Currently I'm facing a problem trying to use the EWS, the original requirement is to connect to the mail of a specific user, after that, search for a specific folder, search for a mail and then download the attachment to a specific folder to the local machine so that later it can be processed by Integration Services, I don't want to use the EWS Managed API because I don't want to install anything when migrating to the production server, right now my idea is to develop a WCF service that connects to the EWS service through the .asmx uri and that will be able to fulfill my requirement, right now I'm ok connecting to the company's EWS but I have a few doubts:
According to Microsoft: http://msdn.microsoft.com/en-us/library/exchange/bb408524(v=exchg.150).aspx they say you must add a web service reference to your project, although it only mentions VS 2005 and VS 2008 (I'm working with VS 2012), it should automatically creates the class ExchangeServiceBinding which gives you everything you need in order to impersonate an account, my first question is: why I'm not seeing this class added to my project? should I expect this is because I am using VS 2012?
ok, anyway I'm able to use some methods like getPasswordExpirationTime, but when I use the FindFolder method, I'm getting the error: "The account does not have permission to impersonate the requested user.", this is my method:
using (ExchangeServicePortTypeClient exchangeServicePortTypeClient = new ExchangeServicePortTypeClient())
{
exchangeServicePortTypeClient.ChannelFactory.Endpoint.Address = new EndpointAddress("https://email.kraft.com/EWS/Exchange.asmx");
FindFolderResponseType findFolderResponseType = null;
exchangeServicePortTypeClient.FindFolder(
new ExchangeImpersonationType
{
ConnectingSID = new ConnectingSIDType
{
Item = #"gilberto.gutierrez#mdlz.com",
ItemElementName = ItemChoiceType1.PrimarySmtpAddress
}
},
null,
new RequestServerVersion { Version = ExchangeVersionType.Exchange2010_SP2 },
null,
new FindFolderType
{
FolderShape = new FolderResponseShapeType
{
BaseShape =
DefaultShapeNamesType.Default
}
}, out findFolderResponseType);
}
I have tried to set the credentials through this:
exchangeServicePortTypeClient.ClientCredentials.Windows.ClientCredential.UserName
exchangeServicePortTypeClient.ClientCredentials.Windows.ClientCredential.Password
exchangeServicePortTypeClient.ClientCredentials.Windows.ClientCredential.Domain
exchangeServicePortTypeClient.ChannelFactory.Credentials.Windows.ClientCredential.UserName
exchangeServicePortTypeClient.ChannelFactory.Credentials.Windows.ClientCredential.Password
exchangeServicePortTypeClient.ChannelFactory.Credentials.Windows.ClientCredential.Domain
with no luck :(.
by the way, this is my wcf config file.
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<!--Diagnostics section, we will only catch error and warning in production-->
<system.diagnostics>
<sources>
<source propagateActivity="true" name="System.ServiceModel" switchValue="Error, Warning">
<listeners>
<add type="System.Diagnostics.DefaultTraceListener" name="Default">
<filter type="" />
</add>
<add type="System.Diagnostics.DefaultTraceListener" name="SellOut.ExchangeWcfService">
<filter type="" />
</add>
<add name="ServiceModelTraceListener">
<filter type="" />
</add>
</listeners>
</source>
<source name="System.ServiceModel.MessageLogging" switchValue="Error, Warning">
<listeners>
<add type="System.Diagnostics.DefaultTraceListener" name="Default">
<filter type="" />
</add>
<add type="System.Diagnostics.DefaultTraceListener" name="SellOut.ExchangeWcfService">
<filter type="" />
</add>
<add name="ServiceModelMessageLoggingListener">
<filter type="" />
</add>
</listeners>
</source>
</sources>
<sharedListeners>
<add initializeData="C:\Users\LFH2623\Documents\SellOut\SellOut\SellOut.Hosts.ExchangeWcfService\SellOut.ExchangeWcfService_web_tracelog.svclog"
type="System.Diagnostics.XmlWriterTraceListener, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
name="ServiceModelTraceListener" traceOutputOptions="LogicalOperationStack, DateTime, Callstack">
<filter type="" />
</add>
<add initializeData="C:\Users\LFH2623\Documents\SellOut\SellOut\SellOut.Hosts.ExchangeWcfService\SellOut.ExchangeWcfService_web_messages.svclog"
type="System.Diagnostics.XmlWriterTraceListener, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
name="ServiceModelMessageLoggingListener" traceOutputOptions="LogicalOperationStack, DateTime, Callstack">
<filter type="" />
</add>
</sharedListeners>
<trace autoflush="true" />
</system.diagnostics>
<!--Framework Section-->
<appSettings>
<add key="aspnet:UseTaskFriendlySynchronizationContext" value="true" />
</appSettings>
<!--Web section-->
<system.web>
<compilation debug="true" targetFramework="4.5" />
