I am working with windows server 2008 r2 running iis 7.5. My WCF service was running on framework 4.0. 32-bit app running integrated pipeline.
Service is in a virtual directory with Annonymous and Windows Authentication enabled. My configuration looks like:
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="MyBinding">
<security mode="TransportCredentialOnly">
<transport clientCredentialType="Windows" />
</security>
</binding>
</basicHttpBinding>
</bindings>
<services>
<service name="MyWebservice.MyService" behaviorConfiguration="MyWebservice.MyServiceBehavior">
<!-- Service Endpoints -->
<endpoint address="" binding="basicHttpBinding" bindingConfiguration="MyBinding" contract="MyWebservice.IMyService" />
<endpoint address="mex" binding="basicHttpBinding" bindingConfiguration="MyBinding" contract="IMetadataExchange" />
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="MyWebservice.MyServiceBehavior">
<!-- To avoid disclosing metadata information, set the value below to false and remove the metadata endpoint above before deployment -->
<serviceMetadata httpGetEnabled="true" />
<!-- To receive exception details in faults for debugging purposes, set the value below to true. Set to false before deployment to avoid disclosing exception information -->
<serviceDebug includeExceptionDetailInFaults="true" />
</behavior>
</serviceBehaviors>
</behaviors>
<serviceHostingEnvironment multipleSiteBindingsEnabled="true" />
</system.serviceModel>
With framework 4.0 everything worked fine. After upgrading to framework 4.5.1 when I connect with the WCF Test Client from an account that is on the domain, I get the following exception:
The HTTP request is unauthorized with client authentication scheme 'Negotiate'. The authentication header received from the server was 'Negotiate, NTLM'.
This error is profoundly un-helpful since everything was configured correctly and working fine in .net 4.0. I went as far as trying to uninstall the wcf service, rebuilding it and targeting framework 4.5.1 (everything works on my dev machine) then re-deloying a new msi with the 4.5.1 targeted build. The most maddening thing is the first request to the service always works, every request after that returns the above error. Any ideas out there?
Additional Info
Even with a fresh install of windows 2008 r2 with all updates installed and only framework 4.5.1 and the requisite IIS components installed (no other apps other than virus scanner installed) this error still comes up.
Edit #2
Also added SPNs as per scenario #1
http://mingkunsnotes.blogspot.ca/2010/01/iis-windows-integrated-authentication.html
No Luck.
Edit #3
My site is running on a different port than 80, say 888. I tried the following spns:
setspn -A HTTP/myServerName myServerName
setspn -A HTTP/myServerName.company.com myServerName
When that didn't work, I deleted those SPNs and tried:
setspn -A HTTP/myServerName:888 myServerName
setspn -A HTTP/myServerName.company.com:888 myServerName
That did not work either. Also tried enabling and disabling kernel-mode authentication and making Negotiate-Kerberos the only provider. Nothing works.
Edit #4
Tried setting useAppPoolCredentials = true. Nope.
Related
I have a WCF service that uses netTcpBinding, transferMode="Streamed", and is installed via installutil via the Windows Process Activation Services method. The service builds and installs just fine. I have all the correct rights for NETWORK SERVICES on the containing folder to access the .exe file. My problem is I keep getting the error:
"The service [ServiceName] on Local Computer started and then stopped. Some services stop automatically if they are not in use by other services or programs."
What is odd is the host installer code is the same as a buffered service I have that runs just fine. In the streamed service, I accounted for passing streams and messages where needed. I am stuck. I can't seem to find out why this service will not stand up. I checked ports, and they are open (no conflict). Does anyone have advice on 'Streamed' netTcp services not starting?
