I am using a WCF service in my solution. It works fine with http localhost. After installing the certificate it is not working with https localhost.This is the configuration,
<system.serviceModel>
<bindings>
<customBinding>
<binding name="RawReceiveCapable">
<webMessageEncoding webContentTypeMapperType="SmsService.RawContentTypeMapper, SmsService, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null" />
<httpsTransport authenticationScheme="Basic" manualAddressing="true" maxReceivedMessageSize="524288000" transferMode="Streamed" />
</binding>
</customBinding>
</bindings>
<behaviors>
<serviceBehaviors>
<behavior name="ServiceBehavior">
<serviceMetadata httpsGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
</behavior>
</serviceBehaviors>
<endpointBehaviors>
<behavior name="EndpBehavior">
<webHttp />
</behavior>
</endpointBehaviors>
</behaviors>
<services>
<service behaviorConfiguration="ServiceBehavior" name="TR_Registry.Service1">
<!--<endpoint address="" binding="webHttpBinding" contract="TR_Registry.IService1" behaviorConfiguration="EndpBehavior" />-->
<!--<endpoint address="" binding="basicHttpBinding" contract="TR_Registry.IService1"></endpoint>-->
<endpoint address=""
binding="basicHttpBinding"
bindingConfiguration="secureHttpBinding"
contract="TR_Registry.IService1"/>
<endpoint address="mex"
binding="mexHttpsBinding"
contract="IMetadataExchange" />
</service>
</services>
Add following binding
<bindings>
<basicHttpBinding>
<binding name="secureHttpBinding">
<security mode="Transport">
<transport clientCredentialType="None"/>
</security>
</binding>
</basicHttpBinding>
</bindings>
Specify your service and service endpoint
<service name="TR_Registry.Service1">
<endpoint address=""
binding="basicHttpBinding"
bindingConfiguration="secureHttpBinding"
contract="TR_Registry.IService1"/>
<endpoint address="mex"
binding="mexHttpsBinding"
contract="IMetadataExchange" />
</service>
For more details go through this link http://msdn.microsoft.com/en-us/library/hh556232%28v=vs.110%29.aspx
Try using setting basicHttpBinding details and using Transport level security
<bindings>
<basicHttpBinding>
<binding name="secureHttpBinding">
<security mode="Transport">
<transport clientCredentialType="None"/>
</security>
</binding>
</basicHttpBinding>
</bindings>
Related
After adding SSL to my WCF service, global.asax methods like Apllication_Start or Application_BeginRequest stopped being triggered. The service itself launches normally with no exception. New code added below (and ofc some configurations in IIS Manager:
<system.serviceModel>
<services>
<service name="SomeService.Service" behaviorConfiguration="secureBehavior">
<endpoint
address=""
binding="basicHttpBinding" bindingConfiguration="secureHttpBinding"
contract="SomeService.IService" />
<endpoint
address="mex" binding="mexHttpsBinding"
contract="IMetadataExchange" />
</service>
</services>
<bindings>
<basicHttpBinding>
<binding name="secureHttpBinding">
<security mode="Transport">
<transport clientCredentialType="None" />
</security>
</binding>
</basicHttpBinding>
</bindings>
<behaviors>
<serviceBehaviors>
<behavior name="secureBehavior">
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="false" />
</behavior>
</serviceBehaviors>
</behaviors>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" />
</system.serviceModel>
I am trying to configure the DataApi.svc service of the DotNetOpenAuth to call my resources via https using AJAX.
I can call the service and hit the code behind but the OperationContext.Current.ServiceSecurityContext will be not authenticated
In IIS, I have "Anonymous authentication" set to "true".
