i am trying to consuming wcf web service and got error
The identity check failed for the outgoing message. The expected identity is 'identity(http://schemas.xmlsoap.org/ws/2005/05/identity/right/possessproperty: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/spn)' for the 'http://localhost/SCVMMService/VirtualMachineManagementService.svc' target endpoint.
for consuming webservice i am using code :
Client.ClientCredentials.Windows.ClientCredential.Domain = "testlab.ourcp.com";
Client.ClientCredentials.Windows.ClientCredential.UserName = "administrator";
Client.ClientCredentials.Windows.ClientCredential.Password = "M!ndMasT23";
Client.ClientCredentials.UserName.UserName = "administrator";
Client.ClientCredentials.UserName.Password = "M!ndMasT23";
Client.Open();
WebConfig:
<bindings>
<wsHttpBinding>
<binding name="WSHttpBinding_IVirtualMachineManagementService" closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00" bypassProxyOnLocal="false" transactionFlow="false" hostNameComparisonMode="StrongWildcard" maxBufferPoolSize="524288" maxReceivedMessageSize="65536" messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true" allowCookies="false">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384" maxBytesPerRead="4096" maxNameTableCharCount="16384"/>
<reliableSession ordered="true" inactivityTimeout="00:10:00" enabled="false"/>
<security mode="Message">
<transport clientCredentialType="Windows" proxyCredentialType="None" realm=""/>
<message clientCredentialType="Windows" negotiateServiceCredential="true" algorithmSuite="Default"/>
</security>
</binding>
</wsHttpBinding>
</bindings>
<client>
<endpoint address="http://localhost/SCVMMService/VirtualMachineManagementService.svc" binding="wsHttpBinding" bindingConfiguration="WSHttpBinding_IVirtualMachineManagementService" contract="ServiceReference1.IVirtualMachineManagementService" name="WSHttpBinding_IVirtualMachineManagementService">
<identity>
<servicePrincipalName value="DDC-SC-VMM02.testlab.ourcp.com\Administrator"/>
</identity>
</endpoint>
</client>
and in webService config file for identity use:
<dns value="localhost"/>
Is the WCF service you're trying to access configured to use Service Identity? If not, remove the entire identity element from the endpoint element because it's only used with the Service Indentity feature.
Related
I wrote a self-hosted WCF service. When I run the server and the client, the client connects well. I rewrote the server as a Windows service. Now when I run the server and the client, the server is started, but the client fails upon request method with the error
The HTTP request is unauthorized with client authentication scheme 'Negotiate'. The authentication header received from the server was
Windows service is registered as LocalSystem. Server config:-
<system.serviceModel>
<services>
<service behaviorConfiguration="MyServiceTypeBehaviors" name="UCSService.UCSModule">
<endpoint address="" binding="basicHttpBinding" contract="UCSService.IUCSModule">
</endpoint>
<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange"/>
<host>
<baseAddresses>
<add baseAddress="http://localhost:9000/"/>
</baseAddresses>
</host>
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="MyServiceTypeBehaviors">
<serviceMetadata httpGetEnabled="true"/>
<serviceDebug includeExceptionDetailInFaults="true"/>
</behavior>
</serviceBehaviors>
</behaviors>
<bindings>
<basicHttpBinding>
<binding name="BasicHttpEndpointBinding" closeTimeout="00:01:00"
openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00"
allowCookies="false" bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard"
maxBufferSize="65536" maxBufferPoolSize="524288" maxReceivedMessageSize="65536"
messageEncoding="Text" textEncoding="utf-8" transferMode="Buffered"
useDefaultWebProxy="true">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
maxBytesPerRead="4096" maxNameTableCharCount="16384" />
<security mode="TransportCredentialOnly">
<transport clientCredentialType="Windows" proxyCredentialType="None"
realm="" />
<message clientCredentialType="UserName" algorithmSuite="Default" />
</security>
</binding>
</basicHttpBinding>
</bindings>
</system.serviceModel>
Client config:-
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="BasicHttpEndpointBinding" closeTimeout="00:01:00"
openTimeout="00:00:30" receiveTimeout="00:10:00" sendTimeout="00:01:00"
allowCookies="false" bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard"
maxBufferPoolSize="524288" maxBufferSize="65536" maxReceivedMessageSize="65536"
textEncoding="utf-8" transferMode="Buffered" useDefaultWebProxy="true"
messageEncoding="Text">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
maxBytesPerRead="4096" maxNameTableCharCount="16384" />
<security mode="TransportCredentialOnly">
<transport clientCredentialType="Windows" proxyCredentialType="None"
realm="" />
<message clientCredentialType="UserName" algorithmSuite="Default" />
</security>
</binding>
</basicHttpBinding>
</bindings>
<client>
<endpoint address="http://192.168.101.123:9000/" binding="basicHttpBinding"
bindingConfiguration="BasicHttpEndpointBinding" contract="UCSModuleClient.IUCSModule"
name="BasicHttpBinding_UCSModule" />
</client>
</system.serviceModel>
As I understand it, the main problem is that the server has become the service, but how to solve the problem I do not know. How can I resolve this problem?