Below is what the App.Config looks like:
<system.serviceModel>
<!--### Service Endpoints: ###-->
<!--Define Bindings-->
<bindings>
<netTcpBinding>
<binding name="netTcpStreamedBinding" closeTimeout="00:01:00" openTimeout="00:01:00"
receiveTimeout="00:20:00" sendTimeout="00:10:00"
transferMode="Streamed" maxBufferPoolSize="104857600"
maxReceivedMessageSize="1073741824" maxBufferSize="262144">
<!-- Commented below out to match service that worked to see if this was error - It is not the problem (still no start)
<security mode="Transport">
<transport clientCredentialType="Windows" protectionLevel="EncryptAndSign" />
<message clientCredentialType="Windows" />
</security>-->
</binding>
</netTcpBinding>
</bindings>
<!--Streamer Service-->
<services>
<service name="MyServiceLib.FileStreamer">
<endpoint address="" binding="netTcpBinding" bindingConfiguration="netTcpStreamedBinding" contract="MyServiceLib.IFileStreamer">
<identity>
<dns value="localhost"/>
</identity>
</endpoint>
<host>
<baseAddresses>
<add baseAddress="net.tcp://localhost:.../MyStreamerService"/>
</baseAddresses>
</host>
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior>
<!-- To avoid disclosing metadata information,
set the values below to false before deployment -->
<serviceMetadata httpGetEnabled="False" httpsGetEnabled="False"/>
<!-- To receive exception details in faults for debugging purposes,
set the value below to true. Set to false before deployment
to avoid disclosing exception information -->
<serviceDebug includeExceptionDetailInFaults="False" />
</behavior>
</serviceBehaviors>
</behaviors>
</system.serviceModel>
It appears, even using Visual Studio 2012 I ran into this bug (originally posted for VS 2010):
Bug 571961 (marked as closed) - "Unable to Copy File"
This bug throws the "Unable to copy file... because it is being used by another process" error. The workaround worked for me - clean the project. Close Visual Studio. Re-open VS. Build the project. Following this process allowed me to build my service.
Additionally, on repeated builds, part of the issue was the need to "stop" the service in the Services manager before builds. be sure not to forget this.
Apologies for the long post but I want to include as much information as possible. So I've been struggling for days now to get my WCF service to work correctly with my silverlight app. I had originally deployed it and everything was running smoothly.
However After i made an update to one of the methods it has not worked since. I use SVN to store my work and even going back to previous versions of the project and redploying it has not helped. Please can someone assist me :(
If I run my silverlight application through VS2012 it works correctly all calls to the service work as required and retrieve the correct information. However if i trigger the same calls once the silverlight app is deployed I receive 1 of the following errors:
An exception occurred during the operation, making the result invalid. Check InnerException for exception details.
at System.ComponentModel.AsyncCompletedEventArgs.RaiseExceptionIfNecessary()
at OrionDashboard.OrionWebService.GetTestDataCompletedEventArgs.get_Result()
at OrionDashboard.MonthlyOverview.OrionWebService_GetTestDataCompleted(Object sender, GetTestDataCompletedEventArgs e)
at OrionDashboard.OrionWebService.OrionWebServiceClient.OnGetTestDataCompleted(Object state)
Or
[Async_ExceptionOccurred] Arguments: Debugging resource strings are unavailable. Often the key and arguments provide sufficient information to diagnose the problem. See http://go.microsoft.com/fwlink/?linkid=106663&Version=4.0.51204.0&File=System.dll&Key=Async_ExceptionOccurred at
With the rest of the error corresponding to the onComplete event error of the other error message.
Again this only happens when its deployed to the IIS on the server, And it only started happening after i made the update an redeployed
I've used both WCF Storm and WCF Test Client that was included with VS2012 to test the deployed service over the network and everything is being returned without any issues for all the contracts.
Here is the ServiceReferences.ClinetConfig:
<configuration>
<system.serviceModel>
<bindings>
<customBinding>
<binding name="CustomBinding_OrionWebService">
<binaryMessageEncoding />
<httpTransport maxReceivedMessageSize="2147483647"
maxBufferSize="2147483647" />
</binding>
</customBinding>
</bindings>
<client>
<endpoint address="http://localhost:53493/OrionWebService.svc"
binding="customBinding"
bindingConfiguration="CustomBinding_OrionWebService"
contract="OrionWebService.OrionWebService"
name="CustomBinding_OrionWebService" />
</client>
</system.serviceModel>
I have made no changes to this at all from what was auto generated when i referenced the service project. I thought it may have been this line: "http://localhost:53493/OrionWebService.svc"
because in fiddler i receive the following errors on the crossdomain.xml and the clientaccesspolicy.xml
[Fiddler] The socket connection to localhost failed.
ErrorCode: 10061.
No connection could be made because the target machine actively refused it [::1]:53493
however when i changed the xap to a zip file and modified the ServiceReference.ClientConfig to point to the same service address as would work if you wanted to check your service e.g. "http://ServerName/OrionDashboard/OrionWebService.svc" I still get the same error from silverlight and then get a 404 error from the two files.
