I am implementing transport level security in an intranet Silverlight 5 application.
Binding used is custom netTcpBinding and on server end I have enabled security with below settings and PrincipalPermission.
<customBinding>
<binding closeTimeout="00:05:00" openTimeout="00:05:00" receiveTimeout="02:00:00" sendTimeout="00:05:00">
<binaryMessageEncoding maxSessionSize="1000000">
<readerQuotas maxDepth="64" maxStringContentLength="2147483647" maxArrayLength="2147483647" maxBytesPerRead="16384" maxNameTableCharCount="16384" />
</binaryMessageEncoding>
<windowsStreamSecurity protectionLevel="EncryptAndSign"/>
<tcpTransport portSharingEnabled="false" maxReceivedMessageSize="2147483647" maxBufferSize="2147483647" />
</binding>
</customBinding>
When my client is a normal c# console app and proxy created using channel fatory everything works fine.
var tcpBinding = new CustomBinding();
tcpBinding.Elements.Add(new BinaryMessageEncodingBindingElement());
var windowsStreamSecurityBindingElement=new WindowsStreamSecurityBindingElement();
windowsStreamSecurityBindingElement.ProtectionLevel= System.Net.Security.ProtectionLevel.EncryptAndSign;
tcpBinding.Elements.Add(windowsStreamSecurityBindingElement);
tcpBinding.Elements.Add(new TcpTransportBindingElement { MaxReceivedMessageSize = int.MaxValue, MaxBufferSize = int.MaxValue });
tcpBinding.ReceiveTimeout = new TimeSpan(6, 0, 0);
tcpBinding.SendTimeout = new TimeSpan(0, 30, 0);
tcpBinding.ReceiveTimeout = TimeSpan.FromDays(1);
var proxy = new ChannelFactoryServiceWrapper<IHello>(#"net.tcp://XYZ.globaltest.ABC.com:5580/Hello/tcp", tcpBinding).Channel;
var ping = proxy.Ping();
On client(Silverlight 5) I am using same above piece of code but it’s giving compile time error since WindowsStreamSecurityBindingElement is not available in Silverlight 5.
Please tell me any alternative for this.
Related
I have a WCF service that I am connecting in client application. I am using following in configuration file.
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="MyNameSpace.TestService" closeTimeout="00:01:00" openTimeout="00:01:00"
receiveTimeout="00:10:00" sendTimeout="00:01:00" allowCookies="false"
bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard"
maxBufferSize="2147483647" maxBufferPoolSize="524288" maxReceivedMessageSize="2147483647"
messageEncoding="Text" textEncoding="utf-8" transferMode="Buffered"
useDefaultWebProxy="true">
<readerQuotas maxDepth="32" maxStringContentLength="2147483647" maxArrayLength="16384"
maxBytesPerRead="4096" maxNameTableCharCount="16384" />
<security mode="None">
<transport clientCredentialType="None" proxyCredentialType="None"
realm="" />
<message clientCredentialType="UserName" algorithmSuite="Default" />
</security>
</binding>
</basicHttpBinding>
</bindings>
<client>
<endpoint address="http://localhost:9100/TestService" binding="basicHttpBinding"
bindingConfiguration="MyNameSpace.TestService" contract="TestService.IService" name="MyNameSpace.TestService" />
</client>
</system.serviceModel>
In the code, I am calling API on this service as follows,
TestServiceClient client = new TestServiceClient()
client.BlahBlah()
Now I want to defined endpoint porgramatically. How can that be done? I commented out section from config file as I was thinking I will have to put some code on TestServiceClient instance to add endpoint dynamically but then it throws following exception at the point where TestServiceClient is instantiated.
Could not find default endpoint element that references contract
'TestService.IService' in the ServiceModel client configuration
section. This might be because no configuration file was found for
your application, or because no endpoint element matching this
contract could be found in the client element.
How can I accomplish this? Also any point on code examples for adding endpoint programmatically will be appreciated.
To create endpoints and bindings programmatically, you could do this on the service:
ServiceHost _host = new ServiceHost(typeof(TestService), null);
var _basicHttpBinding = new System.ServiceModel.basicHttpBinding();
//Modify your bindings settings if you wish, for example timeout values
_basicHttpBinding.OpenTimeout = new TimeSpan(4, 0, 0);
_basicHttpBinding.CloseTimeout = new TimeSpan(4, 0, 0);
_host.AddServiceEndpoint(_basicHttpBinding, "http://192.168.1.51/TestService.svc");
_host.Open();
You could also define multiple endpoints in your service config, and choose which one to connect to dynamically at run time.
