I am trying to configure the DataApi.svc service of the DotNetOpenAuth to call my resources via https using AJAX.
I can call the service and hit the code behind but the OperationContext.Current.ServiceSecurityContext will be not authenticated
In IIS, I have "Anonymous authentication" set to "true".
In Fiddler I can see that the header is sent:
Authorization: Bearer gAAAAMcRmG5vw3LykShq7cNOEGUACBiNtlVGxGYdSVfkkXjR-[truncated]
The interface is decorated like that:
[ServiceContract]
public interface IDataApi {
[OperationContract, WebGet(UriTemplate = "/email", ResponseFormat = WebMessageFormat.Json)]
string GetEmail();
And here is my config:
<bindings>
<wsHttpBinding>
<binding>
<security mode="Transport">
<transport clientCredentialType="None"/>
</security>
</binding>
</wsHttpBinding>
<webHttpBinding>
<binding>
<security mode="Transport">
<transport clientCredentialType="None"/>
</security>
</binding>
</webHttpBinding>
</bindings>
<behaviors>
<serviceBehaviors>
<behavior name="DataApiBehavior">
<serviceDebug includeExceptionDetailInFaults="true" />
<serviceMetadata httpsGetEnabled="true" />
</behavior>
</serviceBehaviors>
<endpointBehaviors>
<behavior name="DataApiWebBehavior">
<webHttp />
</behavior>
</endpointBehaviors>
</behaviors>
<services>
<service behaviorConfiguration="DataApiBehavior" name="OAuthResourceServer.DataApi">
<endpoint address="" binding="wsHttpBinding" contract="OAuthResourceServer.Code.IDataApi" />
<endpoint address="mex" binding="mexHttpsBinding" contract="IMetadataExchange" />
<endpoint address="web" binding="webHttpBinding" contract="OAuthResourceServer.Code.IDataApi" behaviorConfiguration="DataApiWebBehavior">
</endpoint>
</service>
</services>
Any idea of what can be wrong?
Thanks!
I was missing the
<serviceAuthorizationserviceAuthorizationManagerType="OAuthResourceServer.Code.OAuthAuthorizationManager, OAuthResourceServer" principalPermissionMode="Custom" />
in the service behavior! Solved :)
Related
After adding SSL to my WCF service, global.asax methods like Apllication_Start or Application_BeginRequest stopped being triggered. The service itself launches normally with no exception. New code added below (and ofc some configurations in IIS Manager:
<system.serviceModel>
<services>
<service name="SomeService.Service" behaviorConfiguration="secureBehavior">
<endpoint
address=""
binding="basicHttpBinding" bindingConfiguration="secureHttpBinding"
contract="SomeService.IService" />
<endpoint
address="mex" binding="mexHttpsBinding"
contract="IMetadataExchange" />
</service>
</services>
<bindings>
<basicHttpBinding>
<binding name="secureHttpBinding">
<security mode="Transport">
<transport clientCredentialType="None" />
</security>
</binding>
</basicHttpBinding>
</bindings>
<behaviors>
<serviceBehaviors>
<behavior name="secureBehavior">
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="false" />
</behavior>
</serviceBehaviors>
</behaviors>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" />
</system.serviceModel>
I'm working with a WCF Service hosted in IIS however when i try navigate to the endpoint i receive the error "The protocol 'https' is not supported". It's hosted in IIS 10 locally running Windows 10.
The service is using wsHttpBinding with TransportWithMessageCredential.
Is this error something to do with the SSL certificate or IIS?
I already have a valid localhost certificate in my Local Machine > Personal certificate store.
What I've tried so far
Set the httpsGetUrl attribute to the .svc endpoint.
Checked IIS setting and default protocols is set to "http" which means
both http and https protocols are enabled.
Checked that the Application Pool is using .NET Framework 4.0
Restarted the application pool
I appreciate if someone can assist me.
