Why Creating new session id every time in wsHttpBinding - wcf

I am using following configuration to make my service sessionful, but for each request wcf service is responding me with new session id. Why it so, what I need to make it sessionful for that client so that for each request there should be same session id
<system.serviceModel>
<bindings>
<wsHttpBinding>
<binding name="wsHttp">
<readerQuotas maxStringContentLength="10240" />
<reliableSession enabled="true" />
</binding>
</wsHttpBinding>
</bindings>
<services>
<service name="wcfservice.serviceclass" behaviorConfiguration="MyFileServiceBehavior">
<host>
<baseAddresses>
<add baseAddress="http://localhost:51/"/>
<add baseAddress="net.tcp://localhost:52/"/>
</baseAddresses>
</host>
<endpoint address="pqr" binding="wsHttpBinding" bindingConfiguration="wsHttp"
name="b" contract="wcfservice.Iservice" />
<endpoint address="pqr" binding="netTcpBinding"
name="c" contract="wcfservice.Iservice" />
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="MyFileServiceBehavior">
<serviceMetadata httpGetEnabled="true" />
</behavior>
</serviceBehaviors>
</behaviors>
</system.serviceModel>

By default a session is initiated when channel is opened you can read more about it here in this Sessions in WCF
AS the default value of IsInitiating parameter is true each of your calls started a new session. Read more About it here IsInitiating and IsInitiating
So in your Operation contracts
[OperationContract(
IsInitiating=false,
IsTerminating=false
)]
public void MethodOne()
{
return;
}

Related

WCF custom username and password validation is not executed

I have a WCF service hosted on IIS 7.5 with the settings of basicHttpBinding binding and TransportWithMessageCredential security. I would like to send a FaultException to the client in case of failed authentication but unfortunately the Validate method of custom validator class is not executed.
I have read here, that custom validator works only for self-hosting scenario:
Is it true, or I made a mistake somewhere?
public class ServiceUserNamePasswordValidator : UserNamePasswordValidator
{
public override void Validate(string userName, string password)
{
if (null == userName || null == password)
{
throw new ArgumentNullException();
}
if (!(userName == MobilApp.Helper.SiteGlobal.UserName && password == MobilApp.Helper.SiteGlobal.Password))
{
throw new FaultException("Unknown Username or Incorrect Password");
}
}
}
web.config:
<system.serviceModel>
<serviceHostingEnvironment aspNetCompatibilityEnabled="True" />
<bindings>
<basicHttpBinding>
<binding name="ServiceBinding" useDefaultWebProxy="false">
<security mode="TransportWithMessageCredential">
<transport clientCredentialType="Certificate" />
<message clientCredentialType="UserName" />
</security>
</binding>
</basicHttpBinding>
</bindings>
<services>
<service name="Service.TestService" behaviorConfiguration="CustomValidator">
<endpoint address="" binding="basicHttpBinding" bindingConfiguration="ServiceBinding"
bindingNamespace="https://service/TestService/"
contract="Service.ITestService">
<identity>
<dns value="localhost" />
</identity>
</endpoint>
<endpoint address="mex" binding="mexHttpsBinding" contract="IMetadataExchange" />
<host>
<baseAddresses>
<add baseAddress="https://service/TestService/" />
</baseAddresses>
</host>
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="CustomValidator">
<useRequestHeadersForMetadataAddress/>
<serviceMetadata httpGetEnabled="false" httpsGetEnabled="True" httpsGetUrl="wsdl" />
<serviceDebug includeExceptionDetailInFaults="false" httpHelpPageEnabled="false" httpsHelpPageEnabled="true" />
<serviceCredentials>
<clientCertificate>
<authentication
certificateValidationMode="ChainTrust"
revocationMode="NoCheck" />
</clientCertificate>
<serviceCertificate
findValue="test.com"
x509FindType="FindBySubjectName"
storeLocation="LocalMachine"
storeName="My" />
<userNameAuthentication
userNamePasswordValidationMode="Custom"
customUserNamePasswordValidatorType="ServiceUserNamePasswordValidator, Service" />
</serviceCredentials>
</behavior>
</serviceBehaviors>
</behaviors>
Thank you.