On the client program you would then do this:
basicHttpBinding _binding = new basicHttpBinding();
EndpointAddress _endpoint = new EndpointAddress(new Uri("http://192.168.1.51/TestService.svc"));
TestServiceClient _client = new TestServiceClient(_binding, _endpoint);
_client.BlahBlah();
Can you just use:
TestServiceClient client = new TestServiceClient();
client.Endpoint.Address = new EndPointAddress("http://someurl");
client.BlahBlah();
Note that your binding configuration will no longer apply, as you're not using that endpoint configuration in your configuration file. You'll have to override that, too.
You can try:
TestServiceClient client = new TestServiceClient("MyNameSpace.TestService")
client.BlahBlah()
if not recheck namespace in file TestService is correct?
I'm trying to consume a WS-Security enabled service with WCF. Authentication works using a UsernameToken. I'm not very knowledgeable with WCF web service clients, but I think my configuration below works for regular HTTP communication. I (mostly) used this guide to configure it. The main difference is that I used the VS2010 "Add Service Reference" UI instead of a command prompt.
My problem is that I need to do this over HTTPS. When I use <security mode="Message"> in my app.config, I believe my soap envelope contains the needed WS-Security headers. I can't tell for sure because I can't get logging to work. However, I get the following error: The provided URI scheme 'https' is invalid; expected 'http'. Parameter name: via.
Below are the contents of my app.config file, as well as a sample of my client code.
<configuration>
<system.serviceModel>
<bindings>
<wsHttpBinding>
<binding name="Omitted" closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00" allowCookies="false" bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard" maxBufferPoolSize="524288" maxReceivedMessageSize="65536" messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384" maxBytesPerRead="4096" maxNameTableCharCount="16384" />
<security mode="Message">
<transport clientCredentialType="None" proxyCredentialType="None" realm="" />
<message clientCredentialType="UserName" algorithmSuite="Default" negotiateServiceCredential="false" />
</security>
</binding>
</wsHttpBinding>
</bindings>
<client>
<endpoint address="https://omitted.com/service" binding="wsHttpBinding" bindingConfiguration="Omitted" contract="Omitted.Omitted" name="Omitted" />
</client>
</system.serviceModel>
var service = new OmittedClient();
service.ClientCredentials.UserName.UserName = "username";
service.ClientCredentials.UserName.Password = "password";
var response = service.DoSomething(new DoSomethingRequest());
Thanks to 500 - Internal Server error for helping me figure it out. Here are the steps I took:
Generate a proxy using Visual Studio/WCF.
Change the security mode to TransportWithmessageCredential.
Use the following code to specify a username/password.
var client = new WebServiceClient();
client.ClientCredentials.UserName.UserName = "USERNAME";
client.ClientCredentials.UserName.Password = "PASSWORD";
If you get a response back, but WCF complains when processing it, there might be a timestamp missing from the response. If that's the case, try this to fix it.
// WCF complains about a missing timestamp (http://www.west-wind.com/weblog/posts/2007/Dec/09/Tracing-WCF-Messages)
var elements = service.Endpoint.Binding.CreateBindingElements();
elements.Find().IncludeTimestamp = false;
service.Endpoint.Binding = new CustomBinding(elements);
I got this crazy problem I'm trying to deal with. I know that when we're getting huge amount of data we must increase the quota on client .config file, but what am I supposed to do if my client is sending huge data "to" the WCF server?
It works perfectly normal when I'm sending small sized input parameter. Unfortunately, it breaks down when the input grows bigger.
Debugger it says:
Bad Request, 400;
on trace file it is:
The maximum message size quota for incoming messages (65536) has
been exceeded. To increase the quota, use the MaxReceivedMessageSize
property on the appropriate binding element.
Is there some way to increase this quota of incomming data on the server side? if so, how?