Here is the web.config:
<?xml version="1.0"?>
<!--
For more information on how to configure your ASP.NET application, please visit
http://go.microsoft.com/fwlink/?LinkId=169433
-->
<configuration>
<system.web>
<compilation debug="true"
targetFramework="4.0" />
</system.web>
<system.serviceModel>
<behaviors>
<serviceBehaviors>
<behavior name="">
<serviceMetadata httpGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
</behavior>
</serviceBehaviors>
</behaviors>
<bindings>
<customBinding>
<binding name="OrionDashboard.Web.OrionWebService.customBinding0">
<binaryMessageEncoding />
<httpTransport />
</binding>
</customBinding>
</bindings>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true"
multipleSiteBindingsEnabled="true" />
<services>
<service name="OrionDashboard.Web.OrionWebService">
<endpoint address=""
binding="customBinding"
bindingConfiguration="OrionDashboard.Web.OrionWebService.customBinding0"
contract="OrionDashboard.Web.OrionWebService" />
<endpoint address="mex"
binding="mexHttpBinding"
contract="IMetadataExchange" />
</service>
</services>
</system.serviceModel>
</configuration>
As with the ServiceReference, the web.config too was left alone because I dont really understand what most of it means. But I left it as is when I first deployed the silverlight app and as mentioned it worked fine then.
I don't believe its a DB issue since it runs locally without any issues and the service responds with the correct data from the deployed service as well.
The service seems to be working fine, no issues reported from either the WCF Test Client or WCF Storm app
In VS2012 when publishing the wcf service it doesn't separate the service from the client and it doesn't create the crossdomain.xml or clientaccesspolicy.xml so I manually added those after publishing it. Not sure if that could possibly be the cause?
I'm completely lost and every work around I've found so far has not worked for me. Please can someone at least point me in the right direction?
I've been trying to create a simple service to allow messages to be logged onto a remote server via WCF, which all worked fine until I published the service to the live environment, which uses HTTPS.
After some searching, I found that I needed to change my ServiceConfig to account for the different protocol. I used a combination of these two articles:
How to configure WCF services to work through HTTPS without HTTP binding?
WCF Bindings needed for HTTPS
Having made the recommended changes to my config, I seem to be in a state where I can add the live service as a WCF reference in VS2010, but when I use IE to browse to the service or the mex address, I'm consistently receiving an 'HTTP 400 Bad Request' error.
In terms of using the service I can seem to run it successfully but the mex just doesn't want to work through IE.
The Service itself is being hosted on Windows Server 2003 R2 Standard Edition SP2 Running IIS 6.0 with no load balancing.
I'm really at a loss at this point, I've spent 3-4 days messing around with this but I can't seem to make any progress. So any help would be greatly appreciated.
See below the Server service config in question:
<system.serviceModel>
<services>
<service name="mycorp.Callback.SecPayService" behaviorConfiguration="mycorp.Callback.SecPayServiceBehavior">
<endpoint address="https://myserver.co.uk/SecPay/SecPayService.svc"
binding="wsHttpBinding" bindingConfiguration="TransportBinding"
contract="mycorp.Callback.ISecPayService"/>
<endpoint address="mex" binding="mexHttpsBinding" contract="IMetadataExchange" />
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="mycorp.Callback.SecPayServiceBehavior">
<serviceMetadata httpsGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
</behavior>
</serviceBehaviors>
</behaviors>
<bindings>
<wsHttpBinding>
<binding name="TransportBinding">
<security mode="Transport">
<transport clientCredentialType="None" />
</security>
</binding>
</wsHttpBinding>
</bindings>
</system.serviceModel>
If you are hosting your service in IIS then just have the endpoint elements address value to empty string as the address for the endpoint is assigned by IIS
I am self hosting a REST WCF service in Windows service. The service exposes a method which returns a boolean and I am able to get the REST webservice to work on WinXp. I also generated a development certificate using makecert and assigned it to the port(1443) that the service listens on. Https also works well on WinXp. But When I use the same in Win2003, and type the URL in IE, it says "The page cannot be displayed". There were no errors in hosting the service, the service listens on the port(the ServiceHost.Open didnt have any errors and its successful). Is there an settings that has to be done in Win2003 for this? Win2003 is the production environment and https has to work on that.
