I'm trying to enable CORS using WCF.
But I get Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost' is therefore not allowed access. The response had HTTP status code 404.
This is my Global.asax
protected void Application_BeginRequest(object sender, EventArgs e)
{
HttpContext.Current.Response.AddHeader("Access-Control-Allow-Origin", "*");
if (HttpContext.Current.Request.HttpMethod == "OPTIONS")
{
HttpContext.Current.Response.AddHeader("Access-Control-Allow-Methods", "GET, POST");
HttpContext.Current.Response.AddHeader("Access-Control-Allow-Headers", "Content-Type, Accept");
HttpContext.Current.Response.AddHeader("Access-Control-Max-Age", "1728000");
HttpContext.Current.Response.End();
}
}
This is my web.config
<configuration>
<system.web>
<compilation debug="true" targetFramework="4.0" />
</system.web>
<system.serviceModel>
<bindings>
<webHttpBinding>
<binding name="TransportSecurity">
<security mode="Transport">
<transport clientCredentialType="None"/>
</security>
</binding>
</webHttpBinding>
</bindings>
<behaviors>
<endpointBehaviors>
<behavior name="RESTAPI03.testAspNetAjaxBehavior">
<webHttp />
</behavior>
</endpointBehaviors>
<serviceBehaviors>
<behavior name="RESTAPI03.testAspNetAjaxBehavior">
<serviceMetadata httpGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
</behavior>
</serviceBehaviors>
</behaviors>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" />
<services>
<service name="RESTAPI03.test">
<endpoint address="" behaviorConfiguration="RESTAPI03.testAspNetAjaxBehavior"
binding="webHttpBinding" bindingConfiguration="TransportSecurity" contract="RESTAPI03.Hotels" />
</service>
</services>
<standardEndpoints>
<webScriptEndpoint>
<standardEndpoint crossDomainScriptAccessEnabled="true"></standardEndpoint>
</webScriptEndpoint>
</standardEndpoints>
</system.serviceModel>
<system.webServer>
<httpProtocol>
<customHeaders>
<add name="Access-Control-Allow-Origin" value="*"/>
<add name="Access-Control-Allow-Headers" value="Content-Type, Accept" />
<add name="Access-Control-Allow-Methods" value="POST,GET,OPTIONS" />
<add name="Access-Control-Max-Age" value="1728000" />
</customHeaders>
</httpProtocol>
</system.webServer>
</configuration>
this is code in my application project
const httpOptions = {
headers: new HttpHeaders({
'Access-Control-Allow-Origin' : '*'
})
}
return this.httpClient.get('https://www.example/1' httpOptions ).subscribe(data => {
console.log("s");
console.log(JSON.stringify(data));
}, err => {
console.log("err => ");
console.log( JSON.stringify(err));
});
but still not working. What did I missed?
A web application executes a cross-origin HTTP request when it
requests a resource that has a different origin (domain, protocol, or
port) from its own.
CORS (Cross Origin Resource Sharing) is a way by which web browsers implement SOP (Same Origin Policy) which says that only the same origin is allowed to access a resource of the server.
Workaround: Use native http plugin. Because CORS and SOP policies are enforced by browsers only, therefore you will not get CORS errors on other http clients like native http calls and POSTman.
https://ionicframework.com/docs/native/http
Why this happens:
Suppose a login form is returned by www.example.com/login. Now, the origin becomes www.example.com
When you will click on submit, the browser will not immediately request the server. It will first verify whether the server is taking a request from this origin ( due to SOP policy followed by browsers) by sending a preflight OPTIONS request.
If server is allowing the request from this origin, then server will send some CORS headers including ACCESS-CONTROL-ALLOW-ORIGIN header.
Read more at: https://ionicframework.com/docs/faq/cors
If server says yes(by sending valid CORS headers), browser will submit the form with the Origin header set to 'www.example.com' along with login parameters.
