Please make sure that WSE2.0 SP3 is installed on the web server.

It is.  We just installed it yesterday.

What is that exact error you are getting when running with the -dc option?

An error was discovered processing the <Security> header.

then I get

Login error encountered. Please check username and password.

Please try and navigate, using a browser, to one of the web services. For example http://localhost/Gemini/webservices/AuthWS.asmx

What do you get?

AuthWS

• GetProjectSecuritySchemeUsers

• UpdateUserProjectRoles

• CreateSecurityScheme

• GetUserRolesForProject

• UpdateUser

• UpdateUserPassword

• UpdateUserProfile

• SignOfLife

• ApplyProjectSecurityScheme

• LogIn

• GetAllUserRolesForProject

• CreateUser

• GetScheme

• GetNotINUse

• GetGeminiUser

• UpdateSecurityScheme

• DeleteUser

• GetProjectSecurityScheme

• DeleteSecurityScheme

• GetAllUsers

• GetAllSecuritySchemes

• SaveUserSettings

• GetSchemeWithUsageInfo

• GetUserSettings

Please paste your web.config file. Also, paste the settings for the win app.

<?xml version="1.0" encoding="Windows-1252" ?>
<configuration>
 <configSections>
  <sectionGroup name="GeminiPlugins">
   <section name="MailPlugin" type="System.Configuration.NameValueFileSectionHandler,System,Version=1.0.3300.0,Culture=neutral,PublicKeyToken=b77a5c561934e089" />
  </sectionGroup>
  <section name="nhibernate" type="System.Configuration.NameValueSectionHandler, System, Version=1.0.5000.0,Culture=neutral, PublicKeyToken=b77a5c561934e089" />
  <section name="microsoft.web.services2" type="Microsoft.Web.Services2.Configuration.WebServicesConfiguration, Microsoft.Web.Services2, Version=2.0.3.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
 </configSections>
 <!-- **************-->
 <!-- **************-->
 <!-- Gemini application settings go here -->
 <!-- **************-->
 <!-- **************-->
 <GeminiPlugins>
  <MailPlugin>
   <!-- SMTPServer - specify IP number or machine name -->
   <add key="SMTPServer" value="xxx.xxx.xx.xxx" />
   <!-- SMTP authentication values: OFF, BASIC, NTLM. -->
   <add key="SMTPAuthentication" value="OFF" />
   <add key="SMTPUserName" value="" />
   <add key="SMTPPassword" value="" />
   <!-- Global email alert type on/off settings -->
   <add key="IssueCreateAlert" value="true" />
   <add key="IssueUpdateAlert" value="true" />
   <add key="IssueCommentAlert" value="true" />
   <add key="IssueStatusChangeAlert" value="true" />
   <add key="IssueResolutionChangeAlert" value="true" />
   <add key="IssueDeleteAlert" value="true" />
   <add key="IssueAssignedAlert" value="true" />
   <add key="IssueClosedAlert" value="true" />
   <add key="IssueResolvedAlert" value="true" />
   <add key="IssueWatcherAlert" value="true" />
   <!-- Options -->
   <add key="FromEmailAddress" value="xxx" />
   <add key="Debug" value="false" />
   <add key="SendAlerts" value="true" />
   <!-- Email encoding values: ASCII, DEFAULT, UNICODE, UTF7, UTF8. -->
   <add key="Encoding" value="UTF8" />
   <!-- TemplateEngine values: NVELOCITY, STRINGTEMPLATE -->
   <add key="TemplateEngine" value="NVELOCITY" />
   <!-- TemplatesPath: Optional setting that can contain absolute path to "templates\mail" folder
     - leave empty to let Gemini work it out
     - or, specify full path , e.g. "c:\inetpub\wwwroot\gemini\templates\mail\"
   -->
   <add key="TemplatesPath" value="" />
  </MailPlugin>
 </GeminiPlugins>
 <nhibernate>
  <!-- The SQL Server dialect (Gemini supports "MsSql2000Dialect" or "MsSql7Dialect") -->
  <add key="hibernate.dialect" value="NHibernate.Dialect.MsSql2000Dialect" />
  <!-- The SQL Server database connection string -->
  <add key="hibernate.connection.connectionstring" value="data source=127.0.0.1;initial catalog=Gemini;user id=xxx;password=xxx" />
  <!-- Misc -->
  <add key="hibernate.connection.provider" value="NHibernate.Connection.DriverConnectionProvider" />
  <add key="hibernate.connection.driverclass" value="NHibernate.Driver.SqlClientDriver" />
 </nhibernate>
 <appSettings>
  <!-- OrganisationName - Name of your organisation -->
  <add key="OrganisationName" value="xxx" />
  <!-- RegisteredTo - The email address of whom the product is registered to -->
  <add key="RegisteredTo" value="xxx" />
  <!-- RegistrationCode - The product registration keycode as provided by CounterSoft -->
  <add key="RegistrationCode" value="xxx" />
  
