I am unable to create a web application from central administration
Need to get FBA site working
If I try to run SecurityTokenServiceApplication/securitytoken.svc following error is displayed.
An ExceptionDetail, likely created by IncludeExceptionDetailInFaults=true, whose value is:
System.InvalidOperationException: An exception was thrown in a call to a policy export extension.
Extension: System.ServiceModel.Channels.TransportSecurityBindingElement
Error: Security policy export failed. The binding contains a TransportSecurityBindingElement but no transport binding element that implements ITransportTokenAssertionProvider. Policy export for such a binding is not supported. Make sure the transport binding element in the binding implements the ITransportTokenAssertionProvider interface. ---->
System.InvalidOperationException: Security policy export failed. The binding contains a TransportSecurityBindingElement but no transport binding element that implements ITransportTokenAssertionProvider. Policy export for such a binding is not supported. Make sure the transport binding element in the binding implements the ITransportTokenAssertionProvider interface.
at System.ServiceModel.Channels.TransportSecurityBindingElement.System.ServiceModel.Description.IPolicyExportExtension.ExportPolicy(MetadataExporter exporter, PolicyConversionContext policyContext)
at
System.ServiceModel.Description.MetadataExporter.ExportPolicy(ServiceEndpoint endpoint)
In event viewer below error is reported.
Event Id : 2303
Source: IIS-W3SVC-WP
There was an error during processing of the managed application service auto-start for application pool: 'SecurityTokenServiceApplicationPool'. Some application services may not have been processed correctly. Please check the configuration for application service auto-start for the application(s) assigned to this application pool. The data field contains the error code.
Already tried
.NET framework 3.5 SP1 installed
Disabling Forms authentication in SecurityTokenServiceApplication
Ensuring the SecurityTokenServiceApplication is provisioned.
Any other solutions please.
I tried changing web.config for security token service to use IssuedToken security. With this change now I am able to see the service metadata. But below error is reported in the event viewer
Event Id: 8306
An exception occurred when trying to issue security token: An unsecured or incorrectly secured fault was received from the other party. See the inner FaultException for the fault code and detail..
Related
I have a console app that is hosting the service by WCF's ServiceHost object, but from the client cannot add the service reference and I am getting the following error:
The URI prefix is not recognized.
Metadata contains a reference that cannot be resolved:
'net.tcp://localhost:8001/Alu'.
There was no endpoint listening at net.tcp://localhost:8001/Alu
that could accept the message. This is often caused by an incorrect address
or SOAP action. See InnerException, if present, for more details.
If the service is defined in the current solution, try building the solution
and adding the service reference again.
I have also activate the WCF Non-Http stuffs in the control panel. Where should be looked into the address this issue?
Am trying to invoke a CMIS repository webservice URL from a WCF service. I need to ensure that I have WCF binding (basicHttp) on invoking that webservice (to mutually exchange certificates between client and Data power). Hence i used the below code:
DotCMIS - Code Snippet:
Parameters[SessionParametet.WebServicesWCFBinding] = "myWCFServiceBindingName";
Note: "myWCFServiceBindingName" is the name of basicHttpBinding defined in the web.config related to the WCF service.
There is no error when the above code is executed but it throws the below error message when instantiating a session to perform operations on the repository.
Error Message:
No elements matching the key 'myWCFServiceBindingName' were found in the configuration element collection.
Could someone share your thoughts on this issue ?
I am trying to implement the same functionalities of one WCF web service (which is working of course) to another WCF web service, but I encounter an exception: {"An unsecured or incorrectly secured fault was received from the other party. See the inner FaultException for the fault code and detail."}
and {"The message could not be processed because the action 'http://tempuri.org/IBlueWebService/GetDataSourceList' is invalid or unrecognized."}
I copied exactly same codes and same configuration and I use my client tool to call the new web service (I only changed the web service url to the new one), but it throws the exception.
Some forums told me to set the establishSecurityContext but it doesn't work also.
Please can somebody tell me what I am missing?
Solution
I tried to compare the wsdl files and I remarked that the new wcf web service had different action url from the old one, but I tried to use the same config file in client application (which is obviously looking for old wcf web service action url).
So in every operationcontract of new web service, I specified the action url and replyaction url for every operation and it works for me now.
I'm trying to set up security on a WCF web service, using the ProtectionLevel attribute:
[ServiceContract(ProtectionLevel= ProtectionLevel.EncryptAndSign)]
This compiles, but Visual Studio throws exceptions when I try to update the service reference in another project (same solution).
System.InvalidOperationException: The
request message must be protected.
