We Keep Coding

Stuck connecting to remote SOAP service with credentials

I need to connect to a remote SOAP service. For several days that I have been trying all the many configurations without success.
Connection is OK when using SoapUI.
Connection is KO when calling from my .net application.
Errors : The username is not provided. Specify username in ClientCredentials.
My application and the remote application are both running on IIS.
Here is the remote binding :
<bindings>
<wsHttpBinding>
<binding name="WsHttpBinding_Default" maxReceivedMessageSize="524288000" openTimeout="00:10:00" closeTimeout="00:10:00" sendTimeout="00:10:00" receiveTimeout="00:10:00">
<security mode="TransportWithMessageCredential">
<transport clientCredentialType="None" />
<message clientCredentialType="UserName" establishSecurityContext="false" />
</security>
</binding>
</wsHttpBinding>
</bindings>
SoapUI works with the following configuration :
Authorization : Basic
Username: DOMAIN\username
Password : pwd
Pre-Emptive authentication
When I check the raw request from SoapUI, it's sending this :
POST https://domain.name/TestNode/V_ServicePartenaireDS/v5.svc HTTP/1.1
Accept-Encoding: gzip,deflate
Content-Type: application/soap+xml;charset=UTF-8;action="http://URI/getUser"
Authorization: Basic UEFSVFxzdmMtaWlzYmsdfsdfsdfphZG1pbjEyMy0t
Content-Length: 1371
Host: proxy-int.part.lan.net
Connection: Keep-Alive
User-Agent: Apache-HttpClient/4.1.1 (java 1.5)
<soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope" xmlns:v2="http://cnc.fr/Circe/Partenaires/v2.7">
<soap:Header xmlns:wsa="http://www.w3.org/2005/08/addressing">
<wsse:Security soap:mustUnderstand="true" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsu:Timestamp wsu:Id="TS-268FDC1861EA4F5F3C154297086643492">
<wsu:Created>2018-11-23T11:01:06Z</wsu:Created>
<wsu:Expires>2018-11-23T16:34:26Z</wsu:Expires>
</wsu:Timestamp>
<wsse:UsernameToken wsu:Id="UsernameToken-268FDC1861EA4F5F3C154297086643491">
<wsse:Username>PART\svc-iisbackend</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">pwd</wsse:Password>
<wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">yi71/jQzUJw/lzReixSgOA==</wsse:Nonce>
<wsu:Created>2018-11-23T11:01:06.434Z</wsu:Created>
</wsse:UsernameToken>
</wsse:Security>
<wsa:Action>http://UIR/getUser</wsa:Action>
</soap:Header>
<soap:Body>
<v2:getUser>
<!--Optional:-->
<v2:id>200785</v2:id>
</v2:getUser>
</soap:Body>
</soap:Envelope>
Everything above is working.
Now, what am I doing in my .net 4.6.1 application ? I am trying to send the same request that SoapUI is sending.
Here is how I do : web.config with endpoints, bindings and behaviour extension. The extended behaviour implements an EndPoint Behaviour that calls an Inspector (from ApplyClientBehavior) from which I use the BeforeSendRequest to add two things :
a SOAP header <wsse:Security />
a Authorization: Basic http header.
Here are the details of the implementation.
<system.serviceModel>
<bindings>
<wsHttpBinding>
<binding name="WsHttpBinding_Default" maxBufferPoolSize="2147483647" maxReceivedMessageSize="2147483647" openTimeout="00:10:00" closeTimeout="00:10:00" sendTimeout="00:10:00" receiveTimeout="00:10:00">
<security mode="Transport">
<transport clientCredentialType="None"/>
</security>
<readerQuotas maxDepth="2147483647" maxStringContentLength="2147483647" maxArrayLength="2147483647" maxBytesPerRead="2147483647" maxNameTableCharCount="2147483647" />
</binding>
<binding name="WsHttpBinding_Authentication" maxBufferPoolSize="2147483647" maxReceivedMessageSize="2147483647" openTimeout="00:10:00" closeTimeout="00:10:00" sendTimeout="00:10:00" receiveTimeout="00:10:00">
<security mode="Transport">
<transport clientCredentialType="Basic" />