In Fiddler I can see that the header is sent:
Authorization: Bearer gAAAAMcRmG5vw3LykShq7cNOEGUACBiNtlVGxGYdSVfkkXjR-[truncated]
The interface is decorated like that:
[ServiceContract]
public interface IDataApi {
[OperationContract, WebGet(UriTemplate = "/email", ResponseFormat = WebMessageFormat.Json)]
string GetEmail();
And here is my config:
<bindings>
<wsHttpBinding>
<binding>
<security mode="Transport">
<transport clientCredentialType="None"/>
</security>
</binding>
</wsHttpBinding>
<webHttpBinding>
<binding>
<security mode="Transport">
<transport clientCredentialType="None"/>
</security>
</binding>
</webHttpBinding>
</bindings>
<behaviors>
<serviceBehaviors>
<behavior name="DataApiBehavior">
<serviceDebug includeExceptionDetailInFaults="true" />
<serviceMetadata httpsGetEnabled="true" />
</behavior>
</serviceBehaviors>
<endpointBehaviors>
<behavior name="DataApiWebBehavior">
<webHttp />
</behavior>
</endpointBehaviors>
</behaviors>
<services>
<service behaviorConfiguration="DataApiBehavior" name="OAuthResourceServer.DataApi">
<endpoint address="" binding="wsHttpBinding" contract="OAuthResourceServer.Code.IDataApi" />
<endpoint address="mex" binding="mexHttpsBinding" contract="IMetadataExchange" />
<endpoint address="web" binding="webHttpBinding" contract="OAuthResourceServer.Code.IDataApi" behaviorConfiguration="DataApiWebBehavior">
</endpoint>
</service>
</services>
Any idea of what can be wrong?
Thanks!
I was missing the
<serviceAuthorizationserviceAuthorizationManagerType="OAuthResourceServer.Code.OAuthAuthorizationManager, OAuthResourceServer" principalPermissionMode="Custom" />
in the service behavior! Solved :)
I'm trying to retrieve the logged in windows user in a WCF service.
I've tried using ServiceSecurityContext but Current is always null.
ServiceSecurityContext.Current.WindowsIdentity.Name
I've also tried using OperationContext. In this case ServiceSecurityContext returns as null.
OperationContext.Current.ServiceSecurityContext.PrimaryIdentity.Name
Here's my web.config:
<bindings>
<basicHttpBinding>
<binding name="HttpWindowsBinding">
<security mode="TransportCredentialOnly">
<transport clientCredentialType="Windows" />
</security>
</binding>
</basicHttpBinding>
</bindings>
also
<authentication mode="Windows"/>
Can anyone see what I'm doing wrong?
UPDATE:
I abandoned trying to get ServiceSecurityContext to work. In the end, I found a solution by setting aspNetCompatibilityEnabled="true".
<serviceHostingEnvironment multipleSiteBindingsEnabled="true" aspNetCompatibilityEnabled="true" />
I also added the following attribute to my service class:
[System.ServiceModel.Activation.AspNetCompatibilityRequirements(RequirementsMode = System.ServiceModel.Activation.AspNetCompatibilityRequirementsMode.Required)]
This allowed me to retrieve the windows user with:
HttpContext.Current.User.Identity.Name
I got the same error and managed to solved it, you need not to use basichttpBinding. bellow is my config:
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<system.serviceModel>
<bindings>
<wsHttpBinding>
<binding name="MSADC">
<security mode ="Message">
<transport clientCredentialType="Windows" />
<message establishSecurityContext="true" />
</security>
</binding>
</wsHttpBinding>
</bindings>
<behaviors>
<serviceBehaviors>
<behavior name="">
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="false" />
</behavior>
</serviceBehaviors>
</behaviors>
<services>
<service name="WCFAuthentication.WCFAuthentication">
<endpoint bindingConfiguration="MSADC" address="" binding="wsHttpBinding" contract="WCFAuthentication.IWCFAuthentication">
<identity>
<dns value="localhost" />
</identity>
</endpoint>
<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" />
<host>
<baseAddresses>
<add baseAddress="http://localhost:8088" />
</baseAddresses>
</host>
</service>
</services>
</system.serviceModel>
<appSettings>
<add key="wcf:disableOperationContextAsyncFlow" value="false" />
</appSettings>
</configuration>