<httpRuntime targetFramework="4.5" maxRequestLength="2147483646" />
</system.web>
<!--Web server section-->
<system.webServer>
<directoryBrowse enabled="false"/>
<defaultDocument enabled="true"/>
<modules runAllManagedModulesForAllRequests="true"/>
</system.webServer>
<!--WS section-->
<system.serviceModel>
<diagnostics>
<messageLogging logMalformedMessages="true"
maxMessagesToLog="10000"
logMessagesAtTransportLevel="true"
logMessagesAtServiceLevel="True"
logEntireMessage="true"/>
<endToEndTracing activityTracing="false" />
</diagnostics>
<!--For the ExchangeWebService we will aply the following service and endpoint behaviors-->
<behaviors>
<serviceBehaviors>
<behavior name="ExchangeWebService">
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="false" />
<serviceDebug includeExceptionDetailInFaults="false" httpHelpPageEnabled="true" />
<dataContractSerializer maxItemsInObjectGraph="2147483646" />
<serviceTimeouts transactionTimeout="01:00:00" />
<serviceThrottling maxConcurrentCalls="100" maxConcurrentSessions="100" maxConcurrentInstances="100"/>
<serviceDiscovery>
<announcementEndpoints>
<endpoint kind="udpAnnouncementEndpoint"></endpoint>
</announcementEndpoints>
</serviceDiscovery>
</behavior>
</serviceBehaviors>
<!-- Define the corresponding scope for the clients to find the service through resolve message -->
<endpointBehaviors>
<behavior name="ExchangeWebService">
<endpointDiscovery enabled="true">
<scopes>
<add scope="http://SellOut.ExchangeWcfService/"/>
</scopes>
</endpointDiscovery>
</behavior>
</endpointBehaviors>
</behaviors>
<!-- In case you want to scale this service -->
<standardEndpoints>
<!-- We allow the service to be discoverable through the network in an adhoc architecture through UDP -->
<udpDiscoveryEndpoint>
<standardEndpoint name="adhocDiscoveryEndpointConfiguration"
discoveryMode="Adhoc"
discoveryVersion="WSDiscovery11"
maxResponseDelay="00:00:10">
</standardEndpoint>
</udpDiscoveryEndpoint>
<!-- We allow the service to be discoverable through the network in a managed architecture -->
<discoveryEndpoint>
<standardEndpoint name="managedDiscoveryEndpoint" discoveryMode="Managed" maxResponseDelay="00:01:00"/>
</discoveryEndpoint>
<!-- We announce the service with hello & bye -->
<announcementEndpoint>
<standardEndpoint name="udpAnnouncementEndpointConfiguration"
discoveryVersion="WSDiscovery11" />
</announcementEndpoint>
</standardEndpoints>
<!--All the Kraft's clients are .net, so we will use the proprietary binary message encoding to reduce the message's size -->
<bindings>
<customBinding>
<binding name="wsHttpBindingBynaryEncoding"
closeTimeout="00:10:00"
openTimeout="00:10:00"
receiveTimeout="00:10:00"
sendTimeout="00:10:00">
<binaryMessageEncoding>
<readerQuotas maxDepth="32"
maxStringContentLength="5242880"
maxArrayLength="2147483646"
maxBytesPerRead="4096"
maxNameTableCharCount="5242880" />
</binaryMessageEncoding>
<httpTransport
transferMode="Buffered"
maxBufferPoolSize="2147483646"
maxReceivedMessageSize="2147483646">
</httpTransport>
</binding>
</customBinding>
<basicHttpBinding>
<binding name="KraftEWS" messageEncoding="Text" transferMode="Buffered">
<security mode="Transport">
<transport clientCredentialType="Windows" proxyCredentialType="Windows"></transport>
</security>
</binding>
</basicHttpBinding>
</bindings>
<!-- We reference the Kraft EWS -->
<client>
<endpoint binding="basicHttpBinding" bindingConfiguration="KraftEWS"
contract="KraftEWS.ExchangeServicePortType"
name="ExchangeServiceBinding_ExchangeServicePortType">
</endpoint>
</client>
<!--Services section-->
<services>
<service name="SellOut.Services.Exchange.ExchangeWebService" behaviorConfiguration="ExchangeWebService">
<endpoint name="rules"
address="rules"
binding="customBinding"
bindingConfiguration="wsHttpBindingBynaryEncoding"
behaviorConfiguration="ExchangeWebService"
contract="SellOut.Contracts.Exchange.IExchangeRulesContract"/>
<endpoint name="udpDiscovery"
kind="udpDiscoveryEndpoint"
endpointConfiguration="adhocDiscoveryEndpointConfiguration" />
<endpoint name="mex"
address="mex"
binding="mexHttpBinding"
contract="IMetadataExchange" />
</service>
</services>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" />
</system.serviceModel>
</configuration>
another thing to mention, in this config:
<basicHttpBinding>
<binding name="KraftEWS" messageEncoding="Text" transferMode="Buffered">
<security mode="Transport">
<transport clientCredentialType="Windows" proxyCredentialType="Windows"></transport>
</security>
</binding>
</basicHttpBinding>
if I remove the part client credential type "Windows", when trying to run the service the exception is :
The HTTP request is unauthorized with client authentication scheme 'Anonymous'. The authentication header received from the server was 'Negotiate,NTLM'.
can you guys give me a hand.