Here's my sample config related parts:
<bindings>
<basicHttpBinding>
<binding name="MyBasicHttpBinding"
closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:10:00"
sendTimeout="00:01:00" allowCookies="false" bypassProxyOnLocal="false"
hostNameComparisonMode="StrongWildcard" maxBufferSize="2147483647"
maxBufferPoolSize="2147483647" maxReceivedMessageSize="2147483647"
messageEncoding="Text" textEncoding="utf-8" transferMode="Buffered"
useDefaultWebProxy="true">
<readerQuotas maxDepth="64" maxStringContentLength="2147483647" maxArrayLength="2147483647"
maxBytesPerRead="2147483647" maxNameTableCharCount="2147483647" />
<security mode="None">
<transport clientCredentialType="None" proxyCredentialType="None"
realm="" />
<message clientCredentialType="UserName" algorithmSuite="Default" />
</security>
</binding>
</basicHttpBinding>
</bindings>
<services>
<service name="MyWcfService">
<endpoint address="http://myservice..."
binding="basicHttpBinding" bindingConfiguration="MyBasicHttpBinding"
name="MyBasicHttpBinding" contract="IMyContract" />
</service>
</services>
and here's my client-side code (I create it dynamically):
var binding = new BasicHttpBinding();
binding.MaxBufferPoolSize = 2147483647;
binding.MaxBufferSize = 2147483647;
binding.MaxReceivedMessageSize = 2147483647;
binding.ReaderQuotas.MaxStringContentLength = 2147483647;
binding.ReaderQuotas.MaxArrayLength = 2147483647;
binding.ReaderQuotas.MaxDepth = 2147483647;
binding.ReaderQuotas.MaxBytesPerRead = 2147483647;
var address = new EndpointAddress("http://mylocalservice..");
ChannelFactory<IMyContract> factory = new ChannelFactory<IMyContract>(binding, address);
foreach (OperationDescription op in factory.Endpoint.Contract.Operations)
{
DataContractSerializerOperationBehavior dataContractBehavior =
op.Behaviors.Find<DataContractSerializerOperationBehavior>()
as DataContractSerializerOperationBehavior;
if (dataContractBehavior != null)
{
dataContractBehavior.MaxItemsInObjectGraph = 2147483646;
}
}
public IMyContract MyClientObject = factory.CreateChannel();
You can set the MaxReceivedMessageSize property on the service via the service's config file.
Setting the client's MaxReceivedMessageSize only affects messages received by the client; it has no effect on messages received by the service. Correspondingly, to allow the service to receive large messages, you need to set the service's config file.
Sample Service Config
<system.serviceModel>
<bindings>
<wsHttpBinding>
<binding name="MyBinding" maxReceivedMessageSize="2147483647" />
</wsHttpBinding>
</bindings>
<services>
<service name="MyService">
<endpoint address="http://myservice" binding="wsHttpBinding"
bindingConfiguration="MyBinding" contract="IMyServiceContract" />
</service>
</services>
</system.serviceModel>
The above is a very stripped down config file, but shows the relevant parts. The important part is that you define the binding and give it a name, and set any values explicitly that are different from the defaults, and use that name in the bindingConfiguration attribute on the endpoint element.
My problem was with the wcf test client. For some reason, it wouldn't generate a client config with the increased maxReceivedMessageSize. My fix was to right click "Config file" -> "Edit with SvcConfigEditor" -> bindings -> maxReceivedMessageSize.
This issue can be resolved by adding the below additional binding node to the binding section of config file.
<basicHttpBinding>
<binding maxBufferSize="2147483647" maxBufferPoolSize="2147483647" maxReceivedMessageSize="2147483647">
<readerQuotas maxDepth="2147483647" maxStringContentLength="2147483647" maxArrayLength="2147483647"
maxBytesPerRead="2147483647" maxNameTableCharCount="2147483647" />
</binding>
</basicHttpBinding>
I've created a WCF service and hosted it in cloud through a worker role. Unfortunately when I try to connect to the worker role service I get an exception with the message:
"No DNS entries exist for host 3a5c0cdffcf04d069dbced5e590bca70.cloudapp.net."
3a5c0cdffcf04d069dbced5e590bca70.cloudapp.net is the address for the worker role deployed in azure staging environment.