i am developing a duplex federated wcf service, my federation scenario is working fine but when i tried to make it duplex to an exception is thrown "The incoming policy could not be validated"
i think its issue with my configurations but am still not able to trace out the mistake,
Following are my configuration:
For my main service:
<bindings>
<customBinding>
<binding name='MyServiceBinding'>
<security authenticationMode='SecureConversation'>
<secureConversationBootstrap authenticationMode='IssuedTokenForCertificate'/>
<issuedTokenParameters>
<issuerMetadata address='http://localhost:62751/TokenIssuer.svc/mex'/>
</issuedTokenParameters>
</security>
<compositeDuplex/>
<oneWay/>
<httpTransport/>
</binding>
</customBinding>
</bindings>
<services>
<service name="MyService.MyService"
behaviorConfiguration='MyServiceBehavior'>
<endpoint address="Response"
binding="customBinding"
bindingConfiguration='MyServiceBinding'
contract="MyService.IMyService" />
<endpoint address="mex"
binding="mexHttpBinding"
contract="IMetadataExchange" />
</service>
</services>
<serviceHostingEnvironment multipleSiteBindingsEnabled="true" />
STS Configurations
and 3. Client Configurations
<system.serviceModel>
<bindings>
<customBinding>
<binding name='MyServiceBinding'>
<security authenticationMode='SecureConversation'>
<secureConversationBootstrap authenticationMode='IssuedTokenForCertificate'/>
<issuedTokenParameters>
<issuer address='http://localhost:62751/TokenIssuer.svc' binding='wsHttpBinding' bindingConfiguration='MyTokenIssuer'/>
</issuedTokenParameters>
</security>
<compositeDuplex/>
<oneWay/>
<httpTransport/>
</binding>
</customBinding>
<wsHttpBinding>
<binding name="MyTokenIssuer">
<security mode="Message"/>
</binding>
</wsHttpBinding>
</bindings>
<behaviors>
<endpointBehaviors>
<behavior name="GetResponseClientBehavior">
<clientCredentials>
<serviceCertificate>
<authentication certificateValidationMode="PeerOrChainTrust"/>
</serviceCertificate>
</clientCredentials>
</behavior>
</endpointBehaviors>
</behaviors>
<client>
<endpoint name="WSFederationHttpBinding_IMyService" address="http://localhost:53121/MyService.svc/Response" binding="customBinding" bindingConfiguration="MyServiceBinding" behaviorConfiguration="GetResponseClientBehavior" contract="IMyService">
<identity>
<certificateReference storeLocation="CurrentUser" storeName="TrustedPeople" x509FindType="FindBySubjectName" findValue="BookStoreService.com"/>
</identity>
</endpoint>
</client>
</system.serviceModel>
I have a WCF service with custombinding and it is working fine on either http or https. But I have totally no idea about how can I make it available on both http and https?
Also is it possible to do that?
Here's my configuration in web.config.
<system.serviceModel>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true"/>
<behaviors>
<serviceBehaviors>
<behavior name="">
<serviceMetadata httpsGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="false" />
</behavior>
</serviceBehaviors>
</behaviors>
<bindings>
<customBinding>
<binding name="customBinding0">
<binaryMessageEncoding />
<httpsTransport />
</binding>
</customBinding>
</bindings>
<services>
<service name="MyWCFService">
<endpoint address="" binding="customBinding" bindingConfiguration="customBinding0"
contract="MyWCFService" />
<endpoint address="mex" binding="mexHttpsBinding" contract="IMetadataExchange" />
</service>
</services>
Thanks
You'll need to have two endpoints, one for HTTP and another for HTTPS. It should work just fine.
<bindings>
<customBinding>
<binding name="customBindingHTTP">
<binaryMessageEncoding />
<httpTransport />
</binding>
<binding name="customBindingHTTPS">
<binaryMessageEncoding />
<httpsTransport />
</binding>
</customBinding>
</bindings>
<services>
<service name="MyWCFService">
<endpoint address=""
binding="customBinding"
bindingConfiguration="customBindingHTTP"
contract="MyWCFService" />
<endpoint address=""
binding="customBinding"
bindingConfiguration="customBindingHTTPS"
contract="MyWCFService" />
<endpoint address="mex" binding="mexHttpsBinding" contract="IMetadataExchange" />
</service>
</services>