In other cases, you may have a Login API on www.example.com/api/login server and you are sending a POST request from a different source, http://localhost in case of IONIC Apps
Since the origin is different, you are required to set CORS headers on your Server so that any request made from the http://localhost is allowed. But there are some factors to keep in mind. Like, setting ACCESS-CONTROL-ALLOW-ORIGIN to '*' doesnot work when you send request with credentials.
I recommend that you should read this document about CORS and its policies. it will help you in the future.
https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS
At first, I suspect there is something wrong with your configuration used for creating Restful style WCF service.
Pay attention to the name property of the service section and the contract property of the endpoint section.
<service name="RESTAPI03.test">
<endpoint address="" behaviorConfiguration="RESTAPI03.testAspNetAjaxBehavior"
binding="webHttpBinding" bindingConfiguration="TransportSecurity" contract="RESTAPI03.Hotels" />
</service>
The name property of the service should be a qualified name of the service implemented class and the contract property should be a qualified name of the service contract, like this.
<service name="WcfService3.Service1" behaviorConfiguration="mybehavior">
<endpoint address="" binding="webHttpBinding" bindingConfiguration="mybinding" contract="WcfService3.IService1" behaviorConfiguration="rest"/>
</service>
Please refer to my configuration with the ProtocolMapping feature. It works on both HTTP and HTTPS protocol and supports your service irrespective of any service contract.
<system.serviceModel>
<bindings>
<webHttpBinding>
<binding name="httpsbinding">
<security mode="Transport">
<transport clientCredentialType="None"></transport>
</security>
</binding>
</webHttpBinding>
</bindings>
<behaviors>
<serviceBehaviors>
<behavior>
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
</behavior>
</serviceBehaviors>
<endpointBehaviors>
<behavior>
<webHttp />
</behavior>
</endpointBehaviors>
</behaviors>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" />
<protocolMapping>
<add binding="webHttpBinding" scheme="http"></add>
<add binding="webHttpBinding" scheme="https" bindingConfiguration="httpsbinding"/>
</protocolMapping>
</system.serviceModel>
Secondly, there usually are two ways to enable CORS in Restful WCF service.
1. Add a global.asax file to the WCF project and the below code
snippets to Application_BeginRequest event.
protected void Application_BeginRequest(object sender, EventArgs e)
{
HttpContext.Current.Response.AddHeader("Access-Control-Allow-Origin", "*");
if (HttpContext.Current.Request.HttpMethod == "OPTIONS")
{
HttpContext.Current.Response.AddHeader("Cache-Control", "no-cache");
HttpContext.Current.Response.AddHeader("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS");
HttpContext.Current.Response.AddHeader("Access-Control-Allow-Headers", "Cache-Control, Pragma, Origin, Authorization, Content-Type, X-Requested-With,Accept");
HttpContext.Current.Response.AddHeader("Access-Control-Max-Age", "1728000");
HttpContext.Current.Response.End();
}
}
Adding a global.asax file and modify the Application_BeginRequest event.
if (Request.Headers.AllKeys.Contains("Origin") && Request.HttpMethod == "OPTIONS")
{
Response.End();
}
Subsequently, add the following configuration to the Web.config file.
<httpProtocol>
<customHeaders>
<add name="Access-Control-Allow-Origin" value="*"/>
<add name="Access-Control-Allow-Headers" value="content-type" />
<add name="Access-Control-Allow-Methods" value="GET,POST,PUT,DELETE,OPTIONS" />
</customHeaders>
</httpProtocol>
</system.webServer>
Feel free to let me know if the problem still exists.
Related
I have a MVC app talking to ACS to get token for authentication. It's a claim based application. This works perfectly fine.
I am trying to call WCF service from MVC once authenticated with same taken so that i can use same claims for authorization.