WCF service worked with windows authentication, switched to use SSL now it wants anonymous

I have created a WCF service with Windows authentication that worked correctly.
Now I am trying to add SSL. After following the steps, it now seems to be using anonymous authentication, giving this error:
The HTTP request was forbidden with client authentication scheme 'Anonymous'.
Any clues would be appreciated.
We are using IIS 7.5 on Windows Server 2008 R2 and .Net version 4
The config file that worked correctly had this service model (server side):
<system.serviceModel>
<bindings />
<client />
<services>
<service name="WCFServiceTest.Service1" behaviorConfiguration="WCFServiceBehavior">
<endpoint address="" binding="wsHttpBinding" contract="WCFServiceTest.WCFService1">
<identity>
<dns value="localhost" />
</identity>
</endpoint>
<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" />
<host>
</host>
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="WCFServiceBehavior">
<serviceMetadata httpGetEnabled="True" policyVersion="Policy15" />
<serviceDebug includeExceptionDetailInFaults="True" />
</behavior>
</serviceBehaviors>
</behaviors>
This is the changed configuration
<system.serviceModel>
<bindings>
<wsHttpBinding>
<binding name="TransportWsSecurity">
<security mode="Transport">
<transport clientCredentialType="Windows"/>
</security>
</binding>
</wsHttpBinding>
</bindings>
<client />
<services>
<service name="WCFServiceTest.Service1" behaviorConfiguration="WCFServiceBehavior">
<endpoint address="" binding="wsHttpsBinding"
bindingConfiguration="TransportWsSecurity"
contract="WCFServiceTest.WCFService1">
<identity>
<dns value="localhost" />
</identity>
</endpoint>
<endpoint address="mex" binding="mexHttpsBinding" contract="IMetadataExchange" />
<host>
</host>
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="WCFServiceBehavior">
<serviceMetadata httpsGetEnabled="True" policyVersion="Policy15" />
<serviceDebug includeExceptionDetailInFaults="True" />
</behavior>
</serviceBehaviors>
</behaviors>
</system.serviceModel>
This is the code that calls the service. It never gets to the IgnoreCertificateErrorHandler which just returns true:
ServicePointManager.ServerCertificateValidationCallback = new RemoteCertificateValidationCallback(IgnoreCertificateErrorHandler);
WCFService1Client client = new WCFService1Client();
client.ClientCredentials.Windows.ClientCredential.UserName = Utility1.GetConfig("RemoteLogin");
client.ClientCredentials.Windows.ClientCredential.Password = Utility1.GetConfig("RemotePassword");
try
{
result = client.SendUpdatesFromLocation(temp);
}
catch (FaultException<WCFProcessFault> ex)
{
string op = ex.Detail.Operation;
string err = ex.Detail.Notes;
}
finally
{
client.Close();
}
WCFService1Client client = new WCFService1Client();
client.ClientCredentials.Windows.ClientCredential.UserName = Utility1.GetConfig("RemoteLogin");
client.ClientCredentials.Windows.ClientCredential.Password = Utility1.GetConfig("RemotePassword");
try
{
result = client.SendUpdatesFromLocation(temp);
}
catch (FaultException<WCFProcessFault> ex)
{
string op = ex.Detail.Operation;
string err = ex.Detail.Notes;
}
finally
{
client.Close();
}
<bindings>
<wsHttpBinding>
<binding name="TransportWsSecurity">
<security mode="Transport">
<transport clientCredentialType="Ntlm"/>
</security>
</binding>
</wsHttpBinding>
</bindings>
Try the above changes. This will use Ntlm rather than Negotiate (Kerberos) for auth. It is very very likely you haven't setup your server for Kerberos auth.