Can you use google in the following fashion: https://www.google.com.bh/search?q=The+HTTP+request+is+unauthorized+with+client+authentication+scheme+%27Negotiate%27.&oq=The+HTTP+request+is+unauthorized+with+client+authentication+scheme+%27Negotiate%27.&aqs=chrome..69i57.384j0j7&sourceid=chrome&es_sm=93&ie=UTF-8
Possible solution: Try to run the service with the user Administrator
I have a WCF Service that is self hosted and started through another service. Debugging in visual studio, they work just fine until I add endpoint configurations to my app.config for the service clients. Some clients for this service will be local and others remote. I have tried only having client endpoints for named pipes, if there's a client endpoint pointing to the service, and a client using the endpoint (even though it shouldn't even be instantiated at the point the service tries to start) I get an exception telling me that 0.0.0.0:8524 is in use. Here's the relevant configuration:
<service name="EventService.EventPublishingService">
<clear />
<endpoint binding="netTcpBinding" address="net.tcp://localhost:8524/EventPublishingService" contract="EventService.Contracts.IEventPublishService">
</endpoint>
<endpoint address="net.tcp://localhost:8524/EventPublishingService/mex" binding="mexTcpBinding" contract="IMetadataExchange">
</endpoint>
<endpoint address="net.pipe://localhost/EventPublishingServicePipe"
binding="netNamedPipeBinding" contract="EventService.Contracts.IEventPublishService"
listenUriMode="Explicit">
</endpoint>
<host>
</host>
</service>
For client endpoints I have tried both
<endpoint address="net.tcp://localhost:8524/EventPublishingService"
binding="netTcpBinding" bindingConfiguration="NetTcpBinding_IEventPublishService"
contract="AGX.Atlas.EventService.Contracts.IEventPublishService" name="NetTcpBinding_IEventPublishService">
</endpoint>
and
<endpoint address="net.pipe://localhost/EventPublishingServicePipe"
binding="netNamedPipeBinding" bindingConfiguration="NetNamedPipeBinding_IEventPublishService"
contract="AGX.Atlas.EventService.Contracts.IEventPublishService" name="NetNamedPipeBinding_IEventPublishService">
</endpoint>
I've removed the net.pipe binding from the service when removing the client binding as well to make sure it wasn't doing something weird with that. Still the same issue.
Here's the binding configurations:
<netNamedPipeBinding>
<binding name="NetNamedPipeBinding_IEventPublishService" closeTimeout="00:01:00"
openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00"
transactionFlow="false" transferMode="Buffered" transactionProtocol="OleTransactions"
hostNameComparisonMode="StrongWildcard" maxBufferPoolSize="524288"
maxBufferSize="65536" maxConnections="10" maxReceivedMessageSize="65536">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
maxBytesPerRead="4096" maxNameTableCharCount="16384" />
<security mode="Transport">
<transport protectionLevel="EncryptAndSign" />
</security>
</binding>
</netNamedPipeBinding>
<netTcpBinding>
<binding name="NetTcpBinding_IEventPublishService" closeTimeout="00:01:00"
openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00"
transactionFlow="false" transferMode="Buffered" transactionProtocol="OleTransactions"
hostNameComparisonMode="StrongWildcard" listenBacklog="10"
maxBufferPoolSize="524288" maxBufferSize="65536" maxConnections="10"
maxReceivedMessageSize="65536">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
maxBytesPerRead="4096" maxNameTableCharCount="16384" />
<reliableSession ordered="true" inactivityTimeout="00:10:00"
enabled="false" />
<security mode="Transport">
<transport clientCredentialType="Windows" protectionLevel="EncryptAndSign" />
<message clientCredentialType="Windows" />
</security>
</binding>
<binding name="NetTcpBinding_IEventSubscriptionService" closeTimeout="00:01:00"
openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00"
transactionFlow="false" transferMode="Buffered" transactionProtocol="OleTransactions"
hostNameComparisonMode="StrongWildcard" listenBacklog="10"
maxBufferPoolSize="524288" maxBufferSize="65536" maxConnections="10"
maxReceivedMessageSize="65536">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
maxBytesPerRead="4096" maxNameTableCharCount="16384" />
<reliableSession ordered="true" inactivityTimeout="00:10:00"
enabled="false" />
<security mode="Transport">
<transport clientCredentialType="Windows" protectionLevel="EncryptAndSign" />
<message clientCredentialType="Windows" />
</security>
</binding>
</netTcpBinding>
I'm having problems setting up TransportWithMessageCredential on my wcf service.
