I've been struggling with this for a couple of days now - I cannot get this WCF service configured correctly to use a custom membership provider. When I fire up the test client I get this error:
The username/password Membership provider MidlandsCoop.MembersWcfService.Business.UserAuthentication specified in the configuration is invalid. No such provider was found registered under system.web/membership/providers.
I have been following this MSDN link to no avail. Can anyone tell me where I'm going wrong?
Here's my web.config:
<?xml version="1.0"?>
<configuration>
<connectionStrings>
<add name="MyCS" connectionString="Data Source=my server;Initial Catalog=MyDB;Integrated Security=True" providerName="System.Data.SqlClient"/>
</connectionStrings>
<system.web>
<compilation debug="true" targetFramework="4.0" />
</system.web>
<system.serviceModel>
<bindings>
<wsHttpBinding>
<binding name="wsHttpBinding">
<security>
<message clientCredentialType="UserName" />
</security>
</binding>
</wsHttpBinding>
</bindings>
<services>
<service name="MidlandsCoop.MembersWcfService.MembersService" behaviorConfiguration="Service_Behaviour">
<endpoint address="" binding="basicHttpBinding" bindingConfiguration=""
name="basicHttpBinding" contract="MidlandsCoop.MembersWcfService.IMembersService" />
<endpoint binding="wsHttpBinding" bindingConfiguration="wsHttpBinding"
name="wsHttpBinding" contract="MidlandsCoop.MembersWcfService.IMembersService" />
<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" />
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="Service_Behaviour">
<serviceMetadata httpGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="false" />
<serviceCredentials>
<userNameAuthentication userNamePasswordValidationMode="Custom"
membershipProviderName="MidlandsCoop.MembersWcfService.Business.UserAuthentication" />
</serviceCredentials>
</behavior>
</serviceBehaviors>
</behaviors>
<serviceHostingEnvironment multipleSiteBindingsEnabled="true" aspNetCompatibilityEnabled="true" />
</system.serviceModel>
<system.webServer>
<modules runAllManagedModulesForAllRequests="true" />
</system.webServer>
</configuration>
My user authentication class is as follows:
public class UserAuthentication : UserNamePasswordValidator
{
public override void Validate(string userName, string password)
{
if (null == userName || null == password)
{
throw new ArgumentNullException();
}
var db = new PetaPoco.Database("MyDB");
db.Fetch<dynamic>("SELECT Username, Password FROM MyTable WHERE Username=#0 AND Password =#1",
userName, password);
}
}
Any suggestions would be greatly appreciated.
the link that you have provided mentions customUserNamePasswordValidatorType to specify custom authentication type, UserAuthentication in your case. I think MembershipProviderName should be a class derived from MembershipProvider Class.
I have a WCF hosted in SharePoint 2013 with two methods GET and SET send JSON data. The WCF worked fine under HTTP servers but now we need to move it to production and run it under SSL where we have a certificate installed on the server.
I made changes to the web.config file but I'm getting error 404 Not Found when I try to call the GET method.
