After adding SSL to my WCF service, global.asax methods like Apllication_Start or Application_BeginRequest stopped being triggered. The service itself launches normally with no exception. New code added below (and ofc some configurations in IIS Manager:
<system.serviceModel>
<services>
<service name="SomeService.Service" behaviorConfiguration="secureBehavior">
<endpoint
address=""
binding="basicHttpBinding" bindingConfiguration="secureHttpBinding"
contract="SomeService.IService" />
<endpoint
address="mex" binding="mexHttpsBinding"
contract="IMetadataExchange" />
</service>
</services>
<bindings>
<basicHttpBinding>
<binding name="secureHttpBinding">
<security mode="Transport">
<transport clientCredentialType="None" />
</security>
</binding>
</basicHttpBinding>
</bindings>
<behaviors>
<serviceBehaviors>
<behavior name="secureBehavior">
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="false" />
</behavior>
</serviceBehaviors>
</behaviors>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" />
</system.serviceModel>
Related
I'm having truble with configuration around my WCF service and WS-Seciurity.
I don't have access to the client side, so far I'm trying to use SoapUI as a client with WS-A adressing, userName, Password and WSS Password Type 'PasswordDigest' options.
I use IIS and https with a simple certificate, .NET 4.7.
I've tried many versions, but without success. I just want to find simplest, working solution to read 'Seciurity' header from SoapUI/client request with WS-Seciurity PasswordDigest options enabled.
The current error with the current config file 'InvalidSecurity' 'An error occurred when verifying security for the message'
<system.serviceModel>
<protocolMapping>
<add scheme="https" binding="wsHttpBinding"/>
</protocolMapping>
<services>
<service name="SoapService" behaviorConfiguration="SoapServiceConf">
<!--<endpoint address="SoapService" binding="wsHttpBinding" contract="MPA.SoapService.References.ServiceReference.SentSOAP" /> -->
<endpoint address="" binding="wsHttpBinding" contract="Interfaces.ISoap" bindingConfiguration="wsHttpBind"/>
<endpoint contract="IMetadataExchange" binding="mexHttpsBinding" address="mex" />
</service>
</services>
<bindings>
<wsHttpBinding>
<binding maxReceivedMessageSize="10485760" name="wsHttpBind">
<security mode="TransportWithMessageCredential">
<transport clientCredentialType="Basic"/>
<message clientCredentialType="UserName" algorithmSuite="Default" establishSecurityContext="false" />
</security>
<reliableSession enabled="false" />
<readerQuotas maxArrayLength="10485760" maxDepth="1024" maxStringContentLength="10485760" />
</binding>
</wsHttpBinding>
</bindings>
<behaviors>
<serviceBehaviors>
<behavior name="SoapServiceConf">
<serviceCredentials>
<serviceCertificate findValue="soapservice"
storeName="My"
x509FindType="FindByIssuerName" />
</serviceCredentials>
<serviceMetadata httpGetEnabled="false" httpsGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="False" />
</behavior>
<behavior name="MyServiceTypeBehaviors" >
<!-- Add the following element to your service behavior configuration. -->
<serviceMetadata httpGetEnabled="false" httpsGetEnabled="true"/>
</behavior>
</serviceBehaviors>
</behaviors>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" />
</system.serviceModel>
Thanks.
<system.serviceModel>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true"/>
<bindings>
<customBinding>
<binding name="httpBinding">
<binaryMessageEncoding />
<httpTransport maxReceivedMessageSize="2147483647" maxBufferSize="2147483647"/>
</binding>
<binding name="httpsBinding">
<binaryMessageEncoding/>
<httpsTransport maxReceivedMessageSize="2147483647" maxBufferSize="2147483647"/>
</binding>
</customBinding>
</bindings>
<services>
<service name="MyNamespace.MyIService" behaviorConfiguration="MyNamespace.MyIService" >
<endpoint address="http://wcf-client-url/virtualDirectory/MyService.svc"
binding="customBinding" contract="MyNamespace.MyIService"
name="httpBinding"/>
<endpoint address="https://wcf-client-url/virtualDirectory/MyService.svc"
binding="customBinding" bindingConfiguration="httpsBinding"
contract="MyNamespace.MyIService" name="httpsBinding" />
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="MyNamespace.MyIService" >
<serviceMetadata httpsGetEnabled="true" httpGetEnabled="true"/>
<serviceDebug includeExceptionDetailInFaults="true"/>
<dataContractSerializer maxItemsInObjectGraph="2147483646"/>
</behavior>
<behavior name="">
<serviceMetadata httpsGetEnabled="true" httpGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true"/>
</behavior>
</serviceBehaviors>
</behaviors>
<client>
<endpoint address="http://wcf-client-url/virtualDirectory/MyService.svc"
binding="customBinding"
bindingConfiguration="httpBinding"
contract="MyNamespace.MyIService"
name="httpBinding" />
<endpoint address="https://wcf-client-url/virtualDirectory/MyService.svc"
binding="customBinding"
bindingConfiguration="httpsBinding"
contract="MyNamespace.MyIService"
name="httpsBinding" />
</client>
</system.serviceModel>
I have the above configuration in a WCF service that is hosted in IIS. I can successfully browse to the service in the browser, as you can observer i want to use a customBinding.
