I keep getting the above error when my client program tries to call my WCF service method. It is passing credentials via ClientCredential.UserName.
I am not able to figure out what's happening here and all the posts related to this kind of issue are not solving this problem.
Mine is a shared hosting Environment on Godaddy server where my WCF service is hosted.
Configuration is as follows:
<endpoint
name="wsBinding"
address=""
binding="wsHttpBinding"
contract="ServiceLib.IBooking"
bindingConfiguration="myWSSettings"/>
<bindings>
<wsHttpBinding>
<binding name="myWSSettings">
<security mode="Transport">
<message clientCredentialType="UserName" />
</security>
</binding>
</wsHttpBinding>
</bindings>
Would really appreciate any help.
Thanks
Sandeep
Related
I need to authenticate a WCF service using windows authentication. I have used the bellow configurations
End Points at server
<endpoint binding="basicHttpBinding" bindingConfiguration="Secured" contract="TestWCFSecurity.IService1" address="" />
<endpoint address="mex" binding="basicHttpBinding" contract="IMetadataExchange" bindingConfiguration="Secured" />
Binding Configurations
<bindings>
<basicHttpBinding>
<binding name="Secured">
<security mode="Transport">
<transport clientCredentialType="Windows" proxyCredentialType="Windows" />
</security>
</binding>
</basicHttpBinding>
</Bindings>
While I generate the proxy for the client side, I get the following endpoint
<client>
<endpoint address="https://FQNoftheSystem/TestWCF/Service1.svc"
binding="basicHttpBinding" bindingConfiguration="BasicHttpBinding_IService1"
contract="IService1" name="BasicHttpBinding_IService1" />
</client>
Issues
The client configuration is https, while at the server it is http
because of which the endpoints do not match. Using "Transport"
security would mean a https flow. why am I getting http endpoint at
the server?
I have used basichttpbinding with transport security. is this allowed?
using basichttpbinding with transport generates https for client and http at the server.
Any pointers would really help. Thanks
According to this basicHttpBinding supports transport security.
This seems more like a IIS configuration problem than WCF problem.
See here for information on how to setup SSL on IIS
Standard set up I think. I've followed: http://blogs.msdn.com/b/tomholl/archive/2008/07/12/msmq-wcf-and-iis-getting-them-to-play-nice-part-1.aspx mainly, but used other sources as needed.
So far here is what happens:
Client sends a message
I see the message in the Journal Messages for the appropriate queue
Service never seems to be called. I have a ton of logging that would output logs on service called and / or errors in the service method.
I have shut down the service and the message still ends up in the Journal Messages - not sure why that is.
Queue: bretrace/bretraceservice.svc (anonymous access, with full permissions granted)
Client Web.config
<netMsmqBinding>
<binding name="MsmqBreTrace" receiveErrorHandling="Move">
<security mode="None" />
</binding>
</netMsmqBinding>
<endpoint address="net.msmq://wcfserver/private/bretrace/bretraceservice.svc" binding="netMsmqBinding"
bindingConfiguration="MsmqBreTrace" name="MsmqBreTraceService"
contract="C.BusinessRuleController.Services.BoschProxy.Trace.IQueuingTraceContract"/>
Service Web.config
<bindings>
<netMsmqBinding>
<binding name="MsmqBreTraceReader" receiveErrorHandling="Move">
<security mode="None" />
</binding>
</netMsmqBinding>
</bindings>
<services>
<service name="C.BusinessRuleController.Services.QR.BreTraceService">
<endpoint address=""
binding="netMsmqBinding" bindingConfiguration="MsmqBreTraceReader"
contract="C.BusinessRuleController.Services.BoschProxy.Trace.IQueuingTraceContract" />
</service>
</services>
I have also activated system.diagnostics, and it seems to be calling the service, under activity I see:
"Process Action: 'http://tempuri.org/IQueuingTraceContract/LogTrace'." I'm not sure if the tempuri.org is a problem or not?
"Execute C.BusinessRuleController..." as another activity.