Thanks in advice.
I highly suggest that you use the EWS Managed API for this. I don't understand what you mean when you state that you don't want to install anything on the production server since you will have to install the WCF service on your production server, along with the object model created by the Add Web Service reference project. But, it looks like you got passed this part, so let's move on....
Excellent, good to know that you could call getPassowrdExpirationTime. Thank you for providing me that info.
The reason why you get the message "The account does not have permission to impersonate the requested user" is because the account that runs your WCF service doesn't have impersonation rights to the mailbox. You will need to setup Exchange impersonation before your service account can access the user's account. Once your service has credentials that Exchange can lookup in AD (which it already does), and it has rights to impersonate your users (which is on your TODO list), your code should work since authentication is done based on the service account's identity.
All parts of your question after your code example are not in scope. You don't need to make any changes to the web.config (at least I don't think so). I assume that you are testing against an on-premise server since the Auth schemes were Negotiate and NTLM.
With regards,
The article you linked to
Related
I'm having a game with a WCF service and Azure.
I have several WCF Services running successfully on Azure, this particular service has been operating correctly until I decided to redeploy it under a different (existing) Cloud Service.
I removed it from under the role of cloud service X in my VS solution and added it to another cloud service role. I published and when I do, I receive the exception error
"Unhandled Exception: Microsoft.WindowsAzure.ServiceRuntime.RoleEnvironmentException". I'm told that the service is been recycled, constantly.
This message appears in the Azure management portal under the instance this WCF service is under. I've tried it on it's own cloud service and under a service with of instances.
Having reviewed scant articles on the issue (http://blogs.msdn.com/b/davidmcg/archive/2011/03/10/diagnosticmonitor-roleenvironmentexception-was-unhandled.aspx) and (http://www.microsofttranslator.com/bv.aspx?from=&to=en&a=http%3A%2F%2Fpul.se%2FBlog-Post-Error-RoleEnvironmentException-was-unhandled_Video-ptFrIOhJU6%2ClWCxfMvJiNbE)
Remoting onto the instance, I have the following in event viewer:
Application: WaIISHost.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: Microsoft.WindowsAzure.ServiceRuntime.RoleEnvironmentException
Stack:
at Microsoft.WindowsAzure.ServiceRuntime.Implementation.Loader.RoleRuntimeBridge.<InitializeRole>b__0()
at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
at System.Threading.ThreadHelper.ThreadStart()
I have also found:
Microsoft.WindowsAzure.ServiceRuntime.RoleEnvironmentException: error
at Microsoft.WindowsAzure.ServiceRuntime.RoleEnvironment.GetLocalResource(String localResourceName)
at WCFServiceDataTransfer.AzureLocalStorageTraceListener.GetLogDirectory()
at WCFServiceDataTransfer.WebRole.OnStart()
But this is auto generated code in AzureLocalStorageTraceListener.
How can I get to the bottom of this problem?
Web.Config
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<!-- To collect diagnostic traces, uncomment the section below or merge with existing system.diagnostics section.
To persist the traces to storage, update the DiagnosticsConnectionString setting with your storage credentials.
To avoid performance degradation, remember to disable tracing on production deployments.
<system.diagnostics>
<sharedListeners>
<add name="AzureLocalStorage" type="WCFServiceDataTransfer.AzureLocalStorageTraceListener, WCFServiceDataTransfer"/>
</sharedListeners>
<sources>
<source name="System.ServiceModel" switchValue="Verbose, ActivityTracing">
<listeners>
<add name="AzureLocalStorage"/>
</listeners>
</source>
<source name="System.ServiceModel.MessageLogging" switchValue="Verbose">
<listeners>
<add name="AzureLocalStorage"/>
</listeners>
</source>
</sources>
</system.diagnostics> -->
<system.diagnostics>
<trace>
<listeners>
<add type="Microsoft.WindowsAzure.Diagnostics.DiagnosticMonitorTraceListener, Microsoft.WindowsAzure.Diagnostics, Version=1.8.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" name="AzureDiagnostics">
</add>
</listeners>
</trace>
</system.diagnostics>
<system.web>
<compilation debug="true" targetFramework="4.0" />
</system.web>
<system.serviceModel>
<client />
<services>
<service behaviorConfiguration="TransferServiceBehavior" name="WCFServiceDataTransfer.TransferService">
<endpoint address="" binding="basicHttpBinding" bindingConfiguration="TransferService" contract="WCFServiceDataTransfer.ITransferService">
</endpoint>
</service>
</services>
<bindings>
<basicHttpBinding>
<binding name="TransferService" maxBufferSize="2147483647" maxReceivedMessageSize="2147483647"
transferMode="Streamed">
<readerQuotas maxDepth="2147483647" maxStringContentLength="2147483647"
maxArrayLength="2147483647" maxBytesPerRead="2147483647" maxNameTableCharCount="2147483647" />
<security mode="None" />
</binding>
</basicHttpBinding>
</bindings>
<behaviors>
<serviceBehaviors>
<behavior name="TransferServiceBehavior">
<serviceMetadata httpGetEnabled="true" />
<dataContractSerializer maxItemsInObjectGraph="2147483647" />
<serviceDebug includeExceptionDetailInFaults="true" />
<serviceThrottling maxConcurrentCalls="500" maxConcurrentSessions="500" maxConcurrentInstances="500" />
</behavior>
<behavior>
<!-- To avoid disclosing metadata information, set the value below to false before deployment -->
<serviceMetadata httpGetEnabled="true" />
<!-- To receive exception details in faults for debugging purposes, set the value below to true. Set to false before deployment to avoid disclosing exception information -->
<serviceDebug includeExceptionDetailInFaults="true" />
</behavior>
</serviceBehaviors>
</behaviors>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" />
</system.serviceModel>
<system.webServer>
<modules runAllManagedModulesForAllRequests="true" />
<!--
To browse web app root directory during debugging, set the value below to true.