<message clientCredentialType="UserName" />
</security>
<readerQuotas maxDepth="2147483647" maxStringContentLength="2147483647" maxArrayLength="2147483647" maxBytesPerRead="2147483647" maxNameTableCharCount="2147483647" />
</binding>
</wsHttpBinding>
<basicHttpBinding>
<binding name="BasicHttp_Default" maxBufferPoolSize="2147483647" maxReceivedMessageSize="2147483647" openTimeout="00:10:00" closeTimeout="00:10:00" sendTimeout="00:10:00" receiveTimeout="00:10:00" />
</basicHttpBinding>
</bindings>
<extensions>
<behaviorExtensions>
<add name="localSecurity" type="Users.UsersImplementation.Service.ImplementationCommon.BehaviorExtensionBasicAuthent, Users.UsersImplementation"/>
</behaviorExtensions>
</extensions>
<behaviors>
<endpointBehaviors>
<behavior name="LocalWsBehavior">
<callbackDebug includeExceptionDetailInFaults="true" />
<dataContractSerializer maxItemsInObjectGraph="2147483647"/>
<localSecurity/>
</behavior>
</endpointBehaviors>
</behaviors>
<client>
<endpoint address="https://domain/TestNode/V_ServiceUser/v5.svc" behaviorConfiguration="LocalWsBehavior" binding="wsHttpBinding" bindingConfiguration="WsHttpBinding_Authentication" contract="App.UserDSContract.IServiceUserDS" name="" />
<!--<headers>
<wsse:Security xmlns:soap="schemas.xmlsoap.org/soap/envelope" soap:mustUnderstand="true" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsu:Timestamp wsu:Id="TS-268FDC1861EA4F5F3C154289160250080">
<wsu:Created>2018-11-22T15:15:02Z</wsu:Created>
<wsu:Expires>2018-11-22T18:33:22Z</wsu:Expires>
</wsu:Timestamp>
<wsse:UsernameToken wsu:Id="UsernameToken-268FDC1861EA4F5F3C154289160250079">
<wsse:Username>PART\svc-iisbackend</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">pws</wsse:Password>
<wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">NcDsjgc1/cRNuHVMR7kJBw==</wsse:Nonce>
<wsu:Created>2018-11-22T15:15:02.499Z</wsu:Created>
</wsse:UsernameToken>
</wsse:Security>
</headers>
</endpoint>-->
</client>
</system.serviceModel>
Down the chain of c# class, we find this code :
void IClientMessageInspector.AfterReceiveReply(ref Message reply, object correlationState)
{
// nothing to do here
}
object IClientMessageInspector.BeforeSendRequest(ref Message request, IClientChannel channel)
{
SoapSecurityHeader header = new SoapSecurityHeader("PART\\svc-iisbackend", "pwd");
request.Headers.Add(header);
HttpRequestMessageProperty httpRequestMessage;
object httpRequestMessageObject;
if (request.Properties.TryGetValue(HttpRequestMessageProperty.Name, out httpRequestMessageObject))
{
httpRequestMessage = httpRequestMessageObject as HttpRequestMessageProperty;
if (string.IsNullOrEmpty(httpRequestMessage.Headers[HttpRequestHeader.Authorization]))
{
httpRequestMessage.Headers[HttpRequestHeader.Authorization] = "Basic " + Convert.ToBase64String(Encoding.ASCII.GetBytes("PART\\svc-iisbackend-sagre" + ":" + "admin123--"));
}
request.Properties.Add(HttpRequestMessageProperty.Name, httpRequestMessage);
}
else
{
httpRequestMessage = new HttpRequestMessageProperty();
httpRequestMessage.Headers.Add(HttpRequestHeader.Authorization, "Basic " + Convert.ToBase64String(Encoding.ASCII.GetBytes("PART\\svc-iisbackend-sagre" + ":" + "admin123--")));
request.Properties.Add(HttpRequestMessageProperty.Name, httpRequestMessage);
}
return header.Id;
}
The resulting SOAP envelope at the remote server side* is this :
<s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:a="http://www.w3.org/2005/08/addressing">
<s:Header>
<a:Action s:mustUnderstand="1">http://UIR/getUser</a:Action>
<a:MessageID>urn:uuid:2b66b328-778f-4967-925a-01b75d9ab607</a:MessageID>
<a:ReplyTo>
<a:Address>http://www.w3.org/2005/08/addressing/anonymous</a:Address>
</a:ReplyTo>