Couple of things solved this problem for me:
First, I had to set security mode='transactional' in the bindings
<netMsmqBinding>
<binding name="MsmqBreTrace" receiveErrorHandling="Move">
<security mode="Transactional" />
</binding>
</netMsmqBinding>
Second, I had to installed MSMQ Active Directory Integration - I didn't have to actually enable it, but it had to be installed even when it wasn't used. This was what threw me the most, I didn't want AD Integration, so I figured I didn't need it. Turns out I was wrong.
I'm a new member in this fantastic website and this is my first question here ..
I wish I can find the solution..
I'm building a website and I need to secure the communications between clients and the server.
I should Use WCF in the implementation.
My project's requirements :
use WCF
binding: ws2007HttpBinding
security: HTTPS
client: Sign
I should use HTTPS for securing the communications and I should make the client sign the message (it's important).
I install certificates in both server and Client But I don't knoe how to make the clients sign the message.
I can't use message security in the wcf because I need HTTPS. Anyone can help me to know what is the TransportWithMessageCredential do for signing and how to implement such a thing??
Here is part of the app.config of the server:
<bindings>
<ws2007HttpBinding>
<binding name="ServiceWS2007HttpBindingConfg">
<security mode="TransportWithMessageCredential">
<transport clientCredentialType="None" />
<message clientCredentialType="Certificate" negotiateServiceCredential="false" />
</security>
</binding>
</ws2007HttpBinding>
</bindings>
<services>
<service name="Service">
<endpoint address="https://MAHER-PC/EBPP/Service.svc" binding="ws2007HttpBinding"
bindingConfiguration="ServiceWS2007HttpBindingConfg" contract="IService" />
</service>
</services>
thanks....
Depends on what you're planning to sign.
A good place to start would be to have a look at setting the ProtectionLevel for your service in the service contract.
Information:
http://msdn.microsoft.com/en-gb/library/aa347692.aspx
How to:
http://msdn.microsoft.com/en-gb/library/aa347791.aspx
I work together with a different developer on a WCF service
if the service client reference is generated by the other developer, after I update from SVN and I try to run, the application accessing the service fails with exception:
The caller was not authenticated by the service.
InnerException Message:
The request for security token could not be satisfied because authentication failed.
I noticed, when the client reference is generated on other pc, in client's app.config I have
<endpoint address="http://MyService.svc/ws"
binding="wsHttpBinding" bindingConfiguration="WSHttpBinding_ISqlService"
contract="OneTestModel.ISqlService" name="WSHttpBinding_ISqlService">
<identity>
<servicePrincipalName value="host/alabala" />
</identity>
</endpoint>
If I generate/update the client on my pc, I get
<identity>
<servicePrincipalName value="host/my-pc-name" />
</identity>
and I can access the service
Service uses wsHttpBinding, and in it's web.config I have
<bindings>
<wsHttpBinding>
<binding name="ConfigBinding">
<security mode="Message">
<transport clientCredentialType="Windows" proxyCredentialType="None" realm="" />
<message clientCredentialType="Windows" negotiateServiceCredential="true" algorithmSuite="Default" establishSecurityContext="false" />
</security>
</binding>
</wsHttpBinding>
</bindings>
The service is supposed to run anonymously.
What change should I do in service config to ignore client side's <identity>?
Thanks
I have a need to secure my WCF service using SSL. The problem I'm running into is that this is a WCF Workflow service, and I can't seem to override the default bindings that it sets up behind the scenes.
There must be something that I'm missing in the configuration file, as whatever I do, the binding always comes back as: BasicHttpBinding_IService at address : http://myurl.com/biz/MyService.xamlx
It should be: https://myurl.com/biz/MyService.xamlx.
These are the bindings and endpoint sections:
<bindings>
<basicHttpBinding>
<binding name="basicBinding">
<security mode="Transport">
<transport clientCredentialType="None" />
</security>
</binding>
</basicHttpBinding>
</bindings>
<services>
<service name="MyNamespace.MyService">
<endpoint address="https://myurl.com/biz/MyService.xamlx"
binding="basicHttpBinding"
bindingConfiguration="basicBinding"
contract="IService" />
</service>
</services>
Thanks for any help!
A few things to try:
change the binding to wsHttpBinding and that will force SSL.
change clientCredentialType to Certificate.
use this example and set the httpsGetEnabled to true:
http://blog.adnanmasood.com/2008/07/16/https-with-basichttpbinding-note-to-self/