WP supports only basicHttpBinding. My app sends sensitive data through WCF and store them in DB. Data are sent as plain text and this is inacceptable. I found some solutions but it isn't working. I've set securityMode to Transport but I've got exception. Here is my web.config file:
<system.serviceModel>
<behaviors>
<serviceBehaviors>
<behavior name="serviceBehavior">
<serviceMetadata httpGetEnabled="true" />
<serviceDebug httpHelpPageEnabled="true" includeExceptionDetailInFaults="true" />
</behavior>
</serviceBehaviors>
</behaviors>
<bindings>
<basicHttpBinding>
<binding name="baseBinding" >
<security mode="Transport" />
</binding>
</basicHttpBinding>
</bindings>
<services>
<service behaviorConfiguration="serviceBehavior" name="TestWCF.WcfNotificationService.WcfNotificationService">
<endpoint address="base" binding="basicHttpBinding" bindingConfiguration="baseBinding"
contract="TestWCF.WcfNotificationService.IWcfNotificationService" />
<host>
<timeouts openTimeout="00:05:00" />
</host>
</service>
</services>
when I update service reference in client I get error:
Could not find a base address that matches scheme https for the endpoint with binding BasicHttpBinding. Registered base address schemes are [http].
Could you help me, what I have to do?
Thanks
Related
I keep getting a 404 error for my WCF service over SSL. Without SSL it works fine. I can access the service directly in the browser and set a web reference to it fine. In Fiddler it gives an "There was no channel actively listening at end point" error and here is the web.config:
<system.serviceModel>
<behaviors>
<serviceBehaviors>
<behavior name="ServiceBehavior">
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true"/>
<serviceDebug includeExceptionDetailInFaults="false"/>
</behavior>
</serviceBehaviors>
<endpointBehaviors>
<behavior name="Inventory.Product.ProductDataAspNetAjaxBehavior">
<enableWebScript />
</behavior>
</endpointBehaviors>
</behaviors>
<bindings>
<webHttpBinding>
<binding name="secureHttpBinding">
<security mode="Transport">
<transport clientCredentialType="None"/>
</security>
</binding>
</webHttpBinding>
</bindings>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" />
<services>
<service name="Inventory.Product.ProductData"
behaviorConfiguration="ServiceBehavior">
<endpoint address="" binding="webHttpBinding"
behaviorConfiguration="Inventory.Product.ProductDataAspNetAjaxBehavior"
contract="Inventory.Product.ProductData" />
<endpoint contract="IMetadataExchange" binding="mexHttpBinding"
address="mex" />
</service>
</services>
</system.serviceModel>
Ok, I found the answer at WCF over SSL - 404 error. I had forgot to set the binding configuration - when I did that, it worked.
I ran my WCF service on the server without SSL enabled and now I moved it to one with SSL enabled and I am getting the following error:
Could not find a base address that matches scheme http for the endpoint with binding BasicHttpBinding. Registered base address schemes are [https].
Below are my settings:
<bindings>
<basicHttpBinding>
<binding name="basicHTTP">
<security mode="TransportCredentialOnly">
<transport clientCredentialType="Windows">
</transport>
</security>
</binding>
</basicHttpBinding>
</bindings>
<services>
<service behaviorConfiguration="basicBehavior" name="ProjectName.MyService">
<endpoint address="" binding="basicHttpBinding" bindingConfiguration="basicHTTP" contract="ProjectName.IMyService"/>
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="basicBehavior">
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true"/>
<serviceDebug includeExceptionDetailInFaults="true"/>
</behavior>
</serviceBehaviors>
</behaviors>
How can I fix this error?
You need to define a binding for basicHttps. This is a very simple settings that works for SSL:
<system.serviceModel>
<bindings>
<basicHttpsBinding>
<binding name="BasicHttpBinding_IMyService" />
</basicHttpsBinding>
</bindings>
<client>
<endpoint
name="BasicHttpBinding_IMyService"
address="https://MyURL/MyService.svc/soap/"
binding="basicHttpsBinding"
bindingConfiguration="BasicHttpBinding_IMyService"
contract="ClientServiceReference.IMyService" />
</client>
</system.serviceModel>
Note: The endpoint needs to be defined and its URL is https.