This is required by an operation of
the contract
('IStorageService','tempuri.org/';).
The protection must be provided by the
binding
('WSHttpBinding','tempuri.org/';).
What else do I need to set up to get this to work?
Your ServiceContract attribute is specifying that the service requires a secure channel for all operations, with both message signing (the message contains a digital signature which can prove that it hasn't been tampered with) and message encryption (the bytes of the message are encrypted when transmitted over the network).
Your client code (i.e. in the project which calls the service) must satisfy these requirements. If this project is using BasicHttpBinding with default settings, then the requirements of the service will not be satisfied (security is disabled by default for the BasicHttpBinding). If you configure the client project to use WsHttpBinding instead, with its default settings, the exception should go away (this binding has EncryptAndSign enabled by default).
The ProtectionLevel is a way for the developer to set the minimum level that a binding must comply with. When a service is deployed, the actual binding specified in configuration may or may not support the minimum level. For example, by default, the BasicHttpBinding class does not supply security (although it can be enabled). Therefore, using it with a contract that has any setting other than None will cause an exception to be thrown. see here
UPDATE 3:
I created a Visual Studio 2008 test project and tried to create a service reference to shared site WCF service reference and received the following error:
There was an error downloading
'http://apps.mydomain/MyService.svc'.
The request failed with HTTP status
400: Bad Request. Metadata contains a
reference that cannot be resolved:
'http://apps.mydomain/MyService.svc'.
Content Type application/soap+xml;
charset=utf-8 was not supported by
service
http://apps.mydomain/MyService.svc'.
The client and service bindings may be
mismatched. The remote server returned
an error: (415) Cannot process the
message because the content type
'application/soap+xml; charset=utf-8'
was not the expected type 'text/xml;
charset=utf-8'.. If the service is
defined in the current solution, try
building the solution and adding the
service reference again.
UPDATE 2:
#Nick - I tried your suggestion of explictly setting the address of each endpoint with the fully qualified path of each server and I still get the same result.
Also, when I try to set the listenUri attribute with the shared site URL, I get a 400 bad request error instead of a 404 error.
UPDATE
After some additional research, there were some IIS configuration setting conflicts between http://apps1.mydomain and http://apps2.mydomain and was able to get past the "Server Application Unavailable" error.
Now I am getting a 404 error when I tried to browse to the shared site (http://apps.mydomain), but I am able to browse to the http://apps1.mydomain and http://apps2.mydomain service reference.
Original Problem
My companys uses Microsoft NLB to load balance traffic between our IIS servers. I recently deployed a WCF service on to each IIS 6 Windows Server 2003 Standard Edition SP1 servers. I received the following error when I tried to browse to the shared domain name using IE 7:
Server Application Unavailable The
web application you are attempting to
access on this web server is currently
unavailable. Please hit the "Refresh"
button in your web browser to retry
your request.
Administrator Note: An error message
detailing the cause of this specific
request failure can be found in the
application event log of the web
server. Please review this log entry
to discover what caused this error to
occur.
The consumer will point to the http://apps.mydomain to use the service but virtual domain is mapped to http://apps1.mydomain or http://apps2.mydomain. If I browse to the service on each server, I do not receive that error.
The service is currently using a anonymous basicHttpBinding.
Has anyone else experienced this issue?
History
Before this error started occurring, I received the following error when I broswed to all three domain name (http://apps.mydomain, http://apps1.mydomain, http://apps2.mydomain):
This collection already contains an
address with scheme http. There can
be at most one address per scheme in
this collection.
I used the ServiceHostFactory class to customize my .svc file to specify a custom service factory. Then I create our custom factory by inheriting from ServiceHostFactory and overriding as required.
public class MyFactory : ServiceHostFactory
{
protected override ServiceHost CreateServiceHost(Type serviceType, Uri[] baseAddresses)
{
return new ServiceHost(serviceType, baseAddresses[0]);
}
}
<%# ServiceHost Language="C#" Factory="MyFactory" Debug="true" Service="MyService" CodeBehind="~/App_Code/MyService.cs" %>
After some experimenting with different configurations for my WCF service and consuming application. I created a service reference to one of the working service references (http://apps1.mydomain or http://apps2.mydomain) in the consuming application. Then I changed the endpoint reference in the client configuration to point to the shared site WCF address (http://apps.mydomain) and I was able to consume and use the service.
I've had an issue before with WCF and load balancing where the servers had multiple Network cards with different IP addresses and WCF would just pic the first IP address it found. We had to explicitly set the IP address on each server's Service Definition so WCF would bind to the right one.