Here is the current config:
<?xml version="1.0"?>
<configuration>
<system.web>
<compilation debug="true" targetFramework="4.0" />
</system.web>
<system.serviceModel>
<services>
<service name="XXX.Zoo.WebServices.ZooServices_3_0"
behaviorConfiguration="ZooServices_3_0_Behavior">
<endpoint
address="https://localhost/Zootest_3_0/ZooServices_3_0.svc"
binding="wsHttpBinding"
bindingConfiguration="ZooServices_3_0_Binding"
contract="XXX.Zoo.WebServices.IZooServices_3_0" />
<endpoint
address="https://localhost/Zootest_3_0/ZooServices_3_0.svc/mex"
binding="mexHttpsBinding"
contract="IMetadataExchange" />
</service>
</services>
<bindings>
<wsHttpBinding>
<binding name="ZooServices_3_0_Binding"
maxReceivedMessageSize="2147483647"
maxBufferPoolSize="2147483647" >
<readerQuotas
maxDepth="2147483647"
maxStringContentLength="2147483646"
maxArrayLength="2147483647"
maxBytesPerRead="2147483647"
maxNameTableCharCount="2147483647"/>
<security mode="TransportWithMessageCredential">
<transport clientCredentialType="None"
proxyCredentialType="None" realm="" />
<message clientCredentialType="Certificate"
negotiateServiceCredential="true" algorithmSuite="Default"
establishSecurityContext="true" />
</security>
</binding>
</wsHttpBinding>
</bindings>
<behaviors>
<serviceBehaviors>
<behavior name="ZooServices_3_0_Behavior">
<serviceMetadata httpsGetEnabled="true"
httpsGetUrl="https://localhost/Zootest_3_0/ZooServices_3_0.svc" />
<serviceDebug includeExceptionDetailInFaults="False" />
<!--The serviceCredentials behavior defines a service
certificate which is used by the service to authenticate
itself to its clients and to provide message protection. -->
<serviceCredentials>
<serviceCertificate
findValue="localhost"
storeLocation="LocalMachine"
storeName="My"
x509FindType="FindBySubjectName" />
<clientCertificate>
<authentication
certificateValidationMode="ChainTrust"/>
</clientCertificate>
</serviceCredentials>
</behavior>
</serviceBehaviors>
</behaviors>
</system.serviceModel>
</configuration>
This particular error was resolved by removing the httpsGetUrl attribute from the configuration:
httpsGetUrl="https://localhost/Zootest_3_0/ZooServices_3_0.svc
So the end result looks like this:
<serviceMetadata httpsGetEnabled="true"/>
If you want to enable the https protocol support, you should add the https endpoint which use transport transfer mode to the service. Then we should set up the https protocol site binding in the IIS site binding module.
I have made a demo, wish it is useful to you.
Server end.
[ServiceContract]
public interface IService1
{
[OperationContract]
string GetData(int value);
}
public class Service1 : IService1
{
public string GetData(int value)
{
return string.Format("You entered: {0}", value);
}
}
Web.config
<system.serviceModel>
<services>
<service name="WcfService1.Service1" behaviorConfiguration="mybehavior">
<endpoint address="" binding="basicHttpBinding" contract="WcfService1.IService1" bindingConfiguration="https"></endpoint>
<endpoint address="" binding="basicHttpBinding" contract="WcfService1.IService1" bindingConfiguration="http"></endpoint>
<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange"></endpoint>
</service>
</services>
<bindings>
<basicHttpBinding>
<binding name="https">
<security mode="TransportWithMessageCredential">
<transport clientCredentialType="None"></transport>
</security>
</binding>
<binding name="http">
<security mode="None">
</security>
</binding>
</basicHttpBinding>
</bindings>
<behaviors>
<serviceBehaviors>
<behavior name="mybehavior">
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true"/>
<serviceDebug includeExceptionDetailInFaults="true"/>
</behavior>
</serviceBehaviors>
</behaviors>
<protocolMapping>
<add binding="basicHttpsBinding" scheme="https" />
</protocolMapping>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" />
</system.serviceModel>
IIS.
Here are some links, wish it is useful to you.
WCF Service not hitting from postman over https
https://social.msdn.microsoft.com/Forums/vstudio/en-US/d42fc165-052d-476a-9580-1240b3d0293d/specify-endpoint-in-wcf-webconfig?forum=wcf
Feel free to let me know if there is anything I can help with.
I'm have created a self hosted WCF service that act as REST API service with webHttpBinding and support of CORS. I consume this service from the browser.
When I tried to add https, it didn't work.
