Before migrating to WCF auth service called by SOPAUI with basic creds was ok. But when they added WCF i get the "Cannot verify security of the incomming message"
What to be able to call service?
thanks
Related
I have written WCF and hosted in windows service now when accessing the services via basic http binding, it is showing "This could be due to attempting to access a service in a cross-domain way without a proper cross-domain policy in place, or a policy that is unsuitable for SOAP services. You may need to contact the owner of the service to publish a cross-domain policy file and to ensure it allows SOAP-related HTTP headers to be sent. This error may also be caused by using internal types in the web service proxy without using the InternalsVisibleToAttribute attribute. Please see the inner exception for more details." Please suggest solution step by step
Thanks to all for not replying but I got the solution. Please suggest if anything is not in order.
We have created WCF and hosted it in Windows Services as netTCP. Now, I created Silverlight Enabled WCF Services in Silverlight.Web Project and call netTcp service from here and Silverlight WCF enabled Services called in Silverlight Project and it is running fantastic. Before this I tried from Web Service but it is taking when large data calling from silverlight application.
I have a web service running outside of .net that I need to invoke from a .NET client.
I was given a .NET client written in Visual Basic to test with.
The .NET client can access the web service with a clear-text SOAP message using basicHttpBinding.
I can configure a policy/binding for the external web service to use the Kerberos token for Message Level Protection and authentication. I can access this web service from the .NET client by modifying the configuration file to use wsHttpBinding.
Now, the requirement is to use the Kerberos token for authentication only and not sign/encrypt the SOAP message. That is, I only need the tags in the SOAP header. I have this configuration working on the external web service, but now I want to modify the configuration file so the .NET client only sends the and does not sign/encrypt any part of the SOAP message.
Is it possible to modify the .net client's .config file to do this?
My understanding is that basicHttpBinding can not be modified to use a Kerberos token (only UserName/Certificate).
I've tried disabling signing/encryption in wsHttpBinding via an attribute such as "defaultProtectionLevel=Sign/SignEncrypt/None", but this isn't available in wsHttpBinding (or I can't find it). I can only disable or enable message level protection and authentication with .
I've also tried building a customBinding, but can not disable signing/encryption and use the Kerberos token for authentication only.
Does anyone have a solution or some tips that could point me in the right direction to go about solving the above issues?
I'm trying to call a webservice with WCF Test Client but the webservice requires authentication.
How do I log on and call it by WCF Test Client (I tried to get it from browsers and then to call but does not work). I could use SOAP UI, but I'd like to do it with WCF Test Client if is possible. Maybe changing WCF config?
Error: Cannot obtain Metadata from If this is a Windows (R)
Communication Foundation service to which you have access, please
check that you have enabled metadata publishing at the specified
address. For help enabling metadata publishing, please refer to the
MSDN documentation at
http://go.microsoft.com/fwlink/?LinkId=65455.WS-Metadata Exchange
Error URI: Metadata contains a reference that cannot be
resolved: ''. The HTTP request is unauthorized with client
authentication scheme 'Anonymous'. The authentication header received
from the server was 'Basic realm=""'. The remote server
returned an error: (401) Unauthorized.HTTP GET Error URI:
There was an error downloading ''. The request failed with
HTTP status 401: Unauthorized.
Do you have a mex endpoint specified in your config?
If you're having setup issues I'd suggest reading through the Codeplex applications scenarios to ensure you have setup your service and WCF Test Client properly.
Please post configs and some sample code if you require any further help.
EDIT:
These links may provide some insight in to the issue:
WCF - Cannot obtain Metadata, but works when the XML Endpoint is removed?
Cannot obtain Metadata from WCF service when using Microsoft WCF Test Client.
I am trying to consume a third party web service, which is developed not in .NET but in some other langauge (may be in Java). I am trying to consume the service from WCF Client. But while adding Service reference it is throwing a error:
The HTTP request is unauthorized with client authentication scheme 'Anonymous'. The authentication header received from the server was 'basic realm="EXTRACT-CREDENTIAL"'.
Also when I am hitting the service URL in a browser it's throwing an error as follows:
HTTP GET Requests are not supported by the broker. Please use HTTP POST instead
What could be the way to consume the service from WCF client?
When i try to invoke a WCF service from an asp.net application (RP) which is authenticated by another asp.net application(IP) , I'm getting an error message with content of Login page (It is trying to reach the login page because it could not authenticate the request).
Identity Provider : _http://localhost/AuthenticatonWS/Login.aspx
Relying party Website : _http://localhost/RPWebsite/Default.aspx
WCF Service : _http://localhost/RPWebsite/Service1.svc
(In my solution I'm calling service1.svc from default.aspx.cs)
I don't want the service to be anonymous. Currently the site (RPWebsite) uses STS and trusts local Identity provider, but in production it can trust any external identity provider thru ADFS.
Can any one guide me how i can pass the token information to the service from aspx page, I did try several examples from internet but i could not get it working.
The problem could very well be that the RPWebsite uses ClaimsAuthorizationModule in <system><httpModules> or <system.webserver><modules> in web.config. This causes any web service call to be redirected to the STS for authentication, as if it were an interactive browser request, as you observed.
Alternatively, this module can be added in the WIF-specific section of web.config, that is, in <microsoft.identityModel><service>, and in this case this module is only used for claims-based WCF web service calls. You add it in the following form: <claimsAuthorizationManager type="MyNamespace.CustomClaimsAuthenticationManager, MyAssembly"/>. (This type must extend ClaimsAuthorizationManager, as described in the WIF documentation page "ClaimsAuthenticationManager, ClaimsAuthorizationManager, and OriginalIssuer".)
Reference: Vittorio Bertocci, "Programming WIF", p. 43.
I think there are several options:
Using Persistent Authentication Cookies that support multiple client sessions. Or support sharing session between your RP and WCF service, so that WCF can re-utilized the authentication cookies issued for RP when RP makes a call to WCF service. To be honest, I have never tried to implement this in action. It is just my theory.
Create an separate authentication service which require no user-interaction (such as entering username/password). And then you have plenty of way to call WCF from your RP:
From your RP, ask the authentication service to issue a token for WCF; attach the token into request header of WCF call (e.g.: Authorization); then call WCF service. This requires a custom HttpModule to accept custom request header containing token at WCF service.
From your RP, you can also store UserName/Password, or an unique user identity claim which could identify the user; attach those information into request header of WCF call (e.g.: Authorization); then call WCF service. This also requires custom HttpModule to accept custom request header at WCF service.
I would recommend the second option, which you could find more useful information and guideline from Dominick Baier's blog.
Just my 2 cents.