Set to false before deployment to avoid disclosing web app folder information.
-->
<directoryBrowse enabled="true" />
</system.webServer>
<runtime>
<assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
<dependentAssembly>
<assemblyIdentity name="Microsoft.Data.Services.Client" publicKeyToken="31bf3856ad364e35" culture="neutral" />
<bindingRedirect oldVersion="0.0.0.0-5.1.0.0" newVersion="5.1.0.0" />
</dependentAssembly>
</assemblyBinding>
<httpRuntime maxRequestLength="2097151" useFullyQualifiedRedirectUrl="true" executionTimeout="14400" />
</runtime>
</configuration>
Entry
public class WebRole : RoleEntryPoint
{
public override bool OnStart()
{
// To enable the AzureLocalStorageTraceListner, uncomment relevent section in the web.config
DiagnosticMonitorConfiguration diagnosticConfig = DiagnosticMonitor.GetDefaultInitialConfiguration();
diagnosticConfig.Directories.ScheduledTransferPeriod = TimeSpan.FromMinutes(1);
diagnosticConfig.Directories.DataSources.Add(AzureLocalStorageTraceListener.GetLogDirectory());
// For information on handling configuration changes
// see the MSDN topic at http://go.microsoft.com/fwlink/?LinkId=166357.
return base.OnStart();
}
}
Ok, this is what resolved the issue.
I added the following to my ServiceDefinition.csdef file under the Imports closing tag. It was not present at all, once I added the below and published the instance was able to start.
Using version 1.8
<LocalResources>
<LocalStorage name="WCFServiceDataTransfer.svclog" sizeInMB="1000" cleanOnRoleRecycle="false" />
</LocalResources>
Help this helps someone else one day.
The server did not provide a meaningful reply this might be caused by
a contract mismath, a premature session shutdown or an internal server
error
Hey, I got an exception after calling a wcf service. I know this exception can get found a lot on stackoverflow, but I have a special behaviour. I also tried nearly all solution which are recommended, without success...
My project does the following: The module is like a normal chat, a wpf and asp usercontrol calls the service every 5 seconds and gets the online users. this normally worked fine on my windows 7 workstation. After I started to develope software on my new workstation with win 8 on it, I got this exception. The IIS Configuration are still the same. After the first user starts to frequently call the service everything works, until a second user calls the same service the exception above shows up.
I set up a testmachine on win 7 and look what happens... Everything works again... I don't have a clue what to do ...