Here is my Web.Config (working on HTTP before the change)
<?xml version="1.0"?>
<configuration>
<system.serviceModel>
<services>
<service name="WCF.Service" behaviorConfiguration="WCF.ServiceBehavior" >
<endpoint address=""
binding="webHttpBinding"
contract="WCF.IService"
/>
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="WCF.ServiceBehavior">
<serviceMetadata httpGetEnabled="true"/>
<serviceDebug includeExceptionDetailInFaults="true"/>
</behavior>
</serviceBehaviors>
<endpointBehaviors>
<behavior >
<webHttp/>
</behavior>
</endpointBehaviors>
</behaviors>
<bindings>
<webHttpBinding>
<binding name="NoSecurityHttpBinding">
<security mode="None">
<transport clientCredentialType="None" />
</security>
</binding>
</webHttpBinding>
</bindings>
</system.serviceModel>
<startup>
<supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.0"/>
</startup>
</configuration>
Here is what I tried to make the code work:
<?xml version="1.0"?>
<configuration>
<system.serviceModel>
<services>
<service name="WCF.Service" behaviorConfiguration="WCF.ServiceBehavior" >
<endpoint address=""
binding="webHttpBinding"
contract="WCF.IService"
/>
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="WCF.ServiceBehavior">
<serviceMetadata **httpsGetEnabled**="true"/>
<serviceDebug includeExceptionDetailInFaults="true"/>
</behavior>
</serviceBehaviors>
<endpointBehaviors>
<behavior >
<webHttp/>
</behavior>
</endpointBehaviors>
</behaviors>
<bindings>
<webHttpBinding>
<binding name="NoSecurityHttpBinding">
<security mode="**Transport**">
<transport clientCredentialType="None" />
</security>
</binding>
</webHttpBinding>
</bindings>
</system.serviceModel>
<startup>
<supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.0"/>
</startup>
</configuration>
Here is my C# Code on the service interface:
[ServiceContract]
public interface IService
{
[OperationContract]
[WebInvoke(Method = "GET", BodyStyle = WebMessageBodyStyle.Wrapped, UriTemplate = "Get/{Code}")]
Stream Get(string Code);
}
Method code
public class Service : IService
{
public Stream Get(string Code)
{
string strOutPut = "";
WebOperationContext.Current.OutgoingResponse.ContentType = "application/json;charset=utf8";
try
{
/// geting data
return new MemoryStream(Encoding.UTF8.GetBytes(strOutPut));
}
catch (Exception e)
{
// error handler
}
}
}
Any Ideas? What am I missing to enable this method on HTTPS as a SharePoint ISAPI hosted service?
You define security for your binding, but you never assign that binding to your endpoint:
<service name="WCF.Service" behaviorConfiguration="WCF.ServiceBehavior" >
<endpoint address=""
binding="webHttpBinding"
contract="WCF.IService" />
</service>
All your service endpoint says is use webHttpBinding - since you didn't specify a configuration for the binding, the defaults are used, and the default transport for webHttpBinding is None.
Use the bindingConfiguration attribute to tell the endpoint which binding configuration to use:
<endpoint address=""
binding="webHttpBinding"
bindingConfiguration="NoSecurityHttpBinding"
contract="WCF.IService" />
I'd suggest changing the name of your configuration to something other than "NoSecurityHttpBinding" if you're adding security to it.
There may be other issues as well, but you won't even get out of the door until you assign the binding configuration to your endpoint.
I'm new to WCF service. I wanted to create a WCF service with basichttpbinding to create a custom authentication mechanism before giving access to my WCF service. I have used
security mode = Transport and clientcredentialtype = basic. I have written a custom validator function for validating my username and password.
validator function
namespace CustomValidator
{
public class MyCustomValidator : UserNamePasswordValidator
{
public override void Validate(string userName, string password)
{
// This isn't secure, though!