I created the CERTS, and combine them according to this tutorial:
https://www.youtube.com/watch?v=ugpPSNxtAmY
my config is:
<system.serviceModel>
<services>
<service name="MyService.MyService">
<endpoint address="" binding="webHttpBinding" contract="MyService.IMyService" behaviorConfiguration="jsonBehavior">
<identity>
<dns value="MyMachine" />
</identity>
</endpoint>
<endpoint address="mex" binding="mexHttpsBinding" contract="IMetadataExchange" />
</service>
</services>
<extensions>
<behaviorExtensions>
<add name="crossOriginResourceSharingBehavior" type="Company.Common.EnableCrossOriginResourceSharingBehavior, Company.Common" />
</behaviorExtensions>
</extensions>
<behaviors>
<serviceBehaviors>
<behavior>
<!-- To avoid disclosing metadata information,
set the values below to false before deployment -->
<serviceMetadata httpGetEnabled="True" httpsGetEnabled="True"/>
<!-- To receive exception details in faults for debugging purposes,
set the value below to true. Set to false before deployment
to avoid disclosing exception information -->
<serviceDebug includeExceptionDetailInFaults="False" />
</behavior>
</serviceBehaviors>
<endpointBehaviors>
<behavior name="jsonBehavior">
<webHttp />
<crossOriginResourceSharingBehavior />
</behavior>
</endpointBehaviors>
</behaviors>
<bindings>
<webHttpBinding>
<binding crossDomainScriptAccessEnabled="true" maxBufferSize="2147483647" maxReceivedMessageSize="2147483647" maxBufferPoolSize="524288"
transferMode="Buffered">
<readerQuotas maxDepth="32" maxStringContentLength="2147483647"
maxArrayLength="2147483647" maxBytesPerRead="2147483647" maxNameTableCharCount="2147483647" />
<security mode="Transport">
<transport clientCredentialType="None"/>
</security>
</binding>
</webHttpBinding>
</bindings>
<standardEndpoints>
<webScriptEndpoint>
<standardEndpoint name="" crossDomainScriptAccessEnabled="true" />
</webScriptEndpoint>
</standardEndpoints>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true"/>
When I try to consume I got an error.
How can I do it.
The client of this service is a browser
This tutorial is awesome:
http://www.allenconway.net/2012/05/creating-wcf-restful-service-and-secure.html
it explains exactly what shall be done
I have a WCF service that works using basicHttpBinding, I'm trying to configure it to go over https and authenticate with a SQL membership provider, and to do this I'm trying to convert it to use wsHttpBinding.
However, with the updated config I get the following error when I try to connect with the client:
Could not find default endpoint element that references contract 'KFileService.IKFileWcfService' in the ServiceModel client configuration section. This might be because no configuration file was found for your application, or because no endpoint element matching this contract could be found in the client element.
Here's the relevant portion of the web.config for the server:
<system.serviceModel>
<protocolMapping>
<remove scheme="http" />
<add scheme="https" binding="wsHttpBinding" bindingConfiguration="wsHttpBinding_IKFileWcfServiceBinding" />
</protocolMapping>
<behaviors>
<serviceBehaviors>
<behavior name="KFileWcfServiceBehavior">
<serviceMetadata httpGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
<dataContractSerializer maxItemsInObjectGraph="2147483646" />
<serviceCredentials>
<userNameAuthentication userNamePasswordValidationMode="MembershipProvider"
membershipProviderName="SqlMembershipProvider" />
</serviceCredentials>
</behavior>
</serviceBehaviors>
</behaviors>
<services>
<service behaviorConfiguration="KFileWcfServiceBehavior" name="KFileWcfService">
<endpoint address="https://localhost:36492/KFileWcfService.svc"
binding="wsHttpBinding" bindingConfiguration="wsHttpBinding_IKFileWcfServiceBinding"
name="wsHttpBinding_IKFileWcfService" bindingName="wsHttpBinding_IKFileWcfServiceBinding"
contract="KFileWcfService.IKFileWcfService">
<identity>
<certificateReference storeLocation="CurrentUser" />
</identity>
</endpoint>
</service>
</services>
<serviceHostingEnvironment minFreeMemoryPercentageToActivateService="0" multipleSiteBindingsEnabled="true"/>
<bindings>
<wsHttpBinding>
<binding name="wsHttpBinding_IKFileWcfServiceBinding" maxBufferPoolSize="2147483647"
maxReceivedMessageSize="2147483647">
<readerQuotas maxDepth="32" maxStringContentLength="100000" maxArrayLength="2147483647"
maxBytesPerRead="4096" maxNameTableCharCount="16384" />
<security mode="Message">
</security>
</binding>
</wsHttpBinding>
</bindings>
</system.serviceModel>
And here's the client side:
<system.serviceModel>
<bindings>
<wsHttpBinding>
<binding name="wsHttpBinding_IKFileWcfService" />
</wsHttpBinding>
</bindings>
<client>
<endpoint address="https://localhost:36492/KFileWcfService.svc"
binding="wsHttpBinding" bindingConfiguration="wsHttpBinding_IKFileWcfService"
contract="KFileWcfService.IKFileWcfService" name="wsHttpBinding_IKFileWcfService" />
</client>
</system.serviceModel>
I've done my best to go through all the existing questions and examples already, but haven't had any luck. Can anyone tell me what I'm doing wrong?