Service web.config:
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<system.diagnostics>
<sources>
<source name="System.ServiceModel" switchName="Information, ActivityTracing" propagateActivity="true">
<listeners>
<add name="xml" />
</listeners>
</source>
<source name="System.ServiceModel.MessageLogging">
<listeners>
<add name="xml" />
</listeners>
</source>
<source name="myUserTraceSource" switchName="Information, ActivityTracing">
<listeners>
<add name="xml" />
</listeners>
</source>
</sources>
<sharedListeners>
<add name="xml" type="System.Diagnostics.XmlWriterTraceListener" initializeData="hi5.PSA.ServiceLog.svclog" />
</sharedListeners>
</system.diagnostics>
<appSettings>
<add key="Log4NetPath" value="config.log4net" />
</appSettings>
<system.web>
<compilation debug="true" targetFramework="4.0">
<assemblies>
<add assembly="System.Data.Entity, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
</assemblies>
</compilation>
<pages controlRenderingCompatibilityVersion="3.5" clientIDMode="AutoID" />
<!-- that many MB should be enough :) -->
<httpRuntime maxRequestLength="2147483647" />
</system.web>
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="BasicHttpBinding_IPmiLookup" />
</basicHttpBinding>
</bindings>
<services>
<service name="SolutionName.ChatService" behaviorConfiguration="chatServiceBehavior">
<endpoint address="" binding="wsDualHttpBinding" contract="SolutionName.contracts.Chat.IChatManager" />
<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" />
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="chatServiceBehavior">
<serviceMetadata httpGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
</behavior>
<behavior name="">
<serviceMetadata httpGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
</behavior>
</serviceBehaviors>
</behaviors>
</system.serviceModel>
<system.webServer>
<modules runAllManagedModulesForAllRequests="true"></modules>
</system.webServer>
<connectionStrings>
<add name="MyEntities" connectionString="metadata=res://*/Users.csdl|res://*/Users.ssdl|res://*/Users.msl;provider=System.Data.SqlClient;provider connection string="Data Source=localhost;Initial Catalog=MyDB;Integrated Security=SSPI;MultipleActiveResultSets=True"
" providerName="System.Data.EntityClient" />
</connectionStrings>
</configuration>
Client app.config:
<system.serviceModel>
<bindings>
<wsDualHttpBinding>
<binding name="WSDualHttpBinding_IChatManager" closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00" bypassProxyOnLocal="false" transactionFlow="false" hostNameComparisonMode="StrongWildcard" maxBufferPoolSize="524288" maxReceivedMessageSize="65536" messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384" maxBytesPerRead="4096" maxNameTableCharCount="16384" />
<reliableSession ordered="true" inactivityTimeout="00:10:00" />
<security mode="Message">
<message clientCredentialType="Windows" negotiateServiceCredential="true" algorithmSuite="Default" />
</security>
</binding>
</wsDualHttpBinding>
</bindings>
<client>
<endpoint address="http://localhost/SolutionName/ChatService.svc" binding="wsDualHttpBinding" bindingConfiguration="WSDualHttpBinding_IChatManager" contract="hi5.medview.server.contracts.Chat.IChatManager" name="WSDualHttpBinding_ChatManager">
<identity>
<servicePrincipalName value="host/MyName"/>
</identity>
</endpoint>
</client>
Does anyone has any idea. The thing which makes me crazy is that, the service works fine for the first user who is calling it, but after a second user calls it, the damn thing doesn't work anymore...
Please help...
Thx
I'm getting the following error in my client application when it tries to authenticate to my service:
ID3242: The security token could not be authenticated or authorized
Here is the configuration of the client:
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<system.serviceModel>
<bindings>
<ws2007HttpBinding>
<binding name="stsBinding">
<security mode="Message">
<message clientCredentialType="UserName"
establishSecurityContext="false"
negotiateServiceCredential="true"/>
</security>
</binding>
</ws2007HttpBinding>
<ws2007FederationHttpBinding>
<binding name="echoClaimsBinding">
<security mode="Message">
<message>
<claimTypeRequirements>
<add claimType="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" isOptional="false"/>
</claimTypeRequirements>
<issuer address="http://localhost:17240/STS.svc"
bindingConfiguration="stsBinding"
binding="ws2007HttpBinding">
<identity>
<dns value="WCFSTS"/>
</identity>
</issuer>
<issuerMetadata address="http://localhost:17240/STS.svc/Mex"></issuerMetadata>
</message>
</security>
</binding>
</ws2007FederationHttpBinding>
</bindings>
<behaviors>
<endpointBehaviors>
<behavior name="echoClaimsBehavior">
<clientCredentials>
<serviceCertificate>
<defaultCertificate
findValue="CN=WCFSTS"
storeLocation="LocalMachine"
storeName="My"
x509FindType="FindBySubjectDistinguishedName"/>
<authentication
revocationMode="NoCheck"
certificateValidationMode="None"/>
</serviceCertificate>
</clientCredentials>
</behavior>
</endpointBehaviors>
</behaviors>
<client>
<endpoint address="http://localhost:1438/EchoClaims.svc/EchoClaims"
binding="ws2007FederationHttpBinding"
bindingConfiguration="echoClaimsBinding"
contract="TestService.IEchoClaims"
name="WS2007FederationHttpBinding_IEchoClaims"
behaviorConfiguration="echoClaimsBehavior">
<identity>