MVC code is as below
var context = (BootstrapContext)identity.BootstrapContext;
var binding = new WS2007FederationHttpBinding(WSFederationHttpSecurityMode.Message);
binding.Security.Message.IssuedKeyType = SecurityKeyType.SymmetricKey;
binding.Security.Message.EstablishSecurityContext = false;
binding.Security.Message.IssuerBinding = new WS2007FederationHttpBinding();
EndpointAddress acsEndPoint =
new EndpointAddress("https://ACS namespace/v2/wsfederation");
binding.Security.Message.IssuerAddress = acsEndPoint;
binding.Security.Message.IssuedTokenType = "urn:ietf:params:oauth:token-type:jwt";
ChannelFactory<IService1> factory =
new ChannelFactory<IService1>(binding, new EndpointAddress("https://localhost/TestWCF/Service1.svc"));
factory.Credentials.SupportInteractive = false;
factory.Credentials.UseIdentityConfiguration = true;
var proxy = factory.CreateChannelWithIssuedToken(context.SecurityToken);
proxy.GetData(1);
WCF web config is as below
<system.serviceModel>
<services>
<service name="TestWCF.Service1">
<endpoint address="" behaviorConfiguration="webHttpAutoFormat" binding="ws2007FederationHttpBinding" bindingConfiguration="secureHttpBinding" contract="TestWCF.IService1"/>
<endpoint address="soap" binding="basicHttpBinding" contract="TestWCF.IService1" />
<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" />
</service>
</services>
<bindings>
<ws2007FederationHttpBinding>
<binding name="secureHttpBinding">
<security mode="None">
<message establishSecurityContext="false" issuedKeyType="SymmetricKey" issuedTokenType="urn:ietf:params:oauth:token- type:jwt">
<issuerMetadata address="https://ACS namespace/v2/wstrust/mex"></issuerMetadata>
</message>
</security>
</binding>
</ws2007FederationHttpBinding>
</bindings>
<behaviors>
<serviceBehaviors>
<behavior>
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true"/>
<serviceDebug includeExceptionDetailInFaults="false"/>
<serviceCredentials useIdentityConfiguration="true"></serviceCredentials>
<serviceAuthorization principalPermissionMode="Always" />
</behavior>
</serviceBehaviors>
<endpointBehaviors>
<behavior name="webHttpAutoFormat">
</behavior>
</endpointBehaviors>
</behaviors>
<protocolMapping>
<add binding="basicHttpsBinding" scheme="https" />
</protocolMapping>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true">
<serviceActivations>
<add relativeAddress="Service1.svc" service="TestWCF.Service1" />
</serviceActivations>
</serviceHostingEnvironment>
</system.serviceModel>
Please note my WCF service is not HTTPS also I am using JWT token from ACS. No certificates.
I get below error
The provided URI scheme 'https' is invalid; expected 'http'.
Parameter name: via
Can anyone help?
You are currently initializing your binding with
var binding = new WS2007FederationHttpBinding(WSFederationHttpSecurityMode.Message)
Try changing to
var binding = new WS2007FederationHttpBinding(WSFederationHttpSecurityMode.TransportWithMessageCredential)
From (MSDN - WS Transport With Message Credential):
By default, the wsHttpBinding binding provides HTTP communication.
When configured for transport security, the binding supports HTTPS
communication. HTTPS provides confidentiality and integrity protection
for the messages that are transmitted over the wire. However the set
of authentication mechanisms that can be used to authenticate the
client to the service is limited to what the HTTPS transport supports.
Windows Communication Foundation (WCF) offers a
TransportWithMessageCredential security mode that is designed to
overcome this limitation. When this security mode is configured, the
transport security is used to provide confidentiality and integrity
for the transmitted messages and to perform the service
authentication. However, the client authentication is performed by
putting the client credential directly in the message. This allows you
to use any credential type that is supported by the message security
mode for the client authentication while keeping the performance
benefit of transport security mode.