  <!-- FullGeminiURL - requires trailing forward-slash! -->
  <add key="FullGeminiURL" value="xxx" />
  <!-- GeminiAdmins - Email address for Gemini administrators -->
  <add key="GeminiAdmins" value="xxx" />
  
  <!-- WelcomeTitle - Commercial Licensees only !! -->
  <add key="WelcomeTitle" value="xxx" />
  <!-- WelcomeMessage - Commercial Licensees only !! -->
  <add key="WelcomeMessage" value="xxx." />
  
  <!-- DateFormat - "EU" or "US" -->
  <add key="DateFormat" value="US" />
  <!-- TimeInWorkingDay - specify as HH:MM (example "7:30" which equals 7 hours 30 minutes) -->
  <add key="TimeInWorkingDay" value="8:00" />
  
  <!-- WebServicesAccessCode - Security code that must be used when using Gemini web services -->
  <add key="WebServicesAccessCode" value="ABC123" />
  <!-- WinWebServicesAccessCode - Security code that must be used by Gemini Desktop application -->
  <add key="WinWebServicesAccessCode" value="WIN123" />
  <!-- UseAccessCodeForSourceControl - Should we authenticate access to the AddSCFile.aspx? -->
  <add key="UseAccessCodeForSourceControl" value="NO" />
  
  <!-- GlobalAssignResourceAtIssueCreation
    - Controls if ALL USERS can assign resource to an issue during issue creation
    - Possible values = "YES" or "NO"
    - If this is set to YES, then ANY USER can assign a resource to an issue during issue creation
  -->
  <add key="GlobalAssignResourceAtIssueCreation" value="NO" />
  <!-- AutoAlertForIssueCreator
    - Controls if the user creating an issue is automatically an ISSUE WATCHER (get issue alerts)
    - Possible values = "YES" or "NO"
    - If this is set to YES, then alerts will be sent to issue creators whenever the issue is updated
  -->
  <add key="AutoAlertForIssueCreator" value="NO" />
  <!-- AutoAlertForIssueResource
    - Controls if the user working on an issue is automatically an ISSUE WATCHER (get issue alerts)
    - Possible values = "YES" or "NO"
    - If this is set to YES, then alerts will be sent to issue workers whenever the issue is updated
  -->
  <add key="AutoAlertForIssueResource" value="YES" />
  
  <!-- ShowUserRegistrationLink
    - controls whether the logon page displays a link that would allow anyone to register as a member.
    - possible values = "YES" or "NO"
  -->
  <add key="ShowUserRegistrationLink" value="NO" />
  
  <!-- AllowAnonymousUsers- Controls if anonymous users can access Gemini (e.g. no logon required)
    - If this is set to YES, then anyone can view and use Gemini without logging-in
  -->
  <add key="AllowAnonymousUsers" value="NO" />
  
  <!-- ViewAllProjects  - Are all projects visible to everyone?
    - Setting this option to "NO" will mean you can control visibility of projects at user level
  -->
  <add key="ViewAllProjects" value="NO" />
  
  <!-- AlwaysShowGeminiStats - Controls if the Gemini statistics panel is always shown on the main page
    - By default, the stats panel is only visible if you are an admin user or ViewAllProjects=YES
  -->
  <add key="AlwaysShowGeminiStats" value="NO" />
  