The workerrole.cs has the following code to expose the WCF service:
public override void Run()
{
using (ServiceHost host = new ServiceHost(typeof(MyService)))
{
string ip = RoleEnvironment.CurrentRoleInstance.InstanceEndpoints["tcppoint"].IPEndpoint.Address.ToString();
int tcpport = RoleEnvironment.CurrentRoleInstance.InstanceEndpoints["tcppoint"].IPEndpoint.Port;
int mexport = RoleEnvironment.CurrentRoleInstance.InstanceEndpoints["mexinput"].IPEndpoint.Port;
// Add a metadatabehavior for client proxy generation
// The metadata is exposed via net.tcp
ServiceMetadataBehavior metadatabehavior = new ServiceMetadataBehavior();
host.Description.Behaviors.Add(metadatabehavior);
Binding mexBinding = MetadataExchangeBindings.CreateMexTcpBinding();
string mexlistenurl = string.Format("net.tcp://{0}:{1}/MyServiceMetaDataEndpoint", ip, mexport);
string mexendpointurl = string.Format("net.tcp://{0}:{1}/MyServiceMetaDataEndpoint", RoleEnvironment.GetConfigurationSettingValue("Domain"), 8001);
host.AddServiceEndpoint(typeof(IMetadataExchange), mexBinding, mexendpointurl, new Uri(mexlistenurl));
// Add the endpoint for MyService
string listenurl = string.Format("net.tcp://{0}:{1}/MyServiceEndpoint", ip, tcpport);
string endpointurl = string.Format("net.tcp://{0}:{1}/MyServiceEndpoint", RoleEnvironment.GetConfigurationSettingValue("Domain"), 9001);
host.AddServiceEndpoint(typeof(IMyService), new NetTcpBinding(SecurityMode.None), endpointurl, new Uri(listenurl));
host.Open();
while (true)
{
Thread.Sleep(100000);
Trace.WriteLine("Working", "Information");
}
}
}
The tcppoint and mexinput are configured with the ports 8001 and 9001. Also Domain is configured with worker role deployment url:3a5c0cdffcf04d069dbced5e590bca70.cloudapp.net
On the client part(a console app), we are using the following configuration in app.config::
<bindings>
<netTcpBinding>
<binding name="NetTcpBinding_IMyService" closeTimeout="00:01:00"
openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00"
transactionFlow="false" transferMode="Buffered" transactionProtocol="OleTransactions"
hostNameComparisonMode="StrongWildcard" listenBacklog="10"
maxBufferPoolSize="524288" maxBufferSize="65536" maxConnections="10"
maxReceivedMessageSize="65536">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
maxBytesPerRead="4096" maxNameTableCharCount="16384" />
<reliableSession ordered="true" inactivityTimeout="00:50:00"
enabled="false" />
<security mode="None">
<transport clientCredentialType="Windows" protectionLevel="EncryptAndSign" />
<message clientCredentialType="Windows" />
</security>
</binding>
</netTcpBinding>
</bindings>
<client>
<endpoint address="httpp:\\3a5c0cdffcf04d069dbced5e590bca70.cloudapp.net:9001/MyServiceEndpoint" binding="netTcpBinding"
bindingConfiguration="NetTcpBinding_IMyService" contract="ServiceReference1.IMyService"
name="NetTcpBinding_IMyService" />
</client>
<behaviors>
<serviceBehaviors>
<behavior name="behave">
<serviceMetadata httpGetEnabled="false"/>
</behavior>
</serviceBehaviors>
</behaviors>
</system.serviceModel>
<system.net>
<defaultProxy useDefaultCredentials="true">
<proxy autoDetect="False" usesystemdefault="False" bypassonlocal="True" />
</defaultProxy>
The following code is built using the sample code available in msdn as background. Locally it is working fine. Unfortunately when i deploy it to cloud, the exception occurs. Moreover, when i use the virtual ip instead of the url, a connection time out occurs with the exception the remote machine did not respond.
Looks like you have your service setup to listen on net.tcp (TCP) and your client using http bindings. I would not expect that to work even locally. I am assuming you have actually opened port 9000 in the ServiceDefinition. Remember that will be a load-balanced endpoint. Are you trying to communicate to this instance from within the deployment (inter-role) or from outside the cloud?
I have found it is a lot easier to setup the host and client (when communicating within a role) through code. Try this:
http://dunnry.com/blog/2010/05/28/HostingWCFInWindowsAzure.aspx
If you are trying to hit the service from a client outside the deployment, this still applies, but for the client building part. You will need to use the external DNS name and port defined in ServiceDefinition.
I have also seen DNS errors if you try to hit the endpoint too soon before the role was ready. It can take a bit to propogate the DNS and you should try not to resolve it until it is ready, lest you cache a bogus DNS entry. If you can resolve that DNS name however to your VIP address, that is not the issue.
public void CallWebService(string data)
{
try
{
string uri = "url"+data;
HttpWebRequest request = (HttpWebRequest)HttpWebRequest.Create(uri);
HttpWebResponse response = (HttpWebResponse)request.GetResponse();
Stream str = response.GetResponseStream();
StreamReader sr = new StreamReader(str);
String IResponse = sr.ReadToEnd();
}
catch (Exception ex)
{
System.Console.WriteLine("Message: "+ex.Message);
}
}
Hope it helps you.