Your web config should have this instead for <ws2007FederationHttpBinding>:
<ws2007FederationHttpBinding>
<binding name="secureHttpBinding">
<security mode="TransportWithMessageCredential">
<message establishSecurityContext="false" issuedKeyType="SymmetricKey" issuedTokenType="urn:ietf:params:oauth:token- type:jwt">
<issuerMetadata address="https://ACS namespace/v2/wstrust/mex"></issuerMetadata>
</message>
</security>
</binding>
</ws2007FederationHttpBinding>
See also the following answer for some additional info as well: StackOverflow - The provided URI scheme 'https' is invalid; expected 'http'. Parameter name: via
I'm working on a mobile app using PhoneGap, and one of the features involves uploading an image to a web service for processing. I've written a WCF service that's hosted in IIS to accept the image, with a contract that looks like the following:
[ServiceContract]
public interface IImages
{
[OperationContract(Name="UploadImage")]
[WebInvoke(UriTemplate = "?file_key={fileKey}", Method = "POST", BodyStyle = WebMessageBodyStyle.Bare)]
ImageResource UploadImage(string fileKey, Stream imageStream);
}
The configuration section in my web.config looks like:
<system.serviceModel>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true">
<serviceActivations>
<add service="Services.Images" relativeAddress="images.svc" />
</serviceActivations>
</serviceHostingEnvironment>
<services>
<service behaviorConfiguration="DefaultServiceBehavior" name="Services.Images">
<endpoint behaviorConfiguration="DefaultEndpointBehavior" binding="webHttpBinding" bindingConfiguration="PublicStreamBinding" contract="Services.Contracts.IImages" />
</service>
</services>
<bindings>
<webHttpBinding>
<binding name="PublicStreamBinding"
maxReceivedMessageSize="2000000000" transferMode="Streamed">
<security mode="None" />
</binding>
</webHttpBinding>
</bindings>
<behaviors>
<endpointBehaviors>
<behavior name="DefaultEndpointBehavior">
<webHttp helpEnabled="true" />
</behavior>
</endpointBehaviors>
<serviceBehaviors>
<behavior name="DefaultServiceBehavior">
<serviceMetadata httpGetEnabled="false" />
<serviceDebug includeExceptionDetailInFaults="true" />
<serviceThrottling maxConcurrentCalls="30" maxConcurrentInstances="30" />
</behavior>
</serviceBehaviors>
</behaviors>
</system.serviceModel>
When I attempt to upload a file to the endpoint, using PhoneGap's FileTransfer class, the response returned from the service is a 405 Method Not Allowed. What am I doing wrong here?
UPDATE: The function in my mobile app that's uploading the file is below. This code previous worked fine when pointed to an older ASMX service.
ns.UploadImage = function(){
//alert(ns.Dictionary['LocalImagePath']);
var uri = ns.Dictionary['LocalImagePath'];
try {
var options = new FileUploadOptions();
options.fileKey = uri.substr(uri.lastIndexOf('/')+1) + ".jpeg";
options.fileName = uri.substr(uri.lastIndexOf('/')+1) + ".jpeg";
options.mimeType = "image/jpeg";
var ft = new FileTransfer();
ft.upload(uri, GetServerUrl()+"images.svc?file_key="+options.fileKey, ns.UploadImageSuccess, ns.UploadImageError, options);
} catch (e) {
ns.UploadImageError(e);
}
};
Ok so I think I figured this out. Apparently, when the method is hosted at the root like this, if you don't follow the name of the service in the uri with '/', the request won't get routed correctly. So, in the function that uploads the file, I changed the ft.upload line to the following:
ft.upload(uri, GetServerUrl()+"images.svc/?file_key="+options.fileKey, ns.UploadImageSuccess, ns.UploadImageError, options);
Which worked.
I have a simple WCF Service shown below.
[ServiceContract]
public interface IService1
{
[OperationContract]
[WebInvoke(Method = "POST", BodyStyle = WebMessageBodyStyle.WrappedRequest)]
string GetData(int value);
}
public class Service1 : IService1
{
public string GetData(int value)
{
return string.Format("You entered: {0}", value);
}
}
The server Web.config file is
<?xml version="1.0"?>
<configuration>
<appSettings>
<add key="aspnet:UseTaskFriendlySynchronizationContext" value="true" />
</appSettings>
<system.serviceModel>
<behaviors>
<endpointBehaviors>
<behavior name="webHttpEndpointBehavior">
<webHttp faultExceptionEnabled="true" />
</behavior>
</endpointBehaviors>
<serviceBehaviors>
<behavior name="serviceBehaviourDebug">
<!-- To avoid disclosing metadata information, set the values below to false before deployment -->
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true"/>
<!-- To receive exception details in faults for debugging purposes, set the value below to true.