  <!-- ResetPasswordSubject - The email subject line used for sending password reset requests -->
  <add key="ResetPasswordSubject" value="Gemini Password Reset Request" />
  <!-- ResetPasswordMessage - The email message used for sending password reset requests -->
  <add key="ResetPasswordMessage" value="Please click on the link below to reset your Gemini password." />
  <!-- When creating a new user, you can send a reset password request:
   - AUTO      = Will always send reset password.
   - BLANK     = Will send a reset password only if password is blank.
   - NEVER     = Will not send a reset password.
  -->
  <add key="NewUserResetPassword" value="BLANK" />
  
  <!-- IssueDescriptionType - Possible values: Text, FreeTextBox or RichText -->
  <add key="IssueDescriptionType" value="RichText" />
  <!-- IssueCommentType - Possible values: Text, FreeTextBox or RichText-->
  <add key="IssueCommentType" value="RichText" />
  
  <!-- PluginPath - path to plugin directory under bin folder (required) -->
  <add key="PluginPath" value="bin/plugins" />
  <!-- DictionaryFolder - Location of the spell check files -->
  <add key="DictionaryFolder" value="dic" />
  <!-- Default Project Repository File Click Behaviour (None or View) -->
  <add key="ProjReposFileClick" value="None" />
  <!-- EnableHTMLPosts - Controls if HTML tags can be entered into text boxes -->
  <add key="EnableHTMLPosts" value="YES" />
  <!-- CharSetForExcel - The character set used when exporting issues to Excel -->
  <add key="CharSetForExcel" value="ISO-8859-1" />
  
  <!-- Make a never expired session (refresh in seconds) -->
  <add key="SessionRefresher" value="600" />
 
  <!-- Single Sign On [method of passing user credentials (SSO.aspx)]
    - DBHASHED= This is taking the actual password as it is on the DB (converted to base 64 string) and hash it with a key that is in the web.config (SSOKey).
    - DB      = This is taking the actual password as it is on the DB (converted to base 64 string).
    - HASHED  = This is taking the clear text password and hash it with a key that is in the web.config (SSOKey, see below).
    - PLAIN   = This is just sending the password as clear text.
   -->
  <add key="SSOPasswordType" value="DB" />
  <add key="SSOKey" value="" />
  
  <!-- Any issue id with this qualified found will automatically link to the issue -->
  <add key="IssueLinkQualifier" value="GEM:" />
 </appSettings>
 <system.web>
  <compilation defaultLanguage="c#" debug="false" />
  <!--  CUSTOM ERROR MESSAGES
          Set customError mode values to control the display of user-friendly
          error messages to users instead of error details (including a stack trace):

          "On" Always display custom (friendly) messages 
          "Off" Always display detailed ASP.NET error information.
          "RemoteOnly" Display custom (friendly) messages only to users not running
          on the local Web server. This setting is recommended for security purposes, so
          that you do not display application detail information to remote clients.
    -->
  <customErrors mode="On" />
  <!--  AUTHENTICATION  (Gemini possible modes are "Windows", "Forms") -->
  <authentication mode="Forms">
   <forms
    name="Gemini203"
    loginUrl="Default.aspx"
    timeout="60"
    path="/">
   </forms>
  </authentication>
  <authorization>
   <deny users="?"></deny>
  </authorization>
  <!--  APPLICATION-LEVEL TRACE LOGGING
          Application-level tracing enables trace log output for every page within an application.
          Set trace enabled="true" to enable application trace logging.  If pageOutput="true", the
          trace information will be displayed at the bottom of each page.  Otherwise, you can view the
          application trace log by browsing the "trace.axd" page from your web application
          root.
    -->
  <trace enabled="false" requestLimit="10" pageOutput="false" traceMode="SortByTime" localOnly="true" />
  <!--  SESSION STATE SETTINGS
          By default ASP .NET uses cookies to identify which requests belong to a particular session.
          If cookies are not available, a session can be tracked by adding a session identifier to the URL.
          To disable cookies, set sessionState cookieless="true".
         