Contract requires Session, but Binding ‘WSHttpBinding’ doesn’t support it or isn’t configured properly to support it

I have specified the service contract to require the session.
[ServiceContract(SessionMode = SessionMode.Required)]
public interface ITicketSales
{
}
The service decorated like this:
[ServiceBehavior(InstanceContextMode = InstanceContextMode.PerSession, ConcurrencyMode = ConcurrencyMode.Single)]
public class TicketSalesService : ITicketSales
{
}
Here is my App.config file:
<system.serviceModel>
<services>
<service name="InternetRailwayTicketSales.TicketSalesImplementations.TicketSalesService" behaviorConfiguration="defaultBehavior">
<host>
<baseAddresses>
<add baseAddress = "https://localhost/TicketSales/"></add>
</baseAddresses>
</host>
<endpoint address="MainService" binding="wsHttpBinding" bindingConfiguration="wsSecureConfiguration"
contract="InternetRailwayTicketSales.TicketSalesInterface.ITicketSales" />
<endpoint address="mex" binding="mexHttpsBinding"
contract="IMetadataExchange"/>
</service>
</services>
<bindings>
<wsHttpBinding>
<binding name="wsSecureConfiguration">
<security mode="Transport">
<transport clientCredentialType="None"></transport>
</security>
</binding>
</wsHttpBinding>
</bindings>
<behaviors>
<serviceBehaviors>
<behavior name="defaultBehavior">
<serviceThrottling maxConcurrentInstances="5000" maxConcurrentSessions="5000"/>
<serviceMetadata httpGetEnabled="false" httpsGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="True" />
</behavior>
</serviceBehaviors>
</behaviors>
When I press F5 I receive the error message "Contract requires Session, but Binding ‘WSHttpBinding’ doesn’t support it or isn’t configured properly to support it."
I really need the channel which supports SSL and requires session.
You can support sessions by enabling message security:
<binding name="wsHttpSecureSession">
<security>
<message establishSecurityContext="true"/>
</security>
</binding>
If you need to go with transport security you may need to specify a client credential type

WCF 3.5 UserNameAuthentication is not working?

What I'm trying to do is to secure my service. To do this I'm using UserNameAuthentication. I did the binding and everything but some reason when I start the service I don't get the Validation prompt! Validate method is not triggered!
Here is my webConfig
I don't know what I'm missing here!
<system.serviceModel>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true"/>
<services>
<service behaviorConfiguration="IPhone.Service1Behavior" name="MobileService.IPhone">
<endpoint address="" binding="wsHttpBinding" contract="MobileService.IIPhone" bindingConfiguration="SafeServiceConf">
<identity>
<dns value="localhost"/>
</identity>
</endpoint>
<endpoint address="mex" binding="mexHttpsBinding" contract="IMetadataExchange"/>
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="IPhone.Service1Behavior">
<serviceMetadata httpGetEnabled="true"/>
<serviceDebug includeExceptionDetailInFaults="true" />
<serviceCredentials>
<userNameAuthentication
userNamePasswordValidationMode="Custom"
customUserNamePasswordValidatorType="MobileService.CustomValidator, MobileService" />
</serviceCredentials>
</behavior>
</serviceBehaviors>
</behaviors>
<bindings>
<wsHttpBinding>
<binding name="SafeServiceConf" maxReceivedMessageSize="65536">
<readerQuotas maxStringContentLength="65536" maxArrayLength="65536"
maxBytesPerRead="65536" />
<security mode="TransportWithMessageCredential">
<message clientCredentialType="UserName" />
</security>
</binding>
</wsHttpBinding>
</bindings>
Here is my code in IPhone.svc for validation
I put the CustomValidator class inside the service!
public class CustomValidator : UserNamePasswordValidator
{
public override void Validate(string userName, string password)
{
if (userName == "test" && password == "test")
return;
throw new SecurityTokenException(
"Unknown Username or Password");
}
}
Any help?
The validation prompt would not come from WCF. The UI is responsible for that (i.e. ASPX web form).
To pass a user name and password from a client to a service, you would do something like this:
proxy.ClientCredentials.UserName.UserName = "myUserName";
proxy.ClientCredentials.UserName.Password = "password";