Using the wcf Configuraton Editor, I set the Mode to TransportWithMessageCredential and the transportClientCredentialType to Windows in the web.config for the service and the app.config for my executable. I installed a self signed Cert on the erver and configured IIS to use it.
When I run my test app, I receive the following error:
System.InvalidOperationException: The username is not provided. Specify username in ClientCredentials.
It appears that the Windows credentials are not being passed to the wcf service and when i check the credentialCache.defaultCredentials, they are null. Any clues and/or tips on why this is and how to fix it? Thanks in advance
server 2003 / IIS 6.0 on an active directory domain.
web.config for service
<service name="Test.DiagnosticService">
<endpoint binding="basicHttpBinding" bindingConfiguration="WindowsTransportCredentialBinding" name="ClientDiagnosticEndpoint" contract="Test.IDiagnostic" />
</service>
<basicHttpBinding>
<binding name="WindowsTransportCredentialBinding" maxBufferSize="524288"
maxReceivedMessageSize="524288">
<readerQuotas maxDepth="128" maxStringContentLength="1048576" />
<security mode="TransportWithMessageCredential">
<transport clientCredentialType="Windows" proxyCredentialType="Windows" />
</security>
</binding>
app.config for executable
<client>
<endpoint address="https://U-WM-3vIntegr8/test/Web/Services/Diagnostic.svc"
binding="basicHttpBinding" bindingConfiguration="ClientHttpEndpoint"
contract="Test.IDiagnostic" name="ClientDiagnosticEndpoint" />
</client>
<basicHttpBinding>
<binding name="ClientHttpEndpoint" closeTimeout="00:01:00"
openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:02:00"
allowCookies="false" bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard"
maxBufferSize="4194304" maxBufferPoolSize="524288" maxReceivedMessageSize="4194304"
messageEncoding="Text" textEncoding="utf-8" transferMode="Buffered"
useDefaultWebProxy="true">
<readerQuotas maxDepth="32" maxStringContentLength="1048576"
maxArrayLength="16384" maxBytesPerRead="4096" maxNameTableCharCount="16384" />
<security mode="TransportWithMessageCredential">
<transport clientCredentialType="Windows" proxyCredentialType="Windows"
realm="" />
<message clientCredentialType="UserName" algorithmSuite="Default" />
</security>
</binding>
</basicHttpBinding>
...Called from client
public static IDiagnostic GetDiagnosticService()
{
return new ChannelFactory<IDiagnostic>("ClientDiagnosticEndpoint").CreateChannel();
}
you need to manually fill in the credentials, they will not be automatically passed in this configuration. if that's what you look for you should set clientCredentialType to "Windows" on both client and server. Right now you need to set it manually:
proxy.ClientCredentials.Username.User = ""
proxy.ClientCredentials.Username.Password = ""
I am getting this error when i am sending more than 500 records to save.so please help me out this is my service
<bindings>
<wsHttpBinding>
<binding name="WSHttpBinding_IMFMReport" closeTimeout="00:01:00"
openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00"
bypassProxyOnLocal="false" transactionFlow="true" hostNameComparisonMode="StrongWildcard"
maxBufferPoolSize="524288" maxReceivedMessageSize="999999999"
messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true"
allowCookies="false">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
maxBytesPerRead="4096" maxNameTableCharCount="16384" />
<reliableSession ordered="true" inactivityTimeout="00:10:00"
enabled="false" />
<security mode="Message">
<transport clientCredentialType="Windows" proxyCredentialType="None"
realm="" />
<message clientCredentialType="Windows" negotiateServiceCredential="true"
algorithmSuite="Default" />
</security>
</binding>
<client>
<endpoint address="http://localhost:3956/MFMReportService.svc"
binding="wsHttpBinding" bindingConfiguration="WSHttpBinding_IMFMReport"
contract="MFMReportService.IMFMReport" name="WSHttpBinding_IMFMReport">
<identity>
<userPrincipalName value="pkshah#GESCO.COM" />
</identity>
</endpoint>
</client>
</system.serviceModel>
That is not your service, that is a client. If you want to pass large dataset to the service you must configure MaxReceivedMessageSize on the service - the word Received means that you are configuring message receiver.