          InProc
          SQLServer (http://support.microsoft.com/default.aspx?kbid=317604)
          StateServer
    -->
  <sessionState
   mode="InProc"
   stateConnectionString="tcpip=127.0.0.1:42424"
   sqlConnectionString="data source=127.0.0.1;user id=xxx;password=xxx"
   cookieless="false"
   timeout="60" />
  <!-- <sessionState mode="InProc" cookieless="false" timeout="60" />
    GLOBALIZATION - This section sets the globalization settings of the application. -->
  <globalization culture="en-US" uiCulture="en-US" requestEncoding="utf-8" responseEncoding="utf-8" />
  <!-- File Upload Settings -->
  <httpRuntime executionTimeout="90" maxRequestLength="44096" useFullyQualifiedRedirectUrl="false" />
  <!-- The following blockers only come into affect if IIS is also configured
   http://support.microsoft.com/?kbid=815152
 -->
  <httpHandlers>
   <add type="System.Web.HttpForbiddenHandler" path=".xsl" verb="" />
   <add type="System.Web.HttpForbiddenHandler" path=".vm" verb="" />
   <add type="System.Web.HttpForbiddenHandler" path=".log" verb="" />
   <add type="System.Web.HttpForbiddenHandler" path=".config" verb="" />
   <add type="FreeTextBoxControls.AssemblyResourceHandler, FreeTextBox" path="FtbWebResource.axd"
    verb="GET" />
  </httpHandlers>
  <httpModules>
   <add name="GeminiHttpModule" type="Gemini.GeminiHttpModule, CounterSoft.Gemini" />
  </httpModules>
  <!-- This allows HTML text to be entered into Gemini -->
  <pages validateRequest="true" enableSessionState="true" enableViewState="true" enableViewStateMac="true" />
  <browserCaps>
   <!-- GECKO Based Browsers (Netscape 6+, Mozilla/Firebird, ...) //-->
   <case match="^Mozilla/5.0 ([^)]) (Gecko/[-\d]+)? (?'type'[^/\d])([\d])/(?'version'(?'major'\d+)(?'minor'.\d+)(?'letters'\w)).">
   browser=Gecko
   type=${type}
   frames=true
   tables=true
   cookies=true
   javascript=true
   javaapplets=true
   ecmascriptversion=1.5
   w3cdomversion=1.0
   css1=true
   css2=true
   xml=true
   tagwriter=System.Web.UI.HtmlTextWriter
   <case match="rv:(?'version'(?'major'\d+)(?'minor'.\d+)(?'letters'\w))">
    version=${version}
    majorversion=${major}
    minorversion=${minor}
    <case match="^b" with="${letters}">
     beta=true
    </case></case></case>
   <!-- AppleWebKit Based Browsers (Safari...) //-->
   <case match="AppleWebKit/(?'version'(?'major'\d)(?'minor'\d+)(?'letters'\w))">
   browser=AppleWebKit
   version=${version}
   majorversion=${major}
   minorversion=0.${minor}
   frames=true
   tables=true
   cookies=true
   javascript=true
   javaapplets=true
   ecmascriptversion=1.5
   w3cdomversion=1.0
   css1=true
   css2=true
   xml=true
   tagwriter=System.Web.UI.HtmlTextWriter
   <case match="AppleWebKit/(?'version'(?'major'\d)(?'minor'\d+)(?'letters'\w))( (KHTML, like Gecko) )?(?'type'[^/\d])/.$">
    type=${type}
   </case></case>
   <!-- Konqueror //-->
   <case match="Konqueror/(?'version'(?'major'\d+)(?'minor'.\d+)(?'letters'));\w(?'platform'[^)])">
   browser=Konqueror
   version=${version}
   majorversion=${major}
   minorversion=${minor}
   platform=${platform}
   type=Konqueror
   frames=true
   tables=true
   cookies=true
   javascript=true
   javaapplets=true
   ecmascriptversion=1.5
   w3cdomversion=1.0
   css1=true
   css2=true
   xml=true
   tagwriter=System.Web.UI.HtmlTextWriter
  </case>
  </browserCaps>
  <webServices>
   <soapExtensionTypes>
    <add type="Microsoft.Web.Services2.WebServicesExtension, Microsoft.Web.Services2, Version=2.0.3.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35"
     priority="1" group="0" />