I get this exception while creating scope for few tables all those tables are huge in design
<bindings>
<wsHttpBinding>
<binding name="wsHttpBinding_ISyncServices" closeTimeout="00:10:00"
openTimeout="00:10:00" receiveTimeout="00:10:00" sendTimeout="00:10:00"
transactionFlow="false" hostNameComparisonMode="StrongWildcard"
maxBufferPoolSize="2147483647" maxReceivedMessageSize="2147483647">
<readerQuotas maxDepth="32" maxStringContentLength="2147483647"
maxArrayLength="2147483647" maxBytesPerRead="2147483647"
maxNameTableCharCount="2147483647" />
<reliableSession ordered="true" inactivityTimeout="00:10:00"
enabled="false" />
<security mode="Message">
<transport clientCredentialType="Windows"
proxyCredentialType="None" realm="">
<extendedProtectionPolicy policyEnforcement="Never" />
</transport>
<message clientCredentialType="Windows"
negotiateServiceCredential="true" algorithmSuite="Default" />
</security>
</binding>
</wsHttpBinding>
</bindings>
I have made MaxReceivedMessageSize to 2147483647
but still it is giving me below exception at this line
client.GetTableDescription(scopeName, syncTable)
The maximum message size quota for incoming messages (65536) has been exceeded.
To increase the quota, use the MaxReceivedMessageSize property on the appropriate binding element.
As per this question's answer
You will want something like this:
<bindings>
<basicHttpBinding>
<binding name="basicHttp" allowCookies="true"
maxReceivedMessageSize="20000000"
maxBufferSize="20000000"
maxBufferPoolSize="20000000">
<readerQuotas maxDepth="32"
maxArrayLength="200000000"
maxStringContentLength="200000000"/>
</binding>
</basicHttpBinding> </bindings>
Please also read comments to the accepted answer there, those contain valuable input.
If you are using CustomBinding then you would rather need to make changes in httptransport element.
Set it as
<customBinding>
<binding ...>
...
<httpsTransport maxReceivedMessageSize="2147483647"/>
</binding>
</customBinding>
Updating the config didn't work for me, but I was able to edit the binding programmatically:
private YourAPIClient GetClient()
{
Uri baseAddress = new Uri(APIURL);
var binding = new BasicHttpBinding();
binding.MaxReceivedMessageSize = 20000000;
binding.MaxBufferSize = 20000000;
binding.MaxBufferPoolSize = 20000000;
binding.AllowCookies = true;
var readerQuotas = new XmlDictionaryReaderQuotas();
readerQuotas.MaxArrayLength = 20000000;
readerQuotas.MaxStringContentLength = 20000000;
readerQuotas.MaxDepth = 32;
binding.ReaderQuotas = readerQuotas;
if (baseAddress.Scheme.ToLower() == "https")
binding.Security.Mode = BasicHttpSecurityMode.Transport;
var client = new YourAPIClient(binding, new EndpointAddress(baseAddress));
return client;
}
You need to make the changes in the binding configuration (in the app.config file) on the SERVER and the CLIENT, or it will not take effect.
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding maxReceivedMessageSize="2147483647 " max...=... />
</basicHttpBinding>
</bindings>
</system.serviceModel>
You also need to increase maxBufferSize. Also note that you might need to increase the readerQuotas.
This worked for me:
Dim binding As New WebHttpBinding(WebHttpSecurityMode.Transport)
binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.None
binding.MaxBufferSize = Integer.MaxValue
binding.MaxReceivedMessageSize = Integer.MaxValue
binding.MaxBufferPoolSize = Integer.MaxValue
For me, the settings in web.config / app.config were ignored. I ended up creating my binding manually, which solved the issue for me:
var httpBinding = new BasicHttpBinding()
{
MaxBufferPoolSize = Int32.MaxValue,
MaxBufferSize = Int32.MaxValue,
MaxReceivedMessageSize = Int32.MaxValue,
ReaderQuotas = new XmlDictionaryReaderQuotas()
{
MaxArrayLength = 200000000,
MaxDepth = 32,
MaxStringContentLength = 200000000
}
};
My solution was to use the "-OutBuffer 2147483647" parameter in my query, which is part of the Common Parameters.
PS C:> Get-Help about_CommonParameters -Full