Wcf service accessing error - The HTTP request was forbidden - wcf

When trying to access my WCF service it is throwing following exception
The HTTP request was forbidden with client authentication scheme 'Anonymous'.
Inner Expeption: The remote server returned an error: (403) Forbidden.
Other observations:
It was working earlier
Same application when I set up on other system there is not error.
Using windows application from my system itself it works fine.
Situation:
WCF service is hosted in remote DEV server and I add as service reference in my web app.
For now Web app which consumes service is running from VS not by hosting in IIS
A real mess. Did anyone faced such situation? Please share with me. I google about the issue but non of them are helpful.

Check the application pool in which the service is hosted. If Windows authentication is turned on over there, then include it in the manifest xml file.
<system.web>
<authentication mode="Windows" />
</system.web>
For Reference : Click here

It could be that windows authentication is turned on on your local machine but not in IIS.
Double check the app pool your service is running under. Also, make sure the app pool is running integrated mode and that the version is correct.
See this article specifically step one.

Related

Hosting of ajax enabled wcf service in IIS 7

I have deployed an asp.net mvc application in IIS, The application has been deployed successfully and working fine. I Used ajax enabled wcf service in my application, the problem is when I want to use the method of the service. I get the not found error, but when I browse to see the service it gives the page saying that your service is hosted, I cannot access the methods of the deployed ajax enabled service.. Kindly help me out..
Things to be noticed..
My services are hosted as a file with the extension of .svc
I deployed the application on windows server 2008 r2 64 bit, but I configured the application pool to work in 32 bit.
Services are accessible, but the methods of service are not allowed.
Thanks in advance.
Ahsan Nomani.

Problems connecting to a basicHttpBinding endpoint with security mode="None"

Trying to create an framework 4.0 WCF basicHttp service hosted by IIS (6) that is completely unauthenticated. Once deployed, I can successfully retrive the WSDL via a browser.
However whenever I try and connect to it via WCF Test Client or via a visual studio generated proxy, I'm getting "The server has rejected the client credentials.".
This still occurs when I add <security mode="None"/>, but my understanding is that this is the default anyway ...
In the IIS virtual directory properties I only have anonymous ticked, and in the web.config file <authentication mode="None"/> is set as well.
Any ideas?
Seems like the IIS site has anonymous authentication disabled. Check out this article on IIS 6 anonymous access configuration.
Turns out that the source of the exception was from an immediate attempt to connect to a downstream tcp service. As a workaround I ended up creating a plain jane webservice wrapper which successfully connects to the downstream service fine using a domain account specified in the <identity impersonate="true" userName=".." password=".." />.
Note, I've added a related question asking why one works and the other doesn't.

Problem with call WCF Service From local host to Server IIS

Hi All
I Have a service project that hosted it in local IIS and within this project i have a refrence to another service in an IIS on another server in this Domain but when i want calling this service I get an exception:
{System.ServiceModel.Security.SecurityNegotiationException: The caller was not authenticated by the service.
How I Can Solve It?
thanks
Check with hosing by console.
Check Domain access for user or port restriction.
when you host then try checking whether it is generating wsdl by just typing http://.. in IE

Trouble in hosting WCF Service in IIS 5.1

I am having trouble hosting a simple WCF service application in IIS 5.1 (XP SP3).
I follow this Pluralsight tutorial (https://www.youtube.com/watch?v=SVPXLF-g4Ws) but still the service won't load and shows IE blank page "You are not authorized to view this page .. HTTP Error 403 - Forbidden "
any advice? how to host WCF service in IIS 5.1.
Try changing the IIS Authentication for your IIS host website to "Anonymous" and see if that is where your problem is and if doing this makes it work.
NOTE: In reality, you will need to set your authentication in IIS based on whatever your authentication method is going to be.

Difference between ClientCredentialType=Windows and =Ntlm

Can anyone give a clear explanation of the difference between using
clientCredentialType=Windows, and
clientCredentialType=Ntlm
in a server-side Web.config when hosting a WCF service?
I have a SOAP 1.1 (basicHttpBinding) service for interop with existing clients. It uses ASP.NET roles so needs clients to be authenticated.
When I am using the VS2005 (Cassini) server to host the service, I have to specify ClientCredentialType=Ntlm as above, and check the Ntlm authentication box in the project properties in VS2005. ClientCredentialType=Windows doesn't work - clients get a:
401 Unauthorized error
However when I'm running under IIS, it's the other way around: ClientCredentialType=Windows works, and ClientCredentialType=Ntlm fails.
Can anyone explain this, and preferably suggest a way I can have the same web.config file to run the service in Cassini and IIS?
Update
I have .NET 3.5 SP1 on my dev machine, which is XP SP2 running in a domain. Cassini therefore runs under a domain account, and IIS 5.1 under a local account.
I wonder if it could be related to the breaking change in .NET 3.5SP1 described in these articles.
http://www.aspnetpro.com/newsletterarticle/2008/12/asp200812ab_l/asp200812ab_l.asp
http://msmvps.com/blogs/alvin/archive/2008/11/14/net-3-5-sp1-breaking-change-to-wcf.aspx
http://connect.microsoft.com/VisualStudio/feedback/ViewFeedback.aspx?FeedbackID=354236
The situation sounds similar as clientCredentialType=Windows fails when the server is running under a domain account (which is my situation with Cassini - running as my normal domain user account), and works when running under a local account (which is my situation with IIS).
The problem is that the suggested fixes require changes to a WCF client configuration file - but in my case I'm using SOAP 1.1 (basicHttpBinding) with non-WCF clients.
clientCredentialType=Windows uses the built in Windows authentication which can be through Active Directory and NTLM.
Obviously the NTLM type will only use NTLM for authentication.
I'm sure you've seen it already, but here is a link to WCF security:
http://msdn2.microsoft.com/en-us/library/ms734769.aspx
Some more details on your setup would help. Are the IIS and Cassini servers running on the same box? If not do you have the same accounts setup on each box? IIS6 by default supports NTLM, so you shouldn't have a problem getting it to work.