   </soapExtensionTypes>
  </webServices>
 </system.web>
 <location path="Register.aspx">
  <system.web>
   <authorization>
    <allow users=""></allow>
   </authorization>
  </system.web>
 </location>
 <location path="ForgotPassword.aspx">
  <system.web>
   <authorization>
    <allow users=""></allow>
   </authorization>
  </system.web>
 </location>
 <location path="ResetPassword.aspx">
  <system.web>
   <authorization>
    <allow users=""></allow>
   </authorization>
  </system.web>
 </location>
 <location path="Error.aspx">
  <system.web>
   <authorization>
    <allow users=""></allow>
   </authorization>
  </system.web>
 </location>
 <location path="webservices/Gemini.asmx">
  <system.web>
   <authorization>
    <allow users=""></allow>
   </authorization>
  </system.web>
 </location>
 <location path="IssuesExcel.aspx">
  <system.web>
   <authorization>
    <allow users=""></allow>
   </authorization>
  </system.web>
 </location>
 <location path="xproject/IssuesExcel.aspx">
  <system.web>
   <authorization>
    <allow users=""></allow>
   </authorization>
  </system.web>
 </location>
 <location path="admin">
  <system.web>
   <authorization>
    <deny users="?"></deny>
   </authorization>
  </system.web>
 </location>
 <location path="sc/AddSCFile.aspx">
  <system.web>
   <authorization>
    <allow users=""></allow>
   </authorization>
  </system.web>
 </location>
 <location path="issue/StopWatch.aspx">
  <system.web>
   <authorization>
    <allow users=""></allow>
   </authorization>
  </system.web>
 </location>
 <location path="SSO.aspx">
  <system.web>
   <authorization>
    <allow users=""></allow>
   </authorization>
  </system.web>
 </location>
 <location path="webservices/CustomFieldsWS.asmx">
  <system.web>
   <authorization>
    <allow users=""></allow>
   </authorization>
  </system.web>
 </location>
 <location path="webservices/VersionsWS.asmx">
  <system.web>
   <authorization>
    <allow users=""></allow>
   </authorization>
  </system.web>
 </location>
 <location path="webservices/ComponentsWS.asmx">
  <system.web>
   <authorization>
    <allow users=""></allow>
   </authorization>
  </system.web>
 </location>
 <location path="webservices/AuthWS.asmx">
  <system.web>
   <authorization>
    <allow users=""></allow>
   </authorization>
  </system.web>
 </location>
 <location path="webservices/GeminiLookUpsWS.asmx">
  <system.web>
   <authorization>
    <allow users=""></allow>
   </authorization>
  </system.web>
 </location>
 <location path="webservices/IssuesWS.asmx">
  <system.web>
   <authorization>
    <allow users=""></allow>
   </authorization>
  </system.web>
 </location>
 <location path="webservices/ProjectsWS.asmx">
  <system.web>
   <authorization>
    <allow users=""></allow>
   </authorization>
  </system.web>
 </location>
 <location path="webservices/GeminiWSE.asmx">
  <system.web>
   <authorization>
    <allow users=""></allow>
   </authorization>
  </system.web>
 </location>
 <location path="webservices/TimeTracking.asmx">
  <system.web>
   <authorization>
    <allow users=""></allow>
   </authorization>
  </system.web>
 </location>
 <location path="Refresher.aspx">
  <system.web>
   <authorization>
    <allow users=""></allow>
   </authorization>
  </system.web>
 </location>
 <microsoft.web.services2>
  <diagnostics />
  <security>
   <securityTokenManager type="CounterSoft.GeminiBiz.GeminiUsernameTokenManager, CounterSoft.GeminiBiz" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
    qname="wsse:UsernameToken" />
  </security>
 </microsoft.web.services2>
</configuration>