<dns value="WCFServer"/>
</identity>
</endpoint>
</client>
</system.serviceModel>
</configuration>
Here is the configuration of the service
<?xml version="1.0"?>
<configuration>
<configSections>
<section name="microsoft.identityModel" type="Microsoft.IdentityModel.Configuration.MicrosoftIdentityModelSection, Microsoft.IdentityModel, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
</configSections>
<system.web>
<compilation debug="true" targetFramework="4.0">
<assemblies>
<add assembly="Microsoft.IdentityModel, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
</assemblies>
</compilation>
</system.web>
<system.serviceModel>
<services>
<service name="WcfService1.EchoClaims"
behaviorConfiguration="echoClaimsBehavior">
<endpoint address=""
contract="WcfService1.IEchoClaims"
binding="ws2007FederationHttpBinding"
bindingConfiguration="echoClaimsBinding"></endpoint>
<endpoint address="mex"
binding="mexHttpBinding"
contract="IMetadataExchange" />
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="echoClaimsBehavior">
<serviceMetadata httpGetEnabled="true" />
<serviceCredentials>
<serviceCertificate
findValue="CN=WCFServer"
storeLocation="LocalMachine"
storeName="My"
x509FindType="FindBySubjectDistinguishedName" />
</serviceCredentials>
</behavior>
</serviceBehaviors>
</behaviors>
<serviceHostingEnvironment multipleSiteBindingsEnabled="true" />
<bindings>
<ws2007FederationHttpBinding>
<binding name="echoClaimsBinding">
<security mode="Message">
<message negotiateServiceCredential="true">
<!--<issuerMetadata address="http://localhost:17240/STS.svc/mex" />-->
<claimTypeRequirements>
<!--Following are the claims offered by STS 'http://localhost:17240/STS.svc'. Add or uncomment claims that you require by your application and then update the federation metadata of this application.-->
<add claimType="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" isOptional="false" />
</claimTypeRequirements>
</message>
</security>
</binding>
</ws2007FederationHttpBinding>
</bindings>
<diagnostics>
<messageLogging logEntireMessage="true"
logMessagesAtServiceLevel="true"
logMessagesAtTransportLevel="true"></messageLogging>
</diagnostics>
</system.serviceModel>
<system.webServer>
<modules runAllManagedModulesForAllRequests="true" />
</system.webServer>
<microsoft.identityModel>
<service>
<audienceUris mode="Never"/>
<issuerNameRegistry type="WcfService1.CustomIssuerNameRegistry, WcfService1"/>
</service>
</microsoft.identityModel>
<system.diagnostics>
<sources>
<source name="System.ServiceModel" switchValue="Warning, Error, ActivityTracing"
propagateActivity="true">
<listeners>
<add name="ServiceModelTraceListener"/>
</listeners>
</source>
</sources>
<sharedListeners>
<add initializeData="ecb_tracelog.svclog"
type="System.Diagnostics.XmlWriterTraceListener, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
name="ServiceModelTraceListener" traceOutputOptions="Timestamp">
<filter type="" />
</add>
</sharedListeners>
<trace autoflush="true" />
</system.diagnostics>
</configuration>
Please let me know if anyone has an idea of how to determine why authentication is failing. I have Geneva STS tracing on verbose, but it's not giving me any messages about why the certificate isn't being authenticated.
In a similar situation, this forum post by Dominick Baier suggests that the web service rejects the token, so tracing at the STS would not show any problem.
He suggests to check this web service's <microsoft.identityModel><service><securityTokenHandlers><securityTokenHandlerConfiguration><audienceUris> section in its web.config, and to switch on the Microsoft.IdentityModel trace source in that same file.
In my case, turning tracing on revealed one more exception that was thrown before
ID3242: The security token could not be authenticated or authorized
Use this to turn on tracing on the WCF side:
<system.diagnostics>
<sources>
<source name="Microsoft.IdentityModel" switchValue="Verbose">
<listeners>
<add name="xml" type="System.Diagnostics.XmlWriterTraceListener" initializeData="D:\Logs\rie\RIE_Trace.log" />
</listeners>
</source>
</sources>
<trace autoflush="true" />
Again, in my case, the trace files revealed the following exception:
ID1038: The AudienceRestrictionCondition was not valid because the specified Audience is not present in AudienceUris.
Audience: http://some.th.ing/
Turns out the audienceUri was not correct in the WCF Web.config.
Hope this helps
I've got an error while updating WCF service reference in Visual Studio 2010:
There was an error downloading 'https://192.16.0.76/MyService.svc'.
The request was aborted: Could not create SSL/TLS secure channel.
Metadata contains a reference that cannot be resolved: 'https://192.16.0.76/MyService.svc'.
The HTTP request was forbidden with client authentication scheme 'Anonymous'.
The remote server returned an error: (403) Forbidden.
Two weeks ago reference update worked fine and nothing was changed in web.config file. Now I can't update service reference and add new features to the Silverlight application. I've looked for answer on the Internet and most people advice to check certificates on the developer's pc. I haven't canged any certificates fon my pc and I also add ny certificate to the local machine store as well. Maybe I should change the default certicate for Visual Studio but I can't find how to do this.