Here is the config file I used,
<system.serviceModel>
<bindings>
<webHttpBinding>
<binding name="httpBinding">
<security mode="Transport">
<transport clientCredentialType="None"/>
</security>
</binding>
</webHttpBinding>
</bindings>
<services>
<service behaviorConfiguration="spectrumServiceBehavior" name="MyApp.TestService">
<host>
<baseAddresses>
<add baseAddress="https://localhost:1443/" />
</baseAddresses>
</host>
<endpoint address=""
binding="webHttpBinding"
bindingConfiguration ="httpBinding"
contract="MyApp.ITestService" />
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="spectrumServiceBehavior">
<!-- To receive exception details in faults for debugging purposes,
set the value below to true. Set to false before deployment
to avoid disclosing exception information -->
<serviceDebug includeExceptionDetailInFaults="true" />
<serviceMetadata httpsGetEnabled ="true"/>
</behavior>
</serviceBehaviors>
</behaviors>
Any ideas?
I've experienced the same problem. WinXP development environment working with HTTPS, certificate created locally and assigned to a custom port with httpcfg.
Production environment on Windows 2003 with the imported certificate and the same httpcfg configuration giving "interrupted connection" while trying to obtain the WSDL of the service.
Looking at the Windows log I finally found this error:
Event Source: Schannel
A fatal error occurred when attempting to access the SSL server credential private key. The error code returned from the cryptographic module is 0x80090016.
My problem was that I imported the certificate in the user-account store, and then copied in the local store. In this way the private-key is left behind... http://support.microsoft.com/kb/939616 (without even a warning!!!)
despite, opening the certificate in the new location, shows the presence of a private-key!
I expect that on Windows 2003 you must allow application to listen on port (unless it runs as admin) and you must assign SSL certificate to the port - both is performed by httpcfg.exe. Also check that there is no firewall blocking the communication on the port.
Help please!!
I had the following set up working perfectly:-
WCF Service Library hosted in web site on local IIS 7
Silverlight Application on a web site on local IIS 7 using above services
The solution I am writing is for intranet and not internet use, however I have been told by my bosses that it needs to be over Https. I am using Windows Authentication.
Below is a chunk of the config file for one of the service endpoints (changed to remove company info etc):-
<services>
<service behaviorConfiguration="stdHttpBehavior" name="WcfServiceLibrary.StaticDataService">
<endpoint address="" binding="basicHttpBinding" bindingConfiguration="windowsHttpBinding"
name="StaticDataService" contract="WcfServiceLibrary.ServiceContracts.IStaticDataService" />
<endpoint address="mex" binding="mexHttpBinding" name="" contract="IMetadataExchange" />
<host>
<baseAddresses>
<add baseAddress="http://localhost/WcfServiceLibrary/StaticDataService/" />
</baseAddresses>
</host>
</service>
<behaviors>
<serviceBehaviors>
<behavior name="stdHttpBehavior">
<serviceMetadata httpGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
<dataContractSerializer maxItemsInObjectGraph="2147483647" />
</behavior>
</serviceBehaviors>
</behaviors>
To experiment with Https I created a 'Self-Signed Certificate'. I then added https to the Default Web Site bindings and changed the two web sites to require SSL and also changed the relvant URIs in the config files. I managed to get this to work but now I want to go back to standard Http and finish the project in that mode as it was easier to work with. I changed all the settings back (and I have checked these extremely carefully).
Now I get this error if I try to downoad the Service definition in the Silverlight project: -
'Could not find a base address that matches scheme https for the endpoint with binding BasicHttpBinding. Registered base address schemes are [http].'
If I put back the certificate and binding in IIS. The Service definition appears to download OK, however it references an https URI and therefore none of the actual service calls work as they are http adresses!
I tried adding a new web site to host the service but got the same errors.
I have been trying to solve this for the last couple of days but cannot find an answer. It seems as though there is a hidden reference somewhere and not in my project as it continued with a new web site added to IIS.
To use SSL over HTTP under Basic HTTP binding, you need to switch your endpoint to use Transport-level security. In your case you will also want to indicate the client credential type:
<bindings>
<basicHttpBinding>
<binding name="windowsHttpBinding">
<security mode="Transport">
<transport clientCredentialType="Windows" />
<message />
</security>
</binding>
</basicHttpBinding>
</bindings>
It may seem obvious, but did you change the security mode on the windowsHttpBinding binding configuration to BasicHttpSecurityMode.None?
<bindings>
<basicHttpBinding>
<binding name="windowsHttpBinding">
<security mode="None" />
</binding>
</basicHttpBinding>
</bindings>
Related resources:
Transport Security Overview
BasicHttpSecurityMode Enumeration