Here is the App.Config for the Desktop program:

<?xml version="1.0" encoding="utf-8" ?>
<configuration>
 <appSettings>
 </appSettings>
</configuration>

Here is the Countersoft.Gemini.Desktop.exe.config:

<?xml version="1.0" encoding="utf-8"?>
<configuration>
  <appSettings>
    <GeminiURL>
      <add key="GeminiURL" value="Dev Server Gemini*xxx" />
    </GeminiURL>
    <add key="webservicesurl" value="xxx" /> -- This matches the full url in the web config exactly
    <add key="winauth" value="Win123" />
  </appSettings>
</configuration>

Here is the GSC.reg for the screen capture:

Windows Registry Editor Version 5.00

[HKEYLOCALMACHINE\SOFTWARE\CounterSoft\GeminiScreenCapture]
"GeminiURL"="xxx"  -- This also matches the Gemini full url in the web config exactly.
"GeminiAccessCode"="ABC123"
"GeminiUserID"=dword:00000003

All seems ok, did you reboot your server after installing WSE?

I just rebooted it and still the same problems with both the desktop tool and the screen capture tool... invalid user name and password...

Did you change the WSE version in the web.config to 2.0.3.0?

Try changing it back to 2.0.0.0.

I changed both instances back to 2.0.0.0 and still no luck.

Can you please try and point the app to our beta site?

http://beta.countersoft.com/

Alright, I tried pointing it to your site and got a more detailed error:

Microsoft.Web.Services2.Security.SecurityFault: An error was discovered processing the <Security> header ---> System.Exception: Creation time in the timestamp can not be in the future.

--- End of inner exception stack trace ---

   at Microsoft.Web.Services2.Security.Utility.Timestamp.CheckValid()

   at Microsoft.Web.Services2.Security.Utility.Timestamp.LoadXml(XmlElement element)

   at Microsoft.Web.Services2.Security.Utility.Timestamp..ctor(XmlElement element)

   at Microsoft.Web.Services2.Security.Security.LoadXml(XmlElement element)

   at Microsoft.Web.Services2.Security.SecurityInputFilter.ProcessMessage(SoapEnvelope envelope)

   at Microsoft.Web.Services2.Pipeline.ProcessInputMessage(SoapEnvelope envelope)

   at Microsoft.Web.Services2.WebServicesExtension.BeforeDeserializeServer(SoapServerMessage message)

Is this the same error that you are getting when using your own URL?

No, the error I get when I point it to our gemini server is:

An error was discovered processing the <Security> header

Any ideas?  Is there a setting somewhere in any of the setting files or anything I can do to get this to work?  I can see there is a problem with a timestamp, but I am unaware of where the error is (ie. Web.config, or any of the other config files).

Sorry to be a pain, but are you sure you have installed WSE2.0 SP3 and not WSE3.0?

Yep.  Even if I did have WSE3.0 installed on my site, why would I have gotten an error when I pointed it to your site?

The error that you got when pointed to our site is because you are in a different time zone.

Try adding

<diagnostics>
<detailedErrors enabled="true" />
</diagnostics>

under the <microsoft.web.services2> tag. This will give us extra debug info.

Can you also check the time on your server and client?

I copied and pasted "<diagnostics>
<detailedErrors enabled="true" />
</diagnostics>
"

and put that under the <microsoft.web.services2> tag and it still gives me the same error:

"An error was discovered processing the <security> header."

Here is what the <microsoft.web.services2> tag section now looks like:

 <microsoft.web.services2>
  <diagnostics>
   <detailedErrors enabled="true" />
  </diagnostics>

  <security>
   <securityTokenManager type="CounterSoft.GeminiBiz.GeminiUsernameTokenManager, CounterSoft.GeminiBiz" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
    qname="wsse:UsernameToken" />
  </security>
 </microsoft.web.services2>

Also, the Date/Time on our server is April 5, 2006 4:16 PM and the Date/Time on my local machine is April 5, 2006 4:11 PM

Can you please try and sychronise your time to be the same as the server?

well... that seems to be it! will there be any other way around this other than having everyone sync up their time with that server? the way computer clocks speed up and slow down they could be off in an hour or two...

Thanks for confirming this.

Yes, we will improve this soon.

Thanks for all of the help and troubleshooting with me.  I appreciate it.  Looking forward to the next releases :)

You can add some time tolerance (ie not synch the client's and server's time) by amending the web.config file (600 seconds = 10 minutes):

<security>

<securityTokenManager type="CounterSoft.GeminiBiz.GeminiUsernameTokenManager, CounterSoft.GeminiBiz" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" qname="wsse:UsernameToken" />

<defaultTtlInSeconds>600</defaultTtlInSeconds>

<timeToleranceInSeconds>600</timeToleranceInSeconds>

</security>

<tokenIssuer>

<ttlInSeconds>600</ttlInSeconds>

</tokenIssuer>