Set to false before deployment to avoid disclosing exception information -->
<serviceDebug includeExceptionDetailInFaults="true"/>
</behavior>
</serviceBehaviors>
</behaviors>
<services>
<service name="Diws.Service1" behaviorConfiguration="serviceBehaviourDebug">
<endpoint
address="/basicHttp"
binding="basicHttpBinding"
contract="Diws.IService1"/>
<endpoint
address="/webHttp"
binding="webHttpBinding"
behaviorConfiguration="webHttpEndpointBehavior"
contract="Diws.IService1"/>
<endpoint
address="/wsHttp"
binding="wsHttpBinding"
contract="Diws.IService1"/>
<endpoint
address="mex"
binding="mexHttpBinding"
contract="IMetadataExchange" />
</service>
</services>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" />
</system.serviceModel>
<system.web>
<compilation debug="true" targetFramework="4.5" />
<httpRuntime targetFramework="4.5"/>
</system.web>
<system.webServer>
<modules runAllManagedModulesForAllRequests="true"/>
<!--
To browse web app root directory during debugging, set the value below to true.
Set to false before deployment to avoid disclosing web app folder information.
-->
<directoryBrowse enabled="true"/>
</system.webServer>
</configuration>
The client is a console app whose App.config is this.
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<startup>
<supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.5" />
</startup>
<system.serviceModel>
<behaviors>
<endpointBehaviors>
<behavior name="webHttpEndpointBehavior">
<webHttp />
</behavior>
</endpointBehaviors>
</behaviors>
<bindings>
<basicHttpBinding>
<binding name="BasicHttpBinding_IService1" />
</basicHttpBinding>
<wsHttpBinding>
<binding name="WsHttpBinding_IService1" />
</wsHttpBinding>
<webHttpBinding>
<binding name="WebHttpBinding_IService1" />
</webHttpBinding>
</bindings>
<client>
<endpoint
address="http://localhost:50001/Service1.svc/basicHttp"
binding="basicHttpBinding"
bindingConfiguration="BasicHttpBinding_IService1"
contract="ServiceReference1.IService1"
name="BasicHttpEndpoint_IService1" />
<endpoint
address="http://localhost:50001/Service1.svc/webHttp"
behaviorConfiguration="webHttpEndpointBehavior"
binding="webHttpBinding"
bindingConfiguration="WebHttpBinding_IService1"
contract="ServiceReference1.IService1"
name="WebHttpEndpoint_IService1" />
<endpoint
address="http://localhost:50001/Service1.svc/wsHttp"
binding="wsHttpBinding"
bindingConfiguration="WsHttpBinding_IService1"
contract="ServiceReference1.IService1"
name="WsHttpEndpoint_IService1"/>
</client>
</system.serviceModel>
<system.web>
<compilation debug="true" targetFramework="4.5" />
<httpRuntime targetFramework="4.5"/>
</system.web>
</configuration>
And the client program is this.
class Program
{
static void Main(String[] args)
{
String response = "";
Service1Client basicHttpClient = new Service1Client("BasicHttpEndpoint_IService1");
response = basicHttpClient.GetData(10);
basicHttpClient.Close();
Console.WriteLine(response);
///* Some communication exception
Service1Client webHttpClient = new Service1Client("WebHttpEndpoint_IService1");
response = webHttpClient.GetData(20);
webHttpClient.Close();
Console.WriteLine(response);
//*/
Service1Client wsHttpClient = new Service1Client("WsHttpEndpoint_IService1");
response = wsHttpClient.GetData(30);
wsHttpClient.Close();
Console.WriteLine(response);
Console.WriteLine();
Console.WriteLine("Done");
Console.ReadLine();
}
}
The basicHttpClient and the wsHttpClient work perfectly. However, the webHttpClient throws the exception "System.ServiceModel.CommunicationException was unhandled, HResult=-2146233087, Message=Internal Server Error"
I cannot debug on the servers side as Visual Studio 2012 says
"Unable to automatically debug 'MyProject'. The remote procedure could not be debugged. This usually indicates that debugging has not been enabled on the server."