When i use visual studio to add a reference to this service in my client application using VS inbuilt add service reference dialogue, below is the client endpoint that visual studio creates for me.
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="BasicHttpBinding_MyIService" />
</basicHttpBinding>
</bindings>
<client>
<endpoint address="http://wcf-client-url/virtualDirectory/MyService.svc"
binding="basicHttpBinding" bindingConfiguration="BasicHttpBinding_MyIService"
contract="ServiceReference1.MyIService" name="BasicHttpBinding_MyIService" />
</client>
</system.serviceModel>
What i'm not understanding is why VS is creating for me a client basicHttpBinding yet i have defined a customBinding on the server.
Also, when i test my service in "WCF Test Client" and then double click the config file in WCF Test Client, i see that indeed it displays the below config in the Test Client.
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="BasicHttpBinding_MyIService" />
</basicHttpBinding>
</bindings>
<client>
<endpoint address="http://myPCHostName/virtualDirectory/MyService.svc"
binding="basicHttpBinding" bindingConfiguration="BasicHttpBinding_MyIService"
contract="MyIService" name="BasicHttpBinding_MyIService" />
</client>
</system.serviceModel>
</configuration>
I'm sort of new to this WCF development & i'm not clearly understanding how my customBinding are being ignored.
From my config above, is BasicHttpBinding being set any where as the default binding, or is there away i can completely remove it even though i can't seem to figure where its being set from in that configuration.
try to specify behaviorConfiguration and bindingConfiguration for both endpoints on service side. You have specified bindingConfiguration only for https endpoint, and have not done this for behaviors at all.
Should be something like
<bindings>
<customBinding>
<binding name="httpBinding">
<binaryMessageEncoding />
<httpTransport maxReceivedMessageSize="2147483647" maxBufferSize="2147483647"/>
</binding>
<binding name="httpsBinding">
<binaryMessageEncoding/>
<httpsTransport maxReceivedMessageSize="2147483647" maxBufferSize="2147483647"/>
</binding>
</customBinding>
</bindings>
<services>
<service name="MyNamespace.MyIService" behaviorConfiguration="MyNamespace.MyIService" >
<endpoint address="http://wcf-client-url/virtualDirectory/MyService.svc"
binding="customBinding"
contract="MyNamespace.MyIService"
bindingConfiguration="httpBinding"
behaviorConfiguration="httpEndpoint"
name="httpBinding"/>
<endpoint address="https://wcf-client-url/virtualDirectory/MyService.svc"
binding="customBinding"
bindingConfiguration="httpsBinding"
behaviorConfiguration="httpEndpoint"
contract="MyNamespace.MyIService"
name="httpsBinding" />
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="httpEndpoint" >
<serviceMetadata httpsGetEnabled="true" httpGetEnabled="true"/>
<serviceDebug includeExceptionDetailInFaults="true"/>
<dataContractSerializer maxItemsInObjectGraph="2147483646"/>
</behavior>
</serviceBehaviors>
</behaviors>
I am using a WCF service in my solution. It works fine with http localhost. After installing the certificate it is not working with https localhost.This is the configuration,
<system.serviceModel>
<bindings>
<customBinding>
<binding name="RawReceiveCapable">
<webMessageEncoding webContentTypeMapperType="SmsService.RawContentTypeMapper, SmsService, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null" />
<httpsTransport authenticationScheme="Basic" manualAddressing="true" maxReceivedMessageSize="524288000" transferMode="Streamed" />