Here is my web.config file :
<source name="System.ServiceModel"
switchValue="Error,Warning"
propagateActivity="true">
<listeners>
<add type="System.Diagnostics.DefaultTraceListener"
name="Default">
<filter type="" />
</add>
<add name="ServiceModelTraceListener">
<filter type="" />
</add>
</listeners>
</source>
<source name="System.ServiceModel.MessageLogging"
switchValue="Warning, Error">
<listeners>
<add type="System.Diagnostics.DefaultTraceListener" name="Default">
<filter type="" />
</add>
<add name="ServiceModelMessageLoggingListener">
<filter type="" />
</add>
</listeners>
</source>
</sources>
<sharedListeners>
<add initializeData="tracelog.svclog"
type="System.Diagnostics.XmlWriterTraceListener, System,
Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
name="ServiceModelTraceListener" traceOutputOptions="Timestamp">
<filter type="" />
</add>
<add initializeData="messages.svclog"
type="System.Diagnostics.XmlWriterTraceListener,
System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
name="ServiceModelMessageLoggingListener" traceOutputOptions="Timestamp">
<filter type="" />
</add>
</sharedListeners>
<trace autoflush="true" />
<pages controlRenderingCompatibilityVersion="3.5" clientIDMode="AutoID"/>
<httpRuntime executionTimeout="600" />
</behavior>
</serviceBehaviors>
</behaviors>
<bindings>
<customBinding>
<binding name="MyForm.Web.MyService.customBinding0"
receiveTimeout="00:10:00" sendTimeout="00:10:00"
openTimeout="00:10:00" closeTimeout="00:10:00">
<binaryMessageEncoding/>
<httpsTransport maxReceivedMessageSize="2147483647" />
</binding>
</customBinding>
<wsHttpBinding>
<binding name="CertificateWithTransport"
receiveTimeout="00:10:00" sendTimeout="00:10:00"
openTimeout="00:10:00" closeTimeout="00:10:00"
maxReceivedMessageSize="2147483647">
<security mode="Transport" >
<transport clientCredentialType="Certificate" />
</security>
<readerQuotas maxDepth="2640000"
maxStringContentLength="2000000000"
maxArrayLength="2000000000"
maxBytesPerRead="2000000000"
maxNameTableCharCount="2000000000" />
</binding>
</wsHttpBinding>
</bindings>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true"/>
<services>
<service behaviorConfiguration="ServiceBehavior" name="MyForm.Web.MyService">
<endpoint address="" binding="wsHttpBinding" bindingConfiguration="CertificateWithTransport"
contract="MyForm.Web.MyService" />
</service>
</services>
<diagnostics >
<messageLogging logMalformedMessages="true"
logMessagesAtServiceLevel="true"
logMessagesAtTransportLevel="true"
/>
</diagnostics>
Any help will be appreciated.
[Upd] It seems that it can be caused by problems with certificate on my pc. How can I choose the certificate that will be used for https connection to the web service ? I've found similar topics on the internet but there were no solutions for it.
Going through WCF – 2 Way SSL Security using Certificates , might help you.
I have WCF Service Library implemented in Fluent NHibernate and hosted under Windows Service.
Also, I have a WebSite to which Service reference is being added.
Now, when I am calling WCF Service methods from WebSite, I get the following error:
[FaultException`1: An invalid or incomplete configuration was used while creating a SessionFactory. Check PotentialReasons collection, and InnerException for more detail.
* Database was not configured through Database method.
]
System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg) +7596735
System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type) +275
TeamworksReportService.ITemplateService.ListTemplatesByTemplateType(Int32 userId, TemplateType templateType) +0
TeamworksReportService.TemplateServiceClient.ListTemplatesByTemplateType(Int32 userId, TemplateType templateType)
Any ideas?
App.Config in WCF Service:
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<!-- When deploying the service library project, the content of the config file must be added to the host's
app.config file. System.Configuration does not support config files for libraries. -->
<system.diagnostics>
<sources>
<source name="System.ServiceModel" switchValue="Warning, ActivityTracing"
propagateActivity="true">
<listeners>
<add type="System.Diagnostics.DefaultTraceListener" name="Default">
<filter type="" />
</add>
<add name="ServiceModelTraceListener">
<filter type="" />
</add>
</listeners>
</source>
</sources>
<sharedListeners>
<add initializeData="C:\WCF Service Logs\app_tracelog.svclog"
type="System.Diagnostics.XmlWriterTraceListener, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
name="ServiceModelTraceListener" traceOutputOptions="DateTime, Timestamp">
<filter type="" />
</add>
</sharedListeners>
</system.diagnostics>
<system.serviceModel>
<bindings>
<netTcpBinding>
<binding name="netTcp" maxBufferPoolSize="50000000" maxReceivedMessageSize="50000000">
<readerQuotas maxDepth="500" maxStringContentLength="50000000" maxArrayLength="50000000"
maxBytesPerRead="50000000" maxNameTableCharCount="50000000" />
<security mode="None"></security>
</binding>
</netTcpBinding>
</bindings>
<services>
<service behaviorConfiguration="ReportingComponentLibrary.TemplateServiceBehavior"
name="ReportingComponentLibrary.TemplateReportService">
<endpoint address="TemplateService" binding="netTcpBinding" bindingConfiguration="netTcp"