However, debugging is enabled. I wasn't able to get any insights from using the SvcTraceViewer with diagnostics turned on.
My main interest is figuring out why the REST call using WebHttpBinding is failing, but help getting server side debugging working would be appreciated as well. I'm debugging both the client and the server in VS2012 using multiple startup projects. Localhost is the only server involved.
I understand that the REST endpoint won't show up in WcfTestClient since it provides no metadata exchange, but I expected to be able to call the service through that endpoint and I see no difference between my code and examples of calling RESTful WCF services.
For accessing a REST endpoint try making a HTTP POST request using a browser or HttpClient to the URL : $http://localhost:50001/Service1.svc/webHttp/GetData$. When you use webHttpClient as you do in your code to make a call to the service you are sending a SOAP request which a REST endpoint cannot process. I believe that's the reason your other two endpoints work fine but not this one.
I have a WCF service configured to use Transport security and basic authentication.
The service is hosted in iiexpress withing vs2010.
I am able to connect from my client code but always receive:
"The HTTP request is unauthorized with client authentication scheme 'Anonymous'. The authentication header received from the server was 'Basic realm=realm'."
And this has an inner exception of:
"The remote server returned an error: (401) Unauthorized."
Similar to Can not call web service with basic authentication using WCF although my client code already has the settings set out in the answer.
I also followed HTTP Basic Authentication against Non-Windows Accounts in IIS/ASP.NET (Part 3 - Adding WCF Support) and the previous blog to set up a Module and the IAuthorizationPolicy classes.
IISExpress is configed in classic mode with anonymous and windows authentication disabled and SSL enabled.
Client Config:
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="NotificationHttpBinding">
<security mode="Transport">
<transport clientCredentialType="Basic" />
</security>
</binding>
</basicHttpBinding>
</bindings>
<client>
<endpoint address="https://localhost/NotificationService.svc"
binding="basicHttpBinding" bindingConfiguration="NotificationHttpBinding"
contract="NotificationPortType" name="BasicHttpBinding_NotificationPortType" />
</client>
</system.serviceModel>
Service Config:
<system.serviceModel>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" />
<services>
<service name="Notification.NotificationService" behaviorConfiguration="NotificationServiceBehavior">
<endpoint binding="basicHttpBinding" contract="NotificationPortType" bindingConfiguration="NotificationHttpBinding" >
</endpoint>
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="NotificationServiceBehavior">
<serviceMetadata />
<serviceDebug includeExceptionDetailInFaults="false"/>
<serviceAuthorization>
<authorizationPolicies>
<add policyType="Notification.HttpContextIdentityPolicy, Notification" />
</authorizationPolicies>
</serviceAuthorization>
</behavior>
</serviceBehaviors>
</behaviors>
<bindings>
<basicHttpBinding>
<binding name="NotificationHttpBinding">
<security mode="Transport">
<transport clientCredentialType="Basic" />
</security>
</binding>
</basicHttpBinding>
</bindings>
</system.serviceModel>
<system.webServer>
<modules runAllManagedModulesForAllRequests="true"/>
</system.webServer>
<system.web>
<httpModules>
<add name="CustomBasicAuthentication" type="Notification.CustomBasicAuthenticationModule, Notification"/>
</httpModules>
<membership defaultProvider="SampleProvider">
<providers>
<add name="SampleProvider" type="Notification.HardcodedSecurityProviders, Notification" />
</providers>
</membership>
</system.web>
Client Code is nothing major:
static void Main(string[] args)
{
ServicePointManager.ServerCertificateValidationCallback = (sender, certificate, chain, sslPolicyErrors) => { return true; };
NotificationPortTypeClient client = new NotificationPortTypeClient("BasicHttpBinding_NotificationPortType");
client.ClientCredentials.UserName.UserName = "Test";
client.ClientCredentials.UserName.Password = "PWD";
client.sendNotification(new NotificationRequest());
}
Alternatively
If someone can show me an alternative of how to use IIS6 to host a service WCF which using basic http authentication while requiring SSL (https) I'll be happy with that!