</binding>
</customBinding>
</bindings>
<behaviors>
<serviceBehaviors>
<behavior name="ServiceBehavior">
<serviceMetadata httpsGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
</behavior>
</serviceBehaviors>
<endpointBehaviors>
<behavior name="EndpBehavior">
<webHttp />
</behavior>
</endpointBehaviors>
</behaviors>
<services>
<service behaviorConfiguration="ServiceBehavior" name="TR_Registry.Service1">
<!--<endpoint address="" binding="webHttpBinding" contract="TR_Registry.IService1" behaviorConfiguration="EndpBehavior" />-->
<!--<endpoint address="" binding="basicHttpBinding" contract="TR_Registry.IService1"></endpoint>-->
<endpoint address=""
binding="basicHttpBinding"
bindingConfiguration="secureHttpBinding"
contract="TR_Registry.IService1"/>
<endpoint address="mex"
binding="mexHttpsBinding"
contract="IMetadataExchange" />
</service>
</services>
Add following binding
<bindings>
<basicHttpBinding>
<binding name="secureHttpBinding">
<security mode="Transport">
<transport clientCredentialType="None"/>
</security>
</binding>
</basicHttpBinding>
</bindings>
Specify your service and service endpoint
<service name="TR_Registry.Service1">
<endpoint address=""
binding="basicHttpBinding"
bindingConfiguration="secureHttpBinding"
contract="TR_Registry.IService1"/>
<endpoint address="mex"
binding="mexHttpsBinding"
contract="IMetadataExchange" />
</service>
For more details go through this link http://msdn.microsoft.com/en-us/library/hh556232%28v=vs.110%29.aspx
Try using setting basicHttpBinding details and using Transport level security
<bindings>
<basicHttpBinding>
<binding name="secureHttpBinding">
<security mode="Transport">
<transport clientCredentialType="None"/>
</security>
</binding>
</basicHttpBinding>
</bindings>
I am trying to configure the DataApi.svc service of the DotNetOpenAuth to call my resources via https using AJAX.
I can call the service and hit the code behind but the OperationContext.Current.ServiceSecurityContext will be not authenticated
In IIS, I have "Anonymous authentication" set to "true".
In Fiddler I can see that the header is sent:
Authorization: Bearer gAAAAMcRmG5vw3LykShq7cNOEGUACBiNtlVGxGYdSVfkkXjR-[truncated]
The interface is decorated like that:
[ServiceContract]
public interface IDataApi {
[OperationContract, WebGet(UriTemplate = "/email", ResponseFormat = WebMessageFormat.Json)]
string GetEmail();
And here is my config:
<bindings>
<wsHttpBinding>
<binding>
<security mode="Transport">
<transport clientCredentialType="None"/>
</security>
</binding>
</wsHttpBinding>
<webHttpBinding>
<binding>
<security mode="Transport">
<transport clientCredentialType="None"/>
</security>
</binding>
</webHttpBinding>
</bindings>
<behaviors>
<serviceBehaviors>
<behavior name="DataApiBehavior">
<serviceDebug includeExceptionDetailInFaults="true" />
<serviceMetadata httpsGetEnabled="true" />
</behavior>
</serviceBehaviors>
<endpointBehaviors>
<behavior name="DataApiWebBehavior">
<webHttp />
</behavior>
</endpointBehaviors>
</behaviors>
<services>
<service behaviorConfiguration="DataApiBehavior" name="OAuthResourceServer.DataApi">
<endpoint address="" binding="wsHttpBinding" contract="OAuthResourceServer.Code.IDataApi" />
<endpoint address="mex" binding="mexHttpsBinding" contract="IMetadataExchange" />
<endpoint address="web" binding="webHttpBinding" contract="OAuthResourceServer.Code.IDataApi" behaviorConfiguration="DataApiWebBehavior">
</endpoint>
</service>
</services>
Any idea of what can be wrong?
Thanks!