Also, make sure that in production environment, you are not sending the exception details back to the caller (that would be considered a security hole in your system because exceptions can reveal too much information to hackers). You must change this line:
<serviceDebug includeExceptionDetailInFaults="false"/>
Fixed the issue by specifying security mode as Transport and using webHttpBinding
Can someone please tell me what I'm doing wrong below? I have been fighting with this for hours and believe that I have it right, but I have to be missing something. Basically for every service I have I would like to have to addresses. These services are to be hosted in IIS. I have been testing with IIS Express. My expectation is that I would access the services at /AuthService.svc/soap and /AuthService.svc/json, but that doesn't seem to be working. Below is the config I'm using.
<system.serviceModel>
<serviceHostingEnvironment multipleSiteBindingsEnabled="true" aspNetCompatibilityEnabled="true" />
<behaviors>
<serviceBehaviors>
<behavior name="DefaultServiceBehavior">
<serviceMetadata httpGetEnabled="true" />
</behavior>
<behavior name="">
<serviceMetadata httpGetEnabled="true" />
</behavior>
</serviceBehaviors>
<endpointBehaviors>
<behavior name="jsonBehavior">
<webHttp />
</behavior>
</endpointBehaviors>
</behaviors>
<bindings>
<basicHttpBinding>
<binding name="SecureBinding" allowCookies="true" maxReceivedMessageSize="67108864">
<readerQuotas maxArrayLength="67108864"/>
<security mode="Transport"/>
</binding>
</basicHttpBinding>
<webHttpBinding>
<binding name="SecureBinding" allowCookies="true" maxReceivedMessageSize="67108864">
<readerQuotas maxArrayLength="67108864"/>
<security mode="Transport"/>
</binding>
</webHttpBinding>
</bindings>
<services>
<service name="AuthService" behaviorConfiguration="DefaultServiceBehavior">
<endpoint address="soap"
binding="basicHttpBinding"
bindingConfiguration="SecureBinding"
contract="FormsAuthenticatingServices.Interfaces.IAuthService" />
<endpoint address="json"
binding="webHttpBinding"
bindingConfiguration="SecureBinding"
behaviorConfiguration="jsonBehavior"
contract="FormsAuthenticatingServices.Interfaces.IAuthService" />
</service>
<service name="DataService" behaviorConfiguration="DefaultServiceBehavior">
<endpoint address="soap"
binding="basicHttpBinding"
bindingConfiguration="SecureBinding"
contract="FormsAuthenticatingServices.Interfaces.IDataService" />
<endpoint address="json"
binding="webHttpBinding"
bindingConfiguration="SecureBinding"
behaviorConfiguration="jsonBehavior"
contract="FormsAuthenticatingServices.Interfaces.IDataService" />
</service>
</services>
</system.serviceModel>
You should get the SOAP based metadata at /authservice.svc?wsdl and the REST based operations starting from the URI /authservice.svc/json
You will not see anything in a browser by hitting /authservice.svc/soap as SOAP assumes XML messages will be POSTed to the service whereas the browser is performing a GET. To use the SOAP service create a client project and generate a proxy using Add Service Reference pointing at the WSDL
In addition to Richard's answer, make sure the name attribute on the <service> element is the fully qualified name of the service class.
I'm tackling with an issue but couldn't sort out it.
I have one service which is worked inside asp.net 4.0 app.
The site is available both over http and https.
Issue is that the service with below provided config snipped can work either over http or over https.
What is wrong in my config?