if ((userName != "check") || (password != "check"))
{
throw new SecurityTokenException("Validation Failed!");
}
}
}
}
This is my service config file
< ?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.web>
<compilation debug="true" targetFramework="4.0" />
<identity impersonate="false" />
</system.web>
<system.serviceModel>
<diagnostics>
<endToEndTracing activityTracing="true" messageFlowTracing="true" propagateActivity="true"></endToEndTracing>
</diagnostics>
<bindings>
<basicHttpBinding>
<binding name="BasicHttpEndpointBinding">
<security mode="Transport">
<transport clientCredentialType="Basic" />
<!-- <message clientCredentialType="UserName" />-->
</security>
</binding>
</basicHttpBinding>
</bindings>
<services>
<service behaviorConfiguration="ServiceBehavior" name="Service">
<endpoint address="" binding="basicHttpBinding" name="BasicHttpEndpoint" bindingConfiguration="BasicHttpEndpointBinding" contract="IService">
<identity>
<dns value="localhost" />
</identity>
</endpoint>
<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" />
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="ServiceBehavior">
<!-- To avoid disclosing metadata information, set the value below to false and remove the metadata endpoint above before deployment -->
<serviceMetadata httpGetEnabled="false" />
<!-- To receive exception details in faults for debugging purposes, set the value below to true. Set to false before deployment to avoid disclosing exception information -->
<serviceDebug includeExceptionDetailInFaults="false" />
<serviceCredentials>
<userNameAuthentication userNamePasswordValidationMode="Custom" customUserNamePasswordValidatorType="CustomValidator.MyCustomValidator, App_Code" />
</serviceCredentials>
</behavior>
</serviceBehaviors>
</behaviors>
<serviceHostingEnvironment multipleSiteBindingsEnabled="true" />
</system.serviceModel>
<system.webServer>
<modules runAllManagedModulesForAllRequests="true" />
<security>
<authentication>
<basicAuthentication enabled="true" />
<anonymousAuthentication enabled="false" />
<windowsAuthentication enabled="false" />
</authentication>
</security>
</system.webServer>
</configuration>
So the problem here is that whenever I run my service, I get a login dialog were I enter username and password(my validator expects both username and password to be same), I'm not getting my service details page, which used to come up in normal case (without authentication mechanism). I don't know what I'm missing, I do feel like its all in configurations which matters in my case but still I can't find out the mistake.
Have Created and Shared a Demo Project for Username Password Authentication.Its Working Fine.
Pls Check
https://onedrive.live.com/redir?resid=3FE322C74D6AA4D1%21169
You can use SelfCert,given inside,to Create a Certificate with name TrustedPeople , Store Location LocalMachine
Any ideas how I correct this.. calling a service via js
The message with To 'http://MySite.svc/GetStateXML' cannot be processed at the receiver, due to an AddressFilter mismatch at the EndpointDispatcher. Check that the sender and receiver's EndpointAddresses agree
thanks
The error listed below indicates that the Web Service implements WS-Addressing.
"The message with To '' cannot be processed at the receiver, due to an AddressFilter mismatch at the EndpointDispatcher. Check that the sender and receiver's EndpointAddresses agree"
Include the following in your SOAP Headers to access the Web Service:
<soap:Header xmlns:wsa="http://www.w3.org/2005/08/addressing">
<wsa:To>http://example.com/service</wsa:To>
</soap:Header>
I just ran into this as well while going through an example in the Learning WCF book by Bustamante.
I had used the WCF Config Editor to fill out my config on my host and had put the value in the name attribute for my endpoint rather than the address attribute. Once I fixed it things worked.
I found another post that suggested using:
[ServiceBehavior(AddressFilterMode = AddressFilterMode.Any)]
on the implementation class, which worked but wasn't the root cause.
Bottom line appears to be: make sure your client and server configs match.
I got this error while I was using webHttpBinding.
I resolved it by adding
<endpointBehaviors>
<behavior name="EndPointBehavior">
<enableWebScript/>
</behavior>
</endpointBehaviors>
under <behaviors> and setting behaviorConfiguration="EndPointBehavior" in my endpoint with binding="webHttpBinding".
Full config:
<behaviors>
<serviceBehaviors>
<behavior name="ServiceBehavior">
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true"/>
<serviceDebug includeExceptionDetailInFaults="false"/>
</behavior>
</serviceBehaviors>
<endpointBehaviors>
<behavior name="EndPointBehavior">
<enableWebScript/>
</behavior>
</endpointBehaviors>
</behaviors>
<services>
<service name="WcfService1.Service1" behaviorConfiguration="ServiceBehavior">
<endpoint address=""
binding="webHttpBinding"
contract="WcfService1.IService1"
behaviorConfiguration="EndPointBehavior">
</endpoint>
<endpoint address="mex"
binding="mexHttpBinding"
contract="IMetadataExchange">
</endpoint>
</service>
</services>
I know it sounds silly but for anyone else that has this error check your address. We were getting this error because we had a double slash where there should have only been one.
http://localhost//servicename.svc
The above address caused the problem.
http://localhost/servicename.svc
Did not exhibit the problem.