UPDATE
Seems this was my culprit all along:
Avoid http 401 round trip
However, I found that my modules fired fine (in integrated mode) but I was then presented with a service error telling me that basic integration is required but not enabled on the host.
Opened up iisexpress applicationhost.config file and sure enough I found:
<section name="basicAuthentication" overrideModeDefault="Deny" />
followed by
<basicAuthentication enabled="false" />
further down
I've changed these to <section name="basicAuthentication" overrideModeDefault="Allow" />
and tried to enable in my web.config...no dice :(
You need to use WSHttpBinding.
There is a complete sample here.
I JSONP enabled my WCF ServiceContract. Client is successfully calling the JSONP Service (OperationContract). I have a number of other OperationContracts (using the same ServiceContract) that I want to expose using basicHttpBinding (SOAP) endpoint - using the same URI. I think my Service WebConfig is set up correctly. When doing such a thing, should I be able to Add the Service Reference (proxy) using the VS "Add Service Reference" dialog window? Or do I need to manually generate client code in codebehind? If I need to manually do it, can anyone provide an example? Or is my Service WebConfig not configured correctly? I am calling the JSONP Service using this: http://Flixsit:1000/FlixsitWebServices.svc/jsonp
Thanks so much...
<system.serviceModel>
<serviceHostingEnvironment multipleSiteBindingsEnabled="true" aspNetCompatibilityEnabled="true" />
<behaviors>
<endpointBehaviors>
<behavior name="webHttpBehavior">
<webHttp />
</behavior>
</endpointBehaviors>
<serviceBehaviors>
<behavior name="DefaultBehaviors">
<serviceMetadata httpGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
</behavior>
</serviceBehaviors>
</behaviors>
<bindings>
<webHttpBinding>
<binding name="JSONPBinding" crossDomainScriptAccessEnabled="true" />
</webHttpBinding>
<basicHttpBinding>
<binding name="SOAPBinding" />
</basicHttpBinding>
</bindings>
<services>
<service name="Flixsit.Services.FlixsitWebServices" behaviorConfiguration="DefaultBehaviors">
<clear />
<endpoint name="JSONPEndPoint" address="jsonp"
binding="webHttpBinding"
bindingConfiguration="JSONPBinding"
contract="Flixsit.Services.IFlixsitWebServices"
behaviorConfiguration="webHttpBehavior" />
<endpoint name="HttpEndPoint" address=""
binding="basicHttpBinding"
bindingConfiguration="SOAPBinding"
contract="Flixsit.Services.IFlixsitWebServices" />
<host>
<baseAddresses>
<add baseAddress="http://Flixsit:1000/FlixsitWebServices.svc" />
</baseAddresses>
</host>
</service>
</services>
After tooling around for a while I am creating the ChannelFactory like below (in codebehind). Services are now exposed at both endpoints.
try
{
EndpointAddress address = new EndpointAddress("http://Flixsit:1000/FlixsitWebServices.svc");
WSHttpBinding binding = new WSHttpBinding();
ChannelFactory<IFlixsitWebServices> factory = new ChannelFactory<IFlixsitWebServices>(binding, address);
IFlixsitWebServices channel = factory.CreateChannel();
//call the service operation
var customer = channel.GetCustomers();
GridView1.DataSource = customer;
GridView1.DataBind();
//close the channel
((ICommunicationObject)channel).Close();
//close factory
factory.Close();
}
catch (Exception ex)
{
//log ex;
}