contract="ReportingComponentLibrary.ITemplateService"></endpoint>
<endpoint address="ReportService" binding="netTcpBinding" bindingConfiguration="netTcp"
contract="ReportingComponentLibrary.IReportService"/>
<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" ></endpoint>
<host>
<baseAddresses>
<add baseAddress="net.tcp://localhost:8001/TemplateReportService" />
<add baseAddress="http://localhost:8181/TemplateReportService" />
</baseAddresses>
</host>
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="ReportingComponentLibrary.TemplateServiceBehavior">
<serviceMetadata httpGetEnabled="True"/>
<serviceDebug includeExceptionDetailInFaults="True" />
</behavior>
</serviceBehaviors>
</behaviors>
</system.serviceModel>
</configuration>
Service Configuration file:
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<connectionStrings>
<add name="connection.connection_string" connectionString="Server=dev01\sql2005;Initial Catalog=TeamWorksReports;User Id=twr;Password=manager2;" />
</connectionStrings>
<system.diagnostics>
<sources>
<source name="System.ServiceModel" switchValue="Warning, ActivityTracing"
propagateActivity="true">
<listeners>
<add type="System.Diagnostics.DefaultTraceListener" name="Default">
<filter type="" />
</add>
<add name="ServiceModelTraceListener">
<filter type="" />
</add>
</listeners>
</source>
</sources>
<sharedListeners>
<add initializeData="C:\WCF Service Logs\app_tracelog.svclog"
type="System.Diagnostics.XmlWriterTraceListener, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
name="ServiceModelTraceListener" traceOutputOptions="DateTime, Timestamp">
<filter type="" />
</add>
</sharedListeners>
</system.diagnostics>
<system.serviceModel>
<bindings>
<netTcpBinding>
<binding name="netTcp" maxBufferPoolSize="50000000" maxReceivedMessageSize="50000000">
<readerQuotas maxDepth="500" maxStringContentLength="50000000" maxArrayLength="50000000"
maxBytesPerRead="50000000" maxNameTableCharCount="50000000" />
<security mode="None"></security>
</binding>
</netTcpBinding>
</bindings>
<behaviors>
<serviceBehaviors>
<behavior name="ReportingComponentLibrary.TemplateServiceBehavior">
<serviceMetadata httpGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
</behavior>
</serviceBehaviors>
</behaviors>
<services>
<service behaviorConfiguration="ReportingComponentLibrary.TemplateServiceBehavior"
name="ReportingComponentLibrary.TemplateReportService">
<endpoint address="TemplateService" binding="netTcpBinding" bindingConfiguration="netTcp"
contract="ReportingComponentLibrary.ITemplateService"></endpoint>
<endpoint address="ReportService" binding="netTcpBinding" bindingConfiguration="netTcp"
contract="ReportingComponentLibrary.IReportService"/>
<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" ></endpoint>
<host>
<baseAddresses>
<add baseAddress="net.tcp://localhost:8001/TemplateReportService" />
<add baseAddress ="http://localhost:8181/TemplateReportService" />
</baseAddresses>
</host>
</service>
</services>
</system.serviceModel>
</configuration>
Session Factory:
private static ISessionFactory SessionFactory
{
get
{
if (_sessionFactory == null)
{
var configuration = new Configuration();
configuration.Configure(#"E:\Source\ResourceTechniques.Applications.TemplateReportingService\ReportingService\bin\Debug\hibernate.cfg.xml");
_sessionFactory = Fluently.Configure(configuration)
.Mappings(m => m.FluentMappings.AddFromAssemblyOf<TemplateMap>())
.BuildSessionFactory();
}
return _sessionFactory;
}
}
hibernate.cfg.xml:
<?xml version="1.0" encoding="utf-8" ?>
<hibernate-configuration xmlns="urn:nhibernate-configuration-2.2">
<session-factory>
<property name="connection.provider">NHibernate.Connection.DriverConnectionProvider</property>
<property name="dialect">NHibernate.Dialect.MsSql2005Dialect</property>
<property name="connection.driver_class">NHibernate.Driver.SqlClientDriver</property>
<property name="connection.connection_string">Server=dev01\sql2005;Initial Catalog=TeamWorksReports;User Id=twr;Password=manager2;</property>
<property name="show_sql">true</property>
<property name="proxyfactory.factory_class">NHibernate.ByteCode.Castle.ProxyFactoryFactory, NHibernate.ByteCode.Castle</property>
</session-factory>
</hibernate-configuration>
It's nothing to do with WCF - it's an NHibernate problem. Looks like you may have attempted to configure the DB connection string in the Web.config file, rather than the App.config for the Windows service, which is where it needs to be?
If you're configuring using an NHibernate XML configuration file, is that deployed with the Windows service rather than the web application? Does the version you are trying to get running have access to the (hard-coded!) path to the XML file in your code? Does the account under which the service runs have permissions on the (hard-coded!) path?
Your best bet is to make sure that hibernate.cfg.xml is always alongside your binaries in the same folder, and remove the path parameter from the call to Configure.
Seems like ur using SQL Server to host ur session, and you have not configured sql server for session state in ur wcf service.
Following links may help:
Session-State Modes
http://msdn.microsoft.com/en-us/library/ms178586.aspx
HOW TO: Configure SQL Server to Store ASP.NET Session State
http://support.microsoft.com/kb/317604