We were dynamically creating the full address from parts of data read in from windows forms and a database. The user was entering /servicename.svc instead of servicename.svc
I had this issue in my development environment for a web service hosted in IIS. Solved it by going to 'IIS Manager' and added a binding to the host name complained about in the error message.
Add webHttp attribute to your config:
endpointBehaviors
behavior name ="yourServiceContract"
webHttp automaticFormatSelectionEnabled ="true "
behavior
I had the same kind of issue, just to be complete :
I used visual studio 2017
I needed to create a wcf service on an old application using .net 3.5
It should be exposed as a soap service and as a "Rest" service
the configuration that I needed to use (for rest part) was :
there is a config for the service behaviour and the endpoint behaviour
<system.serviceModel>
<behaviors>
<serviceBehaviors>
<behavior name="myServiceBehaviour">
<serviceMetadata httpGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="false" />
</behavior>
</serviceBehaviors>
<endpointBehaviors>
<behavior name="webEndpointBehaviour">
<webHttp />
</behavior>
</endpointBehaviors>
</behaviors>
<services>
<service name="My.Service" behaviorConfiguration="myServiceBehaviour">
<endpoint address="" binding="webHttpBinding" contract="My.IService" behaviorConfiguration="webEndpointBehaviour">
</endpoint>
<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" />
</service>
</services>
</system.serviceModel>
In my case I have WCF Service library application which is a RESTFul and Windows Service Host. I had problem with Host App.Config. Please see below
WCF Rest Service App.Config
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<system.web>
<compilation debug="true" />
</system.web>
<!-- When deploying the service library project, the content of the config file must be added to the host's
app.config file. System.Configuration does not support config files for libraries. -->
<system.serviceModel>
<services>
<service name="MyService.DocumentWCFRESTService" behaviorConfiguration="defaultServiceBehavior">
<!-- Service Endpoints -->
<!-- Unless fully qualified, address is relative to base address supplied above -->
<endpoint address="http://localhost:2023/DocumentWCFRESTService"
binding="webHttpBinding" behaviorConfiguration="webBehaviorConfiguration"
contract="MyService.IDocumentWCFRESTService" >
<!--
Upon deployment, the following identity element should be removed or replaced to reflect the
identity under which the deployed service runs. If removed, WCF will infer an appropriate identity
automatically.
-->
<identity>
<dns value="localhost"/>
</identity>
</endpoint>
<!-- Metadata Endpoints -->
<!-- The Metadata Exchange endpoint is used by the service to describe itself to clients. -->
<!-- This endpoint does not use a secure binding and should be secured or removed before deployment -->
<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange"/>
<host>
<baseAddresses>
<add baseAddress = "http://localhost:8733/Design_Time_Addresses/Document.Server.WCFREST.Service/DocumentWCFRESTService/" />
</baseAddresses>
</host>
</service>
</services>
<serviceHostingEnvironment multipleSiteBindingsEnabled="true" />
<bindings> </bindings>
<behaviors>
<serviceBehaviors>
<behavior name="defaultServiceBehavior">
<!-- To avoid disclosing metadata information,
set the values below to false before deployment -->
<serviceMetadata httpGetEnabled="True" httpGetUrl="http://localhost:2023/DocumentWCFRESTService"/>
<!-- To receive exception details in faults for debugging purposes,
set the value below to true. Set to false before deployment
to avoid disclosing exception information -->
<serviceDebug includeExceptionDetailInFaults="False" />
</behavior>
</serviceBehaviors>
<endpointBehaviors>
<behavior name="webBehaviorConfiguration">
<webHttp />
</behavior>
</endpointBehaviors>
</behaviors>
</system.serviceModel>
</configuration>
Windows Service Host App.Config
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<startup>
<supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.5" />
</startup>
<system.serviceModel>
<bindings>
<webHttpBinding>
<binding name="webHttpBindingConfiguration" maxBufferSize="2147483647" maxBufferPoolSize="2147483647" maxReceivedMessageSize="2147483647">
<readerQuotas maxDepth="2147483647" maxStringContentLength="2147483647"
maxArrayLength="2147483647" maxBytesPerRead="2147483647"
maxNameTableCharCount="2147483647" />
</binding>
</webHttpBinding>
</bindings>
<behaviors>
<serviceBehaviors>
<behavior name="documentWCFRESTServiceBehavior">
<!-- To avoid disclosing metadata information,
set the values below to false before deployment -->
<serviceMetadata httpGetEnabled="True" httpGetUrl="http://localhost:2023/DocumentWCFRESTService"/>
<!-- To receive exception details in faults for debugging purposes,
set the value below to true. Set to false before deployment
to avoid disclosing exception information -->
<serviceDebug includeExceptionDetailInFaults="False" />
</behavior>
</serviceBehaviors>
<endpointBehaviors>
<behavior name="webBehaviorConfiguration">
<webHttp />
</behavior>
</endpointBehaviors>
</behaviors>
<services>
<service name="MyService.DocumentWCFRESTService" behaviorConfiguration="documentWCFRESTServiceBehavior">
<endpoint address="http://localhost:2023/DocumentWCFRESTService" behaviorConfiguration="webBehaviorConfiguration"
binding="webHttpBinding" bindingConfiguration="webHttpBindingConfiguration"
contract="MyService.IDocumentWCFRESTService"></endpoint>
</service>
</services>
</system.serviceModel>
</configuration>
if you have multiple endpoints in your WCFService.config like:
<endpoint address="urn:Service.Test" .../>
<endpoint address="urn:Service.Test2".../>
<host>
<baseAddresses>
<add baseAddress="net.tcp://localhost:1234/Service/" />
<add baseAddress="http://localhost:1233/Service/" />
<add baseAddress="net.pipe://localhost/Service/" />
</baseAddresses>
</host>
You need to set EndpointAddress like in your config file.
Then you need ClientViaBehavior for the baseAddress.
NetTcpBinding binding = new NetTcpBinding(SecurityMode.None);
EndpointAddress address = new EndpointAddress("urn:Service.Test");
AndonClient client = new AndonClient(binding, address);
client.ChannelFactory.Endpoint.EndpointBehaviors.Add(new ClientViaBehavior(new Uri("net.tcp://localhost:1234/Service/Test")));
var response = client.GetDataAsync().Result;
For .net core you need to write the Behavior by yourself:
public class ClientViaBehavior : IEndpointBehavior
{
Uri uri;
public ClientViaBehavior(Uri uri)
{
if (uri == null)
throw new ArgumentNullException(nameof(uri));
this.uri = uri;
}
public Uri Uri
{
get { return this.uri; }
set
{
if (value == null)
throw new ArgumentNullException(nameof(value));
this.uri = value;
}
}
public void AddBindingParameters(ServiceEndpoint endpoint, BindingParameterCollection bindingParameters)
{
}
public void ApplyClientBehavior(ServiceEndpoint endpoint, ClientRuntime clientRuntime)
{
if (clientRuntime == null)
{
throw new ArgumentNullException(nameof(clientRuntime));
}
clientRuntime.Via = this.Uri;
}
public void ApplyDispatchBehavior(ServiceEndpoint endpoint, EndpointDispatcher endpointDispatcher)
{
throw new NotImplementedException();
}
void IEndpointBehavior.Validate(ServiceEndpoint serviceEndpoint)
{
}
}
I had a similar problem.
The following address was provided to the client:
https://test.mycompany.ru/ChannelService/api/connect.svc
But according to the logs, the client sent requests to the following address:
https://test.mycompany.ru/ChannelService/api/connect.svc/SOAP/Adapter
After I added the endpoint address to the configuration file, the service started working:
<services>
<service name="connect">
<endpoint address="/SOAP/Adapter"
binding="basicHttpBinding"
bindingConfiguration="secureHttpBinding"
contract="IContract">
</endpoint>
<endpoint address="mex"
binding="mexHttpsBinding"
contract="IMetadataExchange"/>
</service>
</services>
The key elements are the webHttp and binding="webHttpBinding" for the Json work in the browser test. However SoapUI still failed to return JSon.
