I've created a custom WCF service within Umbraco. The service resides in the Service folder and seems to be working fine (I can call it and it responds appropriately). Now I want the users to authenticate themselves when they call the service.
To do this I've added these lines into the web.config:
<system.serviceModel>
<serviceHostingEnvironment multipleSiteBindingsEnabled="true" aspNetCompatibilityEnabled="true" />
<bindings>
<webHttpBinding>
<binding name="RaceManBinding">
<security mode="None" />
</binding>
</webHttpBinding>
</bindings>
<services>
<service name="RaceManagerAdmin.RaceManDataService" behaviorConfiguration="RaceManBehavior">
<endpoint address=""
binding="webHttpBinding"
contract="System.Data.Services.IRequestHandler" />
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="RaceManBehavior">
<serviceCredentials>
<userNameAuthentication userNamePasswordValidationMode="MembershipProvider"
membershipProviderName="UmbracoMembershipProvider" />
</serviceCredentials>
</behavior>
</serviceBehaviors>
</behaviors>
</system.serviceModel>
When my service is called it should use the Umbraco membership provider to authenticate the users.
My client specificies this by creating a network credential object, like this:
var a = new RaceEntities(new Uri("http://localhost:40406/umbraco/Webservices/RaceManDataService.svc")) { Credentials = new NetworkCredential("admin", "secret") };
When I inspect the HTTPContext.Current I don't see any authenticated users.
What am I doing wrong?
Frederik
You'll need to enable ASP.Net Compatibility in order to access the identity via the HttpContext:
<system.serviceModel>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true"/>
</system.serviceModel>
The answer to this question mentions an alternate method: How to access HttpContext.Current.User.Username in WCF service
Related
I am unable to consume the wcf restful service hosted in IIS.i.e at http://192.168.100.87:7001/ProductRESTService.svc/.
I have created a client application and added the service reference and created the proxy for service and accesing the using prxoy.
The error is:
Could not find default endpoint element that references contract 'ServiceReference2.IProductRESTService' in the ServiceModel client configuration section. This might be because no configuration file was found for your application, or because no endpoint element matching this contract could be found in the client element.
My web.config file of service is following.
<system.serviceModel>
<services>
<service name="MyRESTService.ProductRESTService" behaviorConfiguration="serviceBehavior">
<endpoint address=""
binding="webHttpBinding"
contract="MyRESTService.IProductRESTService"
behaviorConfiguration="web"></endpoint>
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="serviceBehavior">
<serviceMetadata httpGetEnabled="true"/>
<serviceDebug includeExceptionDetailInFaults="false"/>
</behavior>
</serviceBehaviors>
<endpointBehaviors>
<behavior name="web">
<webHttp/>
</behavior>
</endpointBehaviors>
</behaviors>
<protocolMapping>
<add binding="basicHttpsBinding" scheme="https" />
</protocolMapping>
<serviceHostingEnvironment multipleSiteBindingsEnabled="true" />
</system.serviceModel>
hi, please check my client configuration file.
<configuration>
<system.web>
<compilation debug="true" targetFramework="4.5" />
<httpRuntime targetFramework="4.5" />
</system.web>
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="BasicHttpBinding_ICreate_Restful_WCF_Service"/>
</basicHttpBinding>
</bindings>
<client>
<endpoint address="http://192.168.1.xxx:2777/ProductRESTService.svc" binding="basicHttpBinding" bindingConfiguration="BasicHttpBinding_ICreate_Restful_WCF_Service" contract="ServiceReference1.IProductRESTService" name="BasicHttpBinding_ICreate_Restful_WCF_Service"/>
</client>
</system.serviceModel>
</configuration>
Why do you use client applicatin for rest service? For rest service, we could call it directly by httpWebRequest. Add Service Reference uses WSDL or ws-metadataExchange, and rest does not have metadata. If you use add service reference, it will not generate any app.config settings, and it will produce this error. If you want to try add service reference to use wcf service, you need to use soap service instead of rest service.
I currently have a Http Rest WCF4 service, defined by the ServiceContract IEventService which is exposed only over HTTP.