Server side WCF (.svc) service stops working after exception

I'm using a duplex ReliableSecureProfile in WCF and the server will stop listening to new requests if an exception occurs on any client.
How can I make the server more resilient to failures that happen to any single client? Everything works again if I restart the server or redeploy
My client code looks like this:
CustomBinding rspBinding = new CustomBinding();
rspBinding.Elements.Add(new ReliableSessionBindingElement());
rspBinding.Elements.Add(new MakeConnectionBindingElement());
rspBinding.Elements.Add(new TextMessageEncodingBindingElement());
rspBinding.Elements.Add(new HttpTransportBindingElement());
DuplexChannelFactory<IProcessDataDuplex> channelFactory =
new DuplexChannelFactory<IProcessDataDuplex>
(new CallbackHandler(), rspBinding, serviceAddress);
//
// The problem always occurs on this line.
//
reusableSW = new LC.Utils.WCF.ServiceWrapper<IProcessDataDuplex>(channelFactory);
My web.config looks like this:
<system.serviceModel>
<behaviors>
<serviceBehaviors>
<behavior name="rspServiceBehavior">
<serviceMetadata httpGetEnabled="true" policyVersion="Policy15" />
<serviceDebug includeExceptionDetailInFaults="true" />
</behavior>
<behavior name="">
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
<useRequestHeadersForMetadataAddress>
<defaultPorts>
<add scheme="http" port="80" />
<add scheme="https" port="443" />
</defaultPorts>
</useRequestHeadersForMetadataAddress>
</behavior>
</serviceBehaviors>
</behaviors>
<bindings>
<customBinding>
<!-- Reliable Secure Profile -->
<binding name="rspBinding">
<reliableSession />
<MakeConnectionBindingElement/>
<textMessageEncoding />
<httpTransport />
</binding>
</customBinding>
<netTcpBinding>
<binding portSharingEnabled="true" >
<security mode="None" />
</binding>
</netTcpBinding>
</bindings>
<extensions>
<bindingElementExtensions>
<!-- Reliable Secure Profile -->
<add name="MakeConnectionBindingElement" type="Microsoft.Samples.ReliableSecureProfile.MakeConnectionElement, Microsoft.Samples.ReliableSecureProfile.MakeConnectionChannel" />
</bindingElementExtensions>
</extensions>
<services>
<!-- Reliable Secure Profile -->
<service behaviorConfiguration="rspServiceBehavior" name="Microsoft.Samples.ReliableSecureProfile.RSPService">
<endpoint binding="customBinding" bindingConfiguration="rspBinding"
contract="Microsoft.Samples.ReliableSecureProfile.IProcessDataDuplex"
listenUriMode="Explicit">
</endpoint>
<endpoint address="mex" binding="mexHttpBinding" bindingConfiguration=""
contract="IMetadataExchange" />
<host>
</host>
</service>
<!--<service name="WcfTcpTest.Service1" >
<host>
<baseAddresses>
<add baseAddress="net.tcp://localhost:1337/Service1/" />
</baseAddresses>
</host>
<endpoint address="" binding="netTcpBinding" contract="WcfTcpTest.IService1">
<identity>
<dns value="localhost"/>
</identity>
</endpoint>
<endpoint address="mex" binding="mexTcpBinding" contract="IMetadataExchange"/>
</service>-->
</services>
<protocolMapping>
<clear/>
<!-- removes all defaults which you may or may not want. -->
<!-- If not, use <remove scheme="http" /> -->
<add scheme="http" binding="customBinding" bindingConfiguration="rspBinding"/>
</protocolMapping>
<serviceHostingEnvironment
aspNetCompatibilityEnabled="false"
multipleSiteBindingsEnabled="true" />
</system.serviceModel>
I can't reproduce this issue anymore (where the server simply stops responding). I think the issue is related to VS2010's desire to catch handled exceptions and stop all threads as explained here:
Getting an Unhandled Exception in VS2010 debugger even though the exception IS handled