<wsse:Security s:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsu:Timestamp wsu:Id="TS-f7abfe27c28e4209b8c028ef78bdf739">
<wsu:Created>2018-11-23T14:37:46.59Z</wsu:Created>
<wsu:Expires>2018-11-23T16:37:46.59Z</wsu:Expires>
</wsu:Timestamp>
<wsse:UsernameToken wsu:Id="UsernameToken-aff0ea1c178c4843babf4afa5cd280f6">
<wsse:Username>PART\svc-iisbackend</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">pwd</wsse:Password>
<wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">qdiFSufkRLuPRHTwDYPzBDTu1/o=</wsse:Nonce>
<wsu:Created>2018-11-23T14:37:46.593Z</wsu:Created>
</wsse:UsernameToken>
</wsse:Security>
<a:To s:mustUnderstand="1">https://domain.url/V_ServiceUser/v5.svc</a:To>
</s:Header>
<s:Body>
<getUser xmlns="http://url">
<id>200472</id>
</getUser>
</s:Body>
</s:Envelope>
I have followed many blog and documentation to make it until this point and I am still stuck :D
*To get the message to hit the server I need to use the default binding configuration WsHttpBinding_Default. When I am using the WsHttpBinding_Authentication the request does not seem to be processed by the remote server.
I tried to play with the bindings configuration but no luck so far.
What is wrong with my current configuration ?
With WsHttpBinding_Authentication I got the said error (edited : wrong error copied pasted)The username is not provided. Specify username in ClientCredentials. An error occurred when verifying security for the message.
With WsHttpBinding_Default, the remote server processed a bit of the request and reject it with the following error :
the error :
<s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:a="http://www.w3.org/2005/08/addressing">
<s:Header>
<a:Action s:mustUnderstand="1">http://www.w3.org/2005/08/addressing/soap/fault</a:Action>
<a:RelatesTo>urn:uuid:2b66b328-778f-4967-925a-01b75d9ab607</a:RelatesTo>
</s:Header>
<s:Body>
<s:Fault>
<s:Code>
<s:Value>s:Sender</s:Value>
<s:Subcode>
<s:Value xmlns:a="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">a:InvalidSecurity</s:Value>
</s:Subcode>
</s:Code>
<s:Reason>
<s:Text xml:lang="fr-FR">Une erreur s'est produite lors de la vérification de la sécurité du message.</s:Text>
</s:Reason>
</s:Fault>
</s:Body>
</s:Envelope>
Sorry for the wall of text, I hope everything needed to get a clear view of my issue is here.
Many thanks for having read so far :)
Edit : as you can see I also tried to put the header directly in the xml endpoint but no success so far.
Edit : The calling binding was wrong, it is now :
<binding name="WsHttpBinding_Authentication" maxBufferPoolSize="2147483647" maxReceivedMessageSize="2147483647" openTimeout="00:10:00" closeTimeout="00:10:00" sendTimeout="00:10:00" receiveTimeout="00:10:00">
<security mode="TransportWithMessageCredential">
<transport clientCredentialType="Basic" />
<message clientCredentialType="UserName" />
</security>
<readerQuotas maxDepth="2147483647" maxStringContentLength="2147483647" maxArrayLength="2147483647" maxBytesPerRead="2147483647" maxNameTableCharCount="2147483647" />
</binding>
With that new binding my error is now :
{"globalErrors":["Message with Action 'http://schemas.xmlsoap.org/ws/2005/02/trust/RST/SCT' is unknown and cannot be forwarded to the recipient. This may happen if message Action was changed, or if operation was disabled or deleted from the service contract."]}
I find no content about this error, what is happening :/
Edit : Solved the error by re-adding establishSecurityContext="false" in the binding.
Edit : To add credentials I am using that post answers : Set WCF ClientCredentials in App.config
It seems to work, I am making progress toward an old error : An error occurred when verifying security for the message.

