I have a client that use CustomBinding to consume a web service. I'm setting the service and client certificate before sending my request, but this way I need to know the service certificate to use and have it installed in the client machine. I'd like to let the service to provide the current certificate so I don't have to update it every time it changes.
I know this can be done when using WSHttpBinding by setting NegotiateServiceCredential to True through the Security property, but since I'm using CustomBinding there is not such a property and I don't know where to set NegotiateServiceCredential to True.
Can anyone help me with this?
Thanks.
You need to create a CustomBinding that works over HTTP and has a MessageSecurityOverHttpElement element on it. There you you'll find a NegotiateServiceCredential property which will allow to enable/disable the feature.
This link should get you started writing a Custom Binding with a SecurityBindingElement. From there work your way up until you manage to add the MessageSecurityOverHttpElement.
Related
I am using WCF service, which have two endpoint WsHttpBinding and NetTcpBinding and the service is using Forms Authentication. Service is hosted on IIS 7.
This works perfectly with WsHttpBinding, but fails for NetTcpBinding.
It fails on below statement:
FormsAuthentication.SetAuthCookie("COOKIENAME", false);
And the exception is :
Object reference not set to an instance of an object.
Please share your ideas on this.
Forms Authentication requires cookies/session which is not supported by protocol itself.
So, Forms authentication can not implemented on NetTcpBinding of WCF service.
Option 1:
As an Alternative:
Add references to System.IdentityModel & System.IdentityModel.Selectors as well as the WCF assemblies.
Set the security mode to Message on your binding
Set the Message.ClientCredentialType to MessageCredentialType.UserName
Create a type derived from UserNamePasswordValidator and implement the only method. You should throw a SecurityTokenException if the user name / password pair does not validate.
On your service host instance's Credentials property, set:
UserNameAuthentication.UserNamePasswordValidationMode to UserNamePasswordValidationMode.Custom
UserNameAuthentication.CustomUserNamePasswordValidator to a new instance of your UserNamePasswordValidator-derived class.
Set a service certificate with ServiceCertificate.SetCertificate()
As for the client-side credentials dialog, you can either make one yourself and on your proxy set proxy.ClientCredentials.UserName.UserName & proxy.ClientCredentials.UserName.Password before you open the proxy / use it the first time. Or you can check out how you can implement the System.ServiceModel.Dispatcher.IInteractiveChannelInitializer to create your own interactive initialization UI.
Option 2:
Another Alternative this sounds more like what you want to do ..Passing FormsAuthentication cookie to a WCF service
Why did I provide an answer to an old post - because someone might be looking for an answer. Hope this helps.
i have a wcf rest service hosted on iis which is ssl enabled. i have both a console application and a browser as client. Is it possible to implement ssl on the console app? is possible, any idea or links to related resources will be greatly helpful.
If you want to use mutual SSL with a REST service from your console application, you can use the WebChannelFactory class.
http://msdn.microsoft.com/en-us/library/bb908674.aspx
The client certificate is set using the WebChannelFactory.Credentials property. The advantage of this approach is that you can set the certificate in connnnfiguration so you can change it later without recompiling.
Alternatively, you can use the HttpWebRequest class and its ClientCertificates property.
I have a WinForm app which uses WCF to call a WCF service. I am trying to troubleshoot an issue and need to look at the wcf trace file without any encryption. So I have WCF endpoint set to use BasicHttpBinding and my service contract is set for SessionMode = SessionMode.NotAllowed.
However I keep getting an error "Contract requires Session, but Binding 'BasicHttpBinding' doesn't support it or isn't configured properly to support it".
I don't want to use sessions. Why does it think I want to use sessions?
OR how do I get the messages to go on the wire where I can see objects and their properties in clear text in the trace file?
BasicHttpBinding never uses session. There is something incorrectly configured in your code (or you didn't correctly update service reference). To see messages even if security is enabled use Message logging.
I'm new in the WCF
I wrote some server that work on IIS 7.5
I using the basicHttpBinding endpoint - and i want replace or add support for the wsDualHttpBinding endpoint.
So i used the WCF configuration tool to change the basicHttpBinding to wsDualHttpBinding.
And nothing work.
I change back to http and add new endpoint that will define as wsDualHttpBinding - and nothing work.
( i change in the client also )
How can i support the wsDualHttpBinding ?
Why this is not working ?
After you change the endpoint on the server, you will have to change it on the client as well.
If you change to wsDualHttpBindingon the server, and do nothing to the client, it will remain as basicHttpBinding, and it will not work. The binding on the client will have to be compliant with the server binding for the communication to work between client and server.
If you have already tried this, please let us know which error message you get when trying to run your program.
We have an implemented a WCF service for sync framework communication with the guidance of http://wcfguidanceformobile.codeplex.com/ . The client in created by NetCFSvcUtil.
We have run into a problem when web proxy support is needed.
How can you enable credentials with it?
On the HttpTransportBindingElement we can set the proxyadress, but since our proyx requires login this won't do it.
When trying to set UseDefaultWebProxy to true it still won't use any credentials. It connects to the proxy but gets
Error 407: Proxy authentication required
Can't find any information about it on SO or msdn. Anyone got a clue where to look?
In Compact Framework, use the static GlobalProxySelect.Select property to set the global proxy used by all HttpWebRequests, including WCF service calls.
GlobalProxySelect.Select = new WebProxy(...);
For this to work in WCF, the HttpTransportBindingElement properties must be
ProxyAddress = null (default)
UseDefaultWebProxy = true (default)
The GlobalProxySelect class is deprecated in the full framework, so you should use WebRequest.DefaultWebProxy instead.