Look at <webHttp />
<services>
<service name="SimpleService.SimpleService" behaviorConfiguration="serviceBehaviour">
<endpoint address="" binding="webHttpBinding" contract="SimpleService.ISimpleService" behaviorConfiguration="web">
</endpoint>
<endpoint address="mex"
binding="mexHttpBinding"
contract="IMetadataExchange">
</endpoint>
</service>
</services>
....
....
<endpointBehaviors>
<behavior name="web">
<webHttp />
</behavior>
</endpointBehaviors>
Server config:
<?xml version="1.0"?>
<configuration>
<system.serviceModel>
<behaviors>
<serviceBehaviors>
<behavior name="ServiceCredentialsBehavior">
<serviceCredentials>
<serviceCertificate findValue="cn=cool" storeName="TrustedPeople" storeLocation="CurrentUser" />
</serviceCredentials>
<serviceMetadata httpGetEnabled="true" />
</behavior>
</serviceBehaviors>
</behaviors>
<services>
<service behaviorConfiguration="ServiceCredentialsBehavior" name="Service">
<endpoint address="" binding="wsHttpBinding" bindingConfiguration="MessageAndUserName" name="SecuredByTransportEndpoint" contract="IService"/>
</service>
</services>
<bindings>
<wsHttpBinding>
<binding name="MessageAndUserName">
<security mode="Message">
<message clientCredentialType="UserName"/>
</security>
</binding>
</wsHttpBinding>
</bindings>
<client/>
</system.serviceModel>
<system.web>
<compilation debug="true"/>
</system.web>
My client config:
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<system.serviceModel>
<behaviors>
<endpointBehaviors>
<behavior name="LocalCertValidation">
<clientCredentials>
<serviceCertificate>
<authentication certificateValidationMode="PeerTrust" trustedStoreLocation="CurrentUser" />
</serviceCertificate>
</clientCredentials>
</behavior>
</endpointBehaviors>
</behaviors>
<bindings>
<wsHttpBinding>
<binding name="WSHttpBinding_IService" >
<security mode="Message">
<message clientCredentialType="UserName" />
</security>
</binding>
</wsHttpBinding>
</bindings>
<client>
<endpoint address="http://localhost:48097/WCFServer/Service.svc"
binding="wsHttpBinding"
bindingConfiguration="WSHttpBinding_IService"
contract="ServiceReference1.IService"
name="WSHttpBinding_IService" behaviorConfiguration="LocalCertValidation">
<identity>
<dns value ="cool" />
</identity>
</endpoint>
</client>
</system.serviceModel>
Service:
public string TestAccess()
{
return OperationContext.Current.ServiceSecurityContext.PrimaryIdentity.Name;
}
Client:
ServiceClient client = new ServiceClient();
client.ClientCredentials.UserName.UserName = "Admin";
client.ClientCredentials.UserName.Password = "123";
Console.WriteLine(client.TestAccess());
Console.ReadLine();
Error:
An unsecured or incorrectly secured fault was received from the other party. See the inner FaultException for the fault code and detail.
Inner exception:
At least one security token in the message could not be validated.
How do I resolve this exception?
I think the problem is your user name and password. With default configuration user name and password is validated as windows account. If you want other validation you must either use membership provider or custom user name password validator.
Since the error message is rather obscure, thought I would put it out there as another possible solution.
My environment uses Single Sign On (or STS if you prefer) to authenticate a user through ASP.NET MVC site. MVC site in turn makes a service call to my service endpoint by passing bearer token which it requested from STS server with Bootstrap token previously. The error I got was when I made a service call from MVC site.
In my case, this is caused by my Service's configuration as stated below. Particularly audienceUris node, it must exactly match the service endpoint:
<system.identityModel>
<identityConfiguration>
<audienceUris>
<add value="https://localhost/IdpExample.YService/YService.svc" />
</audienceUris>
....
</identityConfiguration>
</system.identityModel>
HTH.