Edit:
For further reference, here's the server side configuration that works with basicHttpBinding:
<system.serviceModel>
<behaviors>
<serviceBehaviors>
<behavior>
<!-- To avoid disclosing metadata information, set the value below to false before deployment -->
<serviceMetadata httpGetEnabled="true" />
<!-- To receive exception details in faults for debugging purposes, set the value below to true. Set to false before deployment to avoid disclosing exception information -->
<serviceDebug includeExceptionDetailInFaults="true" />
<dataContractSerializer maxItemsInObjectGraph="2147483646" />
</behavior>
</serviceBehaviors>
</behaviors>
<services>
<service name="KFileWcfService">
<endpoint address="https://localhost:36492/KFileWcfService.svc" binding="basicHttpBinding" bindingConfiguration="BasicHttpBinding_IKFileWcfService" contract="KFileService.IKFileWcfService" name="BasicHttpBinding_IKFileWcfService" />
</service>
</services>
<serviceHostingEnvironment minFreeMemoryPercentageToActivateService="0" multipleSiteBindingsEnabled="true"/>
<bindings>
<basicHttpBinding>
<binding name="BasicHttpBinding_IKFileWcfService" maxBufferSize="2147483647" maxBufferPoolSize="2147483647" maxReceivedMessageSize="2147483647" transferMode="Streamed">
<readerQuotas maxDepth="32" maxStringContentLength="100000" maxArrayLength="2147483647" maxBytesPerRead="4096" maxNameTableCharCount="16384" />
</binding>
</basicHttpBinding>
</bindings>
</system.serviceModel>
And client:
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="BasicHttpBinding_IKFileWcfService" />
</basicHttpBinding>
</bindings>
<client>
<endpoint address="https://localhost:36492/KFileWcfService.svc"
binding="basicHttpBinding" bindingConfiguration="BasicHttpBinding_IKFileWcfService"
contract="KFileService.IKFileWcfService" name="BasicHttpBinding_IKFileWcfService" />
</client>
</system.serviceModel>
The type of the service contract on the client which you're trying to use, based on your error messsage:
KFileService.IKFileWcfService
The type of the service contract interface which you have on your client config:
KFileWcfService.IKFileWcfService
They should be the same. Change the client config to
... contract="KFileService.IKFileWcfService" ...
And it should work.
I've a wcf config as shown below and I'm trying the run the service on https.
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="basicHttps">
<security mode="TransportWithMessageCredential">
<transport clientCredentialType="Username" />
<message />
</security>
</binding>
</basicHttpBinding>
</bindings>
<services>
<service behaviorConfiguration="serviceBehavior" name="MyService">
<endpoint address="mex" binding="mexHttpsBinding" bindingConfiguration=""
bindingNamespace="http://mydomain.com" contract="IMetadataExchange" />
<endpoint binding="basicHttpBinding" bindingConfiguration="basicHttps"
name="basicTest" bindingNamespace="http://mydomain.com"
contract="IMyContract" />
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="serviceBehavior">
<serviceMetadata httpsGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
<serviceCredentials>
<userNameAuthentication userNamePasswordValidationMode="MembershipProvider"
membershipProviderName="MySqlMembershipProvider" />
</serviceCredentials>
</behavior>
<behavior>
<serviceMetadata httpGetEnabled="true" />
</behavior>
</serviceBehaviors>
</behaviors>
<serviceHostingEnvironment multipleSiteBindingsEnabled="true" />
</system.serviceModel>
WCFSTORM error out with this:
*
The provided URI scheme 'https' is invalid; expected 'http'.
Could someone please help me point out my bug on above config please?
I also tried with this but same error:
<basicHttpBinding>
<binding name="basicHttps">
<security mode="Transport">
<transport clientCredentialType="None" />
<message />
</security>
</binding>
</basicHttpBinding>
My Service Class looks like below:
namespace Service
{
[ServiceBehavior(AddressFilterMode = AddressFilterMode.Any, Namespace = "http://mydomain.com")]
class MyService : IMyContract
{
}
}
Thank you all who put some comments on my question. finally I figured out myself. The config was all OK.
The problem was with WCF Storm, the Authentication Type should be set to NONE on Config dialog (WCF STORM).
Thank you again.
or use wsHttpBinding instead of basicHttpBinding and no need to change something on WCFStorm side