I was missing the
<serviceAuthorizationserviceAuthorizationManagerType="OAuthResourceServer.Code.OAuthAuthorizationManager, OAuthResourceServer" principalPermissionMode="Custom" />
in the service behavior! Solved :)
I have a nice WCF REST-ful JSON service working well as is. The problem arises when I try to put it to work on HTTPS. The Web.config is as follows:
<system.serviceModel>
<bindings>
<webHttpBinding>
<binding name="StreamedRequestWebBinding" bypassProxyOnLocal="true" useDefaultWebProxy="false" hostNameComparisonMode="WeakWildcard" sendTimeout="10:15:00" openTimeout="10:15:00" receiveTimeout="10:15:00" maxReceivedMessageSize="2147483647" maxBufferSize="2147483647" maxBufferPoolSize="2147483647" transferMode="StreamedRequest">
<security mode="Transport">
<transport clientCredentialType = "None" />
</security>
<readerQuotas maxArrayLength="2147483647" maxStringContentLength="2147483647" />
</binding>
</webHttpBinding>
</bindings>
<services>
<service name="WcfRESTFullJSON.Service1" behaviorConfiguration="ServiceBehaviour">
<endpoint address="" binding="webHttpBinding" bindingConfiguration="StreamedRequestWebBinding" contract="WcfRESTFullJSON.IService1" />
<endpoint address="mex" binding="mexHttpsBinding" contract="IMetadataExchange" />
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="ServiceBehaviour">
<serviceMetadata httpsGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="false" />
</behavior>
</serviceBehaviors>
<endpointBehaviors>
<behavior name="web">
<!--Him-->
<webHttp automaticFormatSelectionEnabled="true" />
</behavior>
</endpointBehaviors>
</behaviors>
<serviceHostingEnvironment multipleSiteBindingsEnabled="true" aspNetCompatibilityEnabled="true" />
</system.serviceModel>
I configured a home-made certificate on IIS.
On the client I have:
WebClient WC;
...
WC.UploadData(URL, "POST", asciiBytes);
What we get:
The remote server returned an error: (500) Internal Server Error.
What may be the problem?
The issue is resolved. It was a missing reference to a endpoint behavior in the following line
...endpoint behaviorConfiguration="web" address="" binding="webHttpBinding" bindingConfiguration="StreamedRequestWebBinding" contract="WcfRESTFullJSON.IService1"...
in the Web.config below. Thank you for your help friends! The solution was finally found in the article Implementing 5 important principles of REST using WCF Services
<services>
<service name="WcfRESTFullJSON.Service1" behaviorConfiguration="ServiceBehaviour">
<endpoint behaviorConfiguration="web" address="" binding="webHttpBinding" bindingConfiguration="StreamedRequestWebBinding" contract="WcfRESTFullJSON.IService1" />
<endpoint address="mex" binding="mexHttpsBinding" contract="IMetadataExchange" />
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="ServiceBehaviour">
<serviceMetadata httpsGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="false" />
</behavior>
</serviceBehaviors>
<endpointBehaviors>
<behavior name="web">
<!--Him-->
<webHttp automaticFormatSelectionEnabled="true" />
</behavior>
</endpointBehaviors>
As SSL is a protocol under HTTP, there is usually nothing extra to configure in web.config (only a new binding). Another thing that changes if you use SSL is the port... you may need to update the firewall or check that your request is sent to the right port.
See Complete config file
<configuration> <system.web>
<compilation debug="true" targetFramework="4.0" />
<webServices>
<protocols>
<add name="HttpsGet"/>
<add name="HttpsPost"/>
</protocols>
</webServices> </system.web> <system.serviceModel>
<services>
<service name="RESTTEST.RestTestService" behaviorConfiguration="ServiceBehavior">
<endpoint address="" binding="webHttpBinding"
contract="RESTTEST.IRestTestService"
bindingConfiguration="sslBinding"
behaviorConfiguration="web"
></endpoint>
<endpoint address="mex"
binding="mexHttpsBinding"
contract="IMetadataExchange" />
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="ServiceBehavior">
<!-- To avoid disclosing metadata information, set the value below to false and remove the metadata endpoint above before
deployment -->
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true"/>
<!-- To receive exception details in faults for debugging purposes, set the value below to true. Set to false before
deployment to avoid disclosing exception information -->
<serviceDebug includeExceptionDetailInFaults="true"/>
</behavior>
</serviceBehaviors>
<endpointBehaviors>
<behavior name="web">
<webHttp/>
</behavior>
</endpointBehaviors>
</behaviors>
<bindings>
<webHttpBinding>
<binding name="sslBinding" crossDomainScriptAccessEnabled="true">
<security mode="Transport">
</security>
</binding>
</webHttpBinding>
</bindings>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="false">
</serviceHostingEnvironment>
<standardEndpoints>
<webHttpEndpoint>
<standardEndpoint crossDomainScriptAccessEnabled="true"></standardEndpoint>
</webHttpEndpoint>
<webScriptEndpoint>
<standardEndpoint name="" crossDomainScriptAccessEnabled="true" />
</webScriptEndpoint>
</standardEndpoints> </system.serviceModel> <system.webServer>
<modules runAllManagedModulesForAllRequests="true" />
<httpProtocol>
<customHeaders>
<add name="Access-Control-Allow-Origin" value="*" />
<add name="Access-Control-Allow-Headers" value="Content-Type" />
</customHeaders>
</httpProtocol> </system.webServer> </configuration>