<system.serviceModel>
<bindings>
<webHttpBinding>
<binding name="webHttpsBinding">
<security mode="Transport">
<transport clientCredentialType="None"/>
</security>
</binding>
</webHttpBinding>
</bindings>
<behaviors>
<endpointBehaviors>
<behavior name="HMS.DataServices.PaymentsServiceBehavior">
<enableWebScript />
</behavior>
</endpointBehaviors>
<serviceBehaviors>
<behavior name="HMS.DataServices.PaymentsServiceBehavior">
<serviceMetadata httpGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="false" />
</behavior>
</serviceBehaviors>
</behaviors>
<services>
<service name="HMS.DataServices.PaymentsService">
<!--HTTP-->
<endpoint address="" binding="webHttpBinding" contract="HMS.DataServices.IPaymentsService"
behaviorConfiguration="HMS.DataServices.PaymentsServiceBehavior" />
<!--HTTPS-->
<endpoint address="" binding="webHttpBinding" bindingConfiguration="webHttpsBinding"
contract="HMS.DataServices.IPaymentsService" behaviorConfiguration="HMS.DataServices.PaymentsServiceBehavior" />
</service>
</services>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" />
</system.serviceModel>
this config works over https but not nttp
In the windows log I see next error
The exception message is: Could not find a base address that matches scheme https for the endpoint with binding WebHttpBinding. Registered base address schemes are [http]..
Thanks in advance!
I have created a RESTful Service and implemented the Authentication. It accepts username and password and then grants access to the service requested. It Works fine. Now I want to use SSL on top of my Service. For this I Created Certificate, Then In IIS I gave the required settings. But my service is not working. I am using webHttpBinding.
my Web.Config on service side is :
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" />
<services>
<service behaviorConfiguration="ServiceBehavior" name="TestAPI">
<host>
<baseAddresses>
<add baseAddress="https://localhost/AuthWithSSLTest/API/TestAPI.svc" />
</baseAddresses>
</host>
<endpoint address="" behaviorConfiguration="RESTFriendly" bindingConfiguration="MywebHttpBinding" binding="webHttpBinding" contract="ITestAPI" >
</endpoint>
<endpoint address="mex" binding="mexHttpsBinding" contract="IMetadataExchange" />
</service>
</services>
<client /><bindings>
<webHttpBinding>
<binding name="MywebHttpBinding">
<security mode="Transport" >
<transport clientCredentialType="Certificate"/>
</security>
</binding>
</webHttpBinding>
</bindings>
<behaviors>
<endpointBehaviors>
<behavior name="RESTFriendly">
<webHttp />
</behavior>
</endpointBehaviors>
<serviceBehaviors>
<behavior name="ServiceBehavior">
<serviceMetadata httpGetEnabled="false" httpsGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
<serviceCredentials>
<clientCertificate>
<authentication revocationMode="NoCheck" />
</clientCertificate>
<serviceCertificate findValue="CN=tempCertClient" />
</serviceCredentials>
</behavior>
</serviceBehaviors>
</behaviors>
And In my client side app.config I have
<system.serviceModel>
<behaviors>
<endpointBehaviors>
<behavior name="NewBehavior">
<clientCredentials>
<clientCertificate findValue="CN=tempCertClient" storeLocation="LocalMachine" />
<serviceCertificate>
<authentication certificateValidationMode="PeerTrust" revocationMode="NoCheck" />
</serviceCertificate>
</clientCredentials>
</behavior>
</endpointBehaviors>
</behaviors>
<bindings>
<customBinding>
<binding name="WebHttpBinding_ITestAPI">
<httpTransport/>
</binding>
</customBinding>
</bindings>
<client>
<endpoint address="https://localhost/AuthWithSSLTest/API/API.svc/TestMethod"
behaviorConfiguration="NewBehavior" binding="customBinding"
bindingConfiguration="WebHttpBinding_ITestAPI"
contract="TestAPI.ITestAPI" name="WebHttpBinding_ITestAPI" />
</client>
</system.serviceModel>
When I try to Run Client, it says Provided URI scheme Https is invalid, http required.
Also when I try to invoke the Web Service from VS2008, it says "Could not find a base address that matches scheme https for the endpoint with binding WebHttpBinding. Registered base address schemes are [http]."
if I try to run the web service from IIS, it says "Could not find a base address that matches scheme http for the endpoint with binding WebHttpBinding. Registered base address schemes are [https]."
I have tried googling and tried all the suggested things, but no awail. Please Help.
Thanks in Advance,
Tara Singh
In your client configuration, try changing:
<httpTransport/>
to:
<httpsTransport/>