfEOE2g2bvDbWnxS24tSJYpvywl+PEzif5Is/AXTzgmL/McU8/GOgxt8ZKTLe1k3Ux4ZlGCFQiuEyk/1rmEJ1UYt4wn6O0k3PU34HOgCJDjC/0CYjdNFEgG9rwFk6+H8nldCcbI8ZMsM+6OwvECthB5CNgwM3FZcIIZJmTUkEQLEsszw08xaao7kyZCMbs5HBvUr5kNrIiim0pbYO0o5eFF2A59NBfNugo8EYwvC9mkcy8/RJv7aDflxoLxPNgyV7HCFTyt5lwApo1yzOQFVFduGxCyQACBJdR5kevkmfiqBWTYWk6+/YcqaacNXKPg==</SignatureValue>
<KeyInfo>
<wsse:SecurityTokenReference xmlns="">
<wsse:Reference URI="#SecurityToken-1e313a32-f22f-43bf-a2d7-a2a24b98a3ef" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"/>
</wsse:SecurityTokenReference>
</KeyInfo>
</Signature>
</wsse:Security>
</soap:Header>
<soapenv:Body wsu:Id="Id-9c1b48c4-0bde-48af-9086-f8ce71eb74dd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<xenc:EncryptedData Id="body" Type="http://www.w3.org/2001/04/xmlenc#Content" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
<xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
<xenc:CipherData>
<xenc:CipherValue>5kvgGglS7ayNXv9LvFILgJjsw8IZ1wCkEZUPCAUakHuxEOpt/gsQ3KNdFkcwZr2rYrnZmrjKctbpAYpBbIXt1HJSAXu6AQQalMkn5B9o28uRfyvRt3Lvkt/lFcBdxGgIufGGPCJPvQlQ8WKmJ2jdolWKeufr/9UfV9m/zpkbycUdUQVfs0h9GQ4TML65ll+HKX2oQuMuHS1TjR6EgXvZThk3TDKf+GuyGkULH8ce60vrGi7qvMMDsfyh20YvJIUmnwHt9HxzMEK5IulM09czz90iyY1jet3GxCkB4x0l8mOO7IGJhQWTzyyD+Kh+rCnc67B+oRf/rgpOQbfcW8P3xnPwmoErGEscDoUa8LPcDBejd6vyKXIPZdNVtccqqarKkKyuhpF9g4uHD810VPcPQe7oKo84yk8YcaejavkKp7/svtAC6nCUJpszZDvhXBml1Qh8pzBMUbg+fnsMY/PRdpCYRvUYfBGx7NymCYTfY5jOaSEYUmHXPTYR1f1f9FckDoTMhMsVk/0TsPJyl8PbRExo91qrBpcJPZRBAUWUwU7Unx6gOqhzYadQ5d/0tp6C5gmBdg1b007TooPUOtGMJygc78lbXFPRxQaV81+hpMRbr4pJyTWpbHdu9dGx+XO+8edR78feB16N4XvxZtqX+HoxjWCE0tlYT8woFVYw8S0OW31XczzW/HuDVBqhTaozKny8CqUW/MU/NoR0jMGqhuK8S5vWHFl2Hv8YttaXlhRUy8aepKPtdNK8GOrjHtShKdkg30fpheFBSi4bjIbnv7VK2xpKgOklfTs14minc28kKxEbvrzQ56d9hKPgOydjU273GmWwudtSRVfuhUWpDkYDxAviaDYfnslSEY5GbPMW0dIXwr8miUZ7HFe4nHv397GAESCELlJ2cjDFwwcmKxnq5sPo7YYFaVqBZAnbdT0bpCsgieK6Vq8Ih/tm9BSXYod2q8NTaIzmhqDFgirgsyt4leEJy0zkGy7Cdd1PYVWOr9JJVsWFnl1laxhoaVDYzjrioP7k2Nk6gPCHjyOEK8LgqOecy6h4bJ2/Ui0Ce2nO1pvl4Za4ehvK5bQrZ6GxrvEa7gS5Mde2B+8BPZCDgehRt3SUy16ha1LxlTNFHRB5Ybzo+AMytAaNSF9zwSy71U5NOhsUdNUslKb7aj7VyOoUvayKMnHfESQIYIj57sH0AOqJzRzbDOpTV3BqXyYX2OIT2hkoSft1JuO0rSJd3mCRKwVDRbS+HufM3dmIn98VAsfYlsWLyd7zbRc7WsqlUzIhD5tVRkqeDS0R8cBR35mv4LV4NbvhvVK6CuI6i4ZL2UgyNQto3HQ5RMqohZFOtA1Lfl4W6WILSF51D1TNRZtbLwCmNAAWJFS/22BiGNN9TyOneFyrmalLYcRUeJ0bN9OZG7oG808noOUxtIIx9zPlHnjUO83/q573GmPK7nrtZJss4U7jeeLef1g08Iq9t6dyh1VViLeX6aCdMKTdmZ+HyQmR5IDe2gQ7N6bosnmZZURezvJUjpeulsJ6u5SVYP9tyGTZjPOwuO3mAxMtPWcuVfotT5qqE6Z6QJziRfIIEh4xp3m46mEalLKLphmm4uRGXmqMWHXWtitgFE2L9qDJoRVW++4ext6/q3cmWhj0qX97g/nHTU0bg42RJ2441Oj1rZtkbMcnwT0Wp3sn1dhkiPbax7XhmHA/l9wNYRE29sJP/M3jxOq8s/RWFTgZJAYtWjDK+uRncyvaSpNfeAlO53Flt25yFSoB1ybC1y+0Mdrd9xrhgh2GlzHmOnlQG0kKGjuc4mzvpgPIuTmM2kgduUXBpUh/gPV2JrFIxNxjkIp6gGG0Yq3mUpfL02ulWrdzhcvvPvAAvintHE3vjC7G9vmcw5T2/jU14LhF5/jLtP31hx3k+G4Re7NKMww9kbjOM/SC8w+tsNLEyVsDOLB2GMWzswkU8EER8Hqxm4ZIqYfDQOu5o+zxmOW9wtE8x43lk7Rt10BSbCPBIjLMGPomZBhVGh2R5HKINHwS/Vz0VDiq9O1MbO2lVKE02IC4</xenc:CipherValue>
</xenc:CipherData>
</xenc:EncryptedData>
</soapenv:Body>
</soap:Envelope>

Turns out it was certificate related. Once we got a valid certificate with Digital Signature and Key Encipherment, everything started working.
Dont think my self-signed (self-generated) certificate had all the necessary usages.
#Yaron - Thank you for your help.

I suggest you set up a WCF service with the same setting and verify it is working with the client, and then compare the structure of its response to the failing response.
Assuming they are the same structure (otherwise need to change binding) one option is that the response uses an encryption certificate which is different than the one you used to sign with in the request. Verify that the value inside the response keyInfo is indeed the subjectKeyIdentifier of the certificate you used to sign with.
<wsse:KeyIdentifier ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509SubjectKeyIdentifier" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">y1cWMPtJ5ta+ZXxOOHKhkAwG5zM=</wsse:KeyIdentifier>

Had similar issue. Turns out it was due generated self-signed certificate without Subject Key Identifier (SKI). Check this answer:
WCF : The EncryptedKey clause was not wrapped with the required encryption token 'System.IdentityModel.Tokens.X509SecurityToken'