To add a username and password to the Service, you would need to do the following when setting up the service
// Instantiate the proxy
Service1Client proxy = new Service1Client();
// Set the user’s credentials on the proxy
proxy.ClientCredentials.UserName.UserName = username;
proxy.ClientCredentials.UserName.Password = password;
This is when you are using standard WS username and password, I have added an answer to my own question after experiencing the exact same thing as well, The link is WCF Service inside aspnet webforms throwing 302
You can read up more on from Microsoft

Solved !!!
So much frustration, but writing a SO post and keeping it updated helped a lot.
I go celebrated and I will come back to detail the solution.
In short, use the implementation from the link I add in my edits, not my previous way.

The security protocol cannot secure the outgoing message

I am trying to return a custom fault exception using unity
but I get the following error during Rst\Issue action:
[Service Trace Viewer exceptions][1]
Image: [1]: http://i.stack.imgur.com/oAxGT.png
No signature message parts were specified for messages with the 'http://tempuri.org/IWcfServiceLayer/GetFirstOrder' action.
The security protocol cannot secure the outgoing message
RequestContext aborted
I am using a custmBinding which actually resembles wsHttpBinding.
Here I manually throw an exception in the wcf method, in order to test the behaviour.
When I comment out the throw new exception statement, the service works fine and returns the expected results. But the service cannot handle exceptions currently.
So why can't the service secure the outgoing message when an exception occurs?
EDIT (BindingConfig):
<customBinding>
<binding name="MyServiceBinding" closeTimeout="00:05:00" openTimeout="00:05:00"
receiveTimeout="00:05:00" sendTimeout="00:05:00">
<transactionFlow />
<reliableSession maxPendingChannels="4000" maxRetryCount="20"
maxTransferWindowSize="4000" ordered="false" />
<security enableUnsecuredResponse="false" authenticationMode="SecureConversation"
messageSecurityVersion="WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10">
<secureConversationBootstrap authenticationMode="SspiNegotiated"
messageSecurityVersion="WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10" />
<localServiceSettings maxStatefulNegotiations="500" maxPendingSessions="500" />
</security>
<textMessageEncoding maxReadPoolSize="100" maxWritePoolSize="50" />
<httpTransport maxReceivedMessageSize="2000000" allowCookies="true"
maxBufferSize="2000000" />
</binding>
</customBinding>

How do I support streaming in WSFederationHttpBinding?