I have been tasked with making some of the OperationContracts to work only over HTTPS So I have split those methods into a seperate ServiceContract called IEventServiceHTTPS
Hosting this on my dev box using IIS7.5 with a self-signed certificate, the methods which are part of the IEventServiceHTTPS are called fine over HTTPS and not over HTTP, as expected.
However the HTTP methods exposed by IEventService now do not work.
I get the following when trying to access the HTTP methods:
HTTP Error 403.4 - Forbidden
The page you are trying to access is secured with Secure Sockets Layer (SSL).
web.config with my changes:
<system.serviceModel>
<serviceHostingEnvironment multipleSiteBindingsEnabled="true" aspNetCompatibilityEnabled="true">
<serviceActivations>
<add service="Api.EventService" relativeAddress="EventService.svc" factory="Api.UnityServiceHostFactory"/>
</serviceActivations>
</serviceHostingEnvironment>
<behaviors>
<serviceBehaviors>
<behavior name="Api.EventServiceBehavior">
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true"/>
<serviceDebug includeExceptionDetailInFaults="true"/>
</behavior>
</serviceBehaviors>
<endpointBehaviors>
<behavior name="WebBehavior">
<webHttp/>
</behavior>
</endpointBehaviors>
</behaviors>
<services>
<service behaviorConfiguration="Api.EventServiceBehavior" name="Api.EventService">
<endpoint address="" binding="webHttpBinding" behaviorConfiguration="WebBehavior" bindingConfiguration="webBindingHTTP" contract="Api.IEventService"/>
**<endpoint address="" binding="webHttpBinding" behaviorConfiguration="WebBehavior" bindingConfiguration="webBindingHTTPS" contract="Api.IEventServiceHTTPS"/>**
</service>
</services>
<bindings>
<webHttpBinding>
<binding name="webBindingHTTP">
<security mode="None"></security>
</binding>
**<binding name="webBindingHTTPS">
<security mode="Transport">
</security>
</binding>**
</webHttpBinding>
</bindings>
</system.serviceModel>
Any help would be greatly appreciated, thanks.
I believe this error is originating because of IIS vdir [SSL settings]-> Require SSL -> true. If you want both http and https endpoints accessible in the same service then uncheck this setting as this will prevent you from doing unsecure http in the vdir.
I'm having problems finding how to setup my web.config to use the same settings as using the WebServiceHostFactory on my RESTful WCF service. Does anyone know what the equivalent web.config would look like instead of using that factory, or how I can find it (assume I should be able to attach and find the endpoint objects etc?).
I need to change a couple of small things that the factory is using, and set the authentication to none, so it will play nicely with IIS (currently getting IIS specified authentication schemes 'IntegratedWindowsAuthentication, Anonymous' - and I cant change the IIS settings).
You should be able to add a reference to your service in the Web.config under the system.serviceModel section.
By specifying the full name of the service implementation as the name, of the service element you can then configure it to use specific end points and behaviours.
Hope this helps.
I have used a similar config to below for controlling my WCF Rest Services.