I have a wcf service which is used to upload and download large files to server. I'm using MTOM message encoding and I want to use streamed transfer mode. But we are using wsFederationHttpBinding. How do I support streaming in wsFederationHttpBinding?
My WCF Service web.config code is given below,
<wsFederationHttpBinding>
<binding name="UploadserviceFederation"
messageEncoding="Mtom"
maxBufferPoolSize="2147483647"
maxReceivedMessageSize="2147483647" >
<readerQuotas maxStringContentLength="2147483647"
maxDepth="2147483647"
maxBytesPerRead="2147483647"
maxArrayLength="2147483647"/>
<security mode="TransportWithMessageCredential">
<!-- Ping token type MUST be SAML 1.1, do not change -->
<message
issuedTokenType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1" negotiateServiceCredential="false">
<!-- TODO: You must put the proper issuer URN of the Ping STS; normally this would be the Ping base URL -->
<issuer address="https://my-issuer.com" binding="customBinding" bindingConfiguration="FileUploadSTSBinding" />
</message>
</security>
</binding>
</wsFederationHttpBinding>
<customBinding>
<binding name="FileUploadSTSBinding">
<security authenticationMode="UserNameOverTransport" requireDerivedKeys="false"
keyEntropyMode="ServerEntropy" requireSecurityContextCancellation="false"
requireSignatureConfirmation="false">
</security>
<httpsTransport maxReceivedMessageSize="2147483647" maxBufferPoolSize="2147483647" maxBufferSize="2147483647" />
</binding>
</customBinding>

It's been a few years, so I don't know if this still helps, but I came across this post while trying to figure out the same issue, so it might help someone.
As it turns out, it's actually pretty simple..once you get the dance just right.
Probably the easiest thing (and what I tried first) is to inherit from WS2007FederationHttpBinding. As it turns out, it has a GetTransport method that's virtual, so you can override it and return an instance of HttpsTransport with TransferMode set to Streamed:
public class FileUploadSTSBinding : WS2007FederationHttpBinding
{
protected override TransportBindingElement GetTransport()
{
return new HttpsTransportBindingElement()
{
TransferMode = TransferMode.Streamed
};
}
}
However, doing this revealed something else: since my binding was no longer a recognized binding type, svcutil didn't treat it like a WS2007FederationHttpBinding anymore, but rather as a custom binding, which lead to the client-side configuration being generated as a stack of binding elements rather than using the shortcuts provided by the federation binding:
<customBinding>
<binding name="CustomBinding_ISdk">
<security defaultAlgorithmSuite="Default" authenticationMode="IssuedTokenOverTransport"
requireDerivedKeys="true" includeTimestamp="true" messageSecurityVersion="WSSecurity11WSTrust13WSSecureConversation13WSSecurityPolicy12BasicSecurityProfile10">
<issuedTokenParameters keyType="BearerKey">
<additionalRequestParameters>
<trust:SecondaryParameters xmlns:trust="http://docs.oasis-open.org/ws-sx/ws-trust/200512">
<trust:KeyType xmlns:trust="http://docs.oasis-open.org/ws-sx/ws-trust/200512">http://docs.oasis-open.org/ws-sx/ws-trust/200512/Bearer</trust:KeyType>
</trust:SecondaryParameters>
</additionalRequestParameters>
</issuedTokenParameters>
<localClientSettings detectReplays="false" />
<localServiceSettings detectReplays="false" />
</security>
<textMessageEncoding />
<httpsTransport />
</binding>
..which shows what the underlying binding elements actually are, which lets you tweak them all you like. And, as it turns out, they're really not that different from the actual binding since the only really special part is the security element, and it doesn't change much.
Hope that helps.

You will have to enable streamed transfer mode in a custom binding since only the BasicHttpBinding, NetTcpBinding and NetNamedPipeBinding bindings expose the TransferMode property. See this article for an example.

WCF- Duplex connection (hosted in IIS)

I have a full duplex, I run successfully in my local machine.
I host it in my server (IIS - server 2008 R2-STANDARD), and trying to connect, as following:
this.myCallbackProxy = new MyCallbackProxy();
InstanceContext cntx = new InstanceContext(myCallbackProxy);
this.Proxy = new MyServiceClientProxy(cntx, "WSDualHttpBinding_I_BridgeWCFService");
this.Proxy.ClientCredentials.Windows.ClientCredential.UserName = "YY";
this.Proxy.ClientCredentials.Windows.ClientCredential.Password = "PP";
Now, when I try to call an API, I stuck until time out.
I tried to configure the WCF in the IIS to connect as specific user , but then when I try to call an API from my client, I get the following exception:
"The content type text/html; charset=utf-8 of the response message does not match the content type of the binding (application/soap+xml; charset=utf-8). If using a custom encoder, be sure that the IsContentTypeSupported method is implemented properly. The first 1024 bytes of the response"
I must mention that I have another WCF hosted in same IIS, with same user (server user name), and it works perfect. (I create another (similar) application poll for the duplex WCF)
My config file:
<bindings>
<wsDualHttpBinding>
<binding name="WSDualHttpBinding_I_BridgeWCFService" closeTimeout="00:01:00"
openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00"
bypassProxyOnLocal="false" transactionFlow="false" hostNameComparisonMode="StrongWildcard"
maxBufferPoolSize="2147483646" maxReceivedMessageSize="2147483646"
messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true">
<readerQuotas maxDepth="32" maxStringContentLength="2147483646"
maxArrayLength="2147483646" maxBytesPerRead="2147483646" maxNameTableCharCount="2147483646" />
<reliableSession ordered="true" inactivityTimeout="00:10:00"/>
<security mode="None">
<message clientCredentialType="UserName" algorithmSuite="Default" />
</security>
</binding>
</wsDualHttpBinding>
</bindings>
<client>
<endpoint address="http://xx.xx.xx.xx/_Bridge/_BridgeWcfService.svc"
binding="wsDualHttpBinding"
bindingConfiguration="WSDualHttpBinding_I_BridgeWCFService"
contract="_BridgeWcfServiceReference.I_BridgeWCFService"
name="WSDualHttpBinding_I_BridgeWCFService">
<identity>
<dns value="localhost"/>
</identity>
</endpoint>
</client>

WCF service The maximum array length quota (16384) has been exceeded

I have a wsf service and a client application. While trying to communicate the client and the service I've gotten the following message:
"The formatter threw an exception while trying to deserialize the message: There was an error while trying to deserialize parameter http://tempuri.org/:blob. The InnerException message was 'There was an error deserializing the object of type FileBlob. The maximum array length quota (16384) has been exceeded while reading XML data. This quota may be increased by changing the MaxArrayLength property on the XmlDictionaryReaderQuotas object used when creating the XML reader. Line 1, position 25931.'. Please see InnerException for more details."
I have the customBinding element and it doesn't allow me to insert "readerQuotas" section. In both the client and service configs I have the following binding element:
<customBinding>
<binding name="LicenseServiceBinding"
closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00">
<security authenticationMode="UserNameOverTransport">
<localClientSettings maxClockSkew="00:07:00" />
<localServiceSettings maxClockSkew="00:07:00" />
</security>
<windowsStreamSecurity />
<httpsTransport maxReceivedMessageSize="2147483646"/>
</binding>
</customBinding>
Thanks in advance for any help:)

Actually, I've solved the problem by adding readerQuotas within textMessageEncoding section.
Thanks for the help.
<textMessageEncoding messageVersion="Soap11">
<readerQuotas maxDepth="32" maxStringContentLength="5242880" maxArrayLength="2147483646" maxBytesPerRead="4096" maxNameTableCharCount="5242880"/>
</textMessageEncoding>

You should be able to add a <readerQuotas> element inside the <binding> element:
<customBinding>
<binding name="LicenseServiceBinding"
closeTimeout="00:01:00" openTimeout="00:01:00"
receiveTimeout="00:10:00" sendTimeout="00:01:00">
<security authenticationMode="UserNameOverTransport">
<localClientSettings maxClockSkew="00:07:00" />
<localServiceSettings maxClockSkew="00:07:00" />
</security>
<readerQuotas maxArrayLength="32768" />
<windowsStreamSecurity />
<httpsTransport maxReceivedMessageSize="2147483646"/>
</binding>
</customBinding>
You mentioned that it "doesn't allow me to insert". What error message do you get?