<system.serviceModel>
<serviceHostingEnvironment multipleSiteBindingsEnabled="true" aspNetCompatibilityEnabled="true" />
<protocolMapping>
<add scheme="http" binding="httpBehavior"/>
</protocolMapping>
<bindings>
<webHttpBinding>
<binding name="serviceBinding">
<security mode="Transport" />
</binding>
</webHttpBinding>
</bindings>
<behaviors>
<endpointBehaviors>
<behavior name="httpBehavior">
<webHttp/>
</behavior>
</endpointBehaviors>
</behaviors>
<services>
<service name="{fullname of your service}">
<endpoint address="" behaviorConfiguration="httpCommerceBehavior" binding="webHttpBinding" bindingConfiguration="serviceBinding" contract="{Service Contract full name}>
</endpoint>
</service>
</services>
</system.serviceModel>
I have a WCF Service programmed in VB.NET that is exhibiting strange behavior. The web.config has the following xml:
<system.serviceModel>
<services>
<service behaviorConfiguration="CentricBasicHttpBehavior" name="OnbaseService">
<endpoint binding="basicHttpBinding" bindingConfiguration="CentRicBasicHttpServerBinding" contract="IOnbaseService">
<identity>
<servicePrincipalName value="HTTP/JFOLKENDT7E" />
</identity>
</endpoint>
<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" />
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="CentricBasicHttpBehavior">
<serviceAuthorization impersonateCallerForAllOperations="true" />
<serviceMetadata httpGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
<dataContractSerializer maxItemsInObjectGraph="2147483646" />
<serviceThrottling maxConcurrentCalls="100" maxConcurrentSessions="100" maxConcurrentInstances="100" />
</behavior>
<behavior name="">
<serviceMetadata httpGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
</behavior>
</serviceBehaviors>
</behaviors>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" />
<bindings>
<basicHttpBinding>
<binding name="CentRicBasicHttpServerBinding" maxReceivedMessageSize="5000000">
<security mode="TransportCredentialOnly">
<transport clientCredentialType="Windows" />
</security>
</binding>
</basicHttpBinding>
</bindings>
</system.serviceModel>
When I configure the service in wcf test client, both the Binding Mode and TransportClientCredentialType are coming across as "None". I expected for them to be "TransportCredentialOnly" and "Windows" respectively.
Can someone please share with me how WCF Test Client infers the binding configuration, and how I should go about correcting this issue? The end result is that within the source code of the service, the WindowsIdentity isn't impersonating the user like I expected.
Thanks,
Jason
I work with Jason and we looked at this together. The service configuration needed the name and contact properties to match the fully qualified service class name and fully qualified contact interface name. Otherwise, we were getting the fun new .Net 4.0 defualt bindings for a default service.
In my own experience with WCF, I had modified session Timeouts and connection Timeout settings in the config file but WCF Test Client was not respecting those settings. Seems like WCF Test client just takes up the default values for communicating with WCF services. Hence I test my WCF services using my own custom WCF Test Clients by generating app.config and proxy. cs through svcutil.exe .
Scenario:
Two websites (example.com, admin.example.com) that share the same wwwroot folder.
example.com allows only anonymous access
admin.example.com allows only windows authentication.
/Service/Awesome.svc returns a json object
Accessing the Awesome service using example.com works, while admin.example.com throws a NotSupportedException; "Security settings for this service require 'Anonymous' Authentication but it is not enabled for the IIS application that hosts this service."
<system.serviceModel>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true"
multipleSiteBindingsEnabled="true" />
<behaviors>
<serviceBehaviors>
<behavior name="serviceBehavior">
<serviceMetadata httpGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
</behavior>
</serviceBehaviors>
<endpointBehaviors>
<behavior name="jsonBehavior">
<enableWebScript />
</behavior>
</endpointBehaviors>
</behaviors>
<services>
<service name="WcfServices.AwesomeService"
behaviorConfiguration="serviceBehavior">
<endpoint address="" binding="webHttpBinding"
contract="WcfServices.IAwesomeService"
behaviorConfiguration="jsonBehavior" />
</service>
</services>
</system.serviceModel>
How do I configure WCF to ignore the authentication requirement? I want the same behavior as if this were a web service or handler, just execute and return the awesome json object.
I think you're out of luck here. Give AWesome.svc anonymous access, and give anon access a user account that has no access to sensitive resources.
It sounds like you have two copies of the service, one under the website example.com and the other under admin.example.com. If admin.example.com needs IIS integrated (challenge/response) authentication then you're WCF service binding needs to be in Transport mode because IIS requires all admin.example.com resources to be Windows authentication. Try this configuration:
<bindings>
<basicHttpBinding>
<binding name="Binding1">
<security mode="TransportCredentialOnly">
<transport clientCredentialType="Windows" />
</security>
</binding>
</basicHttpBinding>
</bindings>
If this doesn't work for you, you may want to try hosting the services in their own virtual directy so they are not at the mercy of what the website needs for security.
Good Luck.