Never had problems before but after upgrading to .NET 4, I am getting "Access is Denied" when trying to invoke a WCF method over HTTPS. If I use HTTP instead of HTTPS, everything works fine. Any possible solutions for this? I can provide more specific information if requested.
web.config
<system.serviceModel>
<behaviors>
<serviceBehaviors>
<behavior name="some_product.SomeServiceAspNetAjaxBehavior">
<serviceDebug includeExceptionDetailInFaults="true" />
</behavior>
</serviceBehaviors>
<endpointBehaviors>
<behavior name="some_product.SomeServiceAspNetAjaxBehavior">
<enableWebScript />
</behavior>
</endpointBehaviors>
</behaviors>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true"/>
<services>
<service name="some_product.SomeService">
<endpoint address="" behaviorConfiguration="some_product.SomeServiceAspNetAjaxBehavior" bindingConfiguration="BasicHttpBinding_SomeService" binding="webHttpBinding" contract="some_product.SomeService"/>
</service>
</services>
<bindings>
<basicHttpBinding>
<binding name="BasicHttpsBinding_SomeService" closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00" allowCookies="true" bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard" maxBufferSize="65536" maxBufferPoolSize="524288" maxReceivedMessageSize="65536" messageEncoding="Text" textEncoding="utf-8" transferMode="Buffered" useDefaultWebProxy="true">
<readerQuotas maxDepth="32" maxStringContentLength="8192"
maxArrayLength="16384" maxBytesPerRead="4096"
maxNameTableCharCount="16384"/>
<security mode="Transport">
<transport clientCredentialType="Windows"
proxyCredentialType="None" realm=""/>
</security>
</binding>
<binding name="BasicHttpBinding_SomeService" closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00" allowCookies="true" bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard" maxBufferSize="65536" maxBufferPoolSize="524288" maxReceivedMessageSize="65536" messageEncoding="Text" textEncoding="utf-8" transferMode="Buffered" useDefaultWebProxy="true">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384" maxBytesPerRead="4096" maxNameTableCharCount="16384"/>
<security mode="None">
<transport clientCredentialType="None" proxyCredentialType="None" realm=""/>
<message clientCredentialType="UserName" algorithmSuite="Default"/>
</security>
</binding>
</basicHttpBinding>
<webHttpBinding>
<binding name="BasicHttpBinding_SomeService" maxReceivedMessageSize="300000" allowCookies="true" >
<readerQuotas maxStringContentLength="300000" />
</binding>
</webHttpBinding>
</bindings>
<client>
<endpoint address="/someurl/SomeService.svc" binding="webHttpBinding" bindingConfiguration="BasicHttpBinding_SomeService" contract="some_product.SomeService" name="BasicHttpBinding_SomeService"/>
<endpoint address="/someurl/SomeService.svc" binding="webHttpBinding" bindingConfiguration="BasicHttpsBinding_SomeService" contract="some_product.SomeService" name="BasicHttpsBinding_SomeService"/>
</client>
</system.serviceModel>
Note: Works PERFECTLY fine over HTTP. Problem ONLY exists under HTTPS.
With your setup, you have no security defined -- thus you can only connect using http:
<basicHttpBinding>
<binding name="BasicHttpBinding_SomeService" .....>
<readerQuotas maxDepth="32" maxStringContentLength="8192"
maxArrayLength="16384" maxBytesPerRead="4096"
maxNameTableCharCount="16384"/>
<security mode="None">
<transport clientCredentialType="None" proxyCredentialType="None" realm=""/>
<message clientCredentialType="UserName" algorithmSuite="Default"/>
</security>
</binding>
</basicHttpBinding>
If you want to use https, you need to enable transport security:
<basicHttpBinding>
<binding name="BasicHttpBinding_Secure" .....>
<readerQuotas ..../>
<security mode="Transport">
<transport clientCredentialType="Windows"
proxyCredentialType="None" realm=""/>
</security>
</binding>
</basicHttpBinding>
Update: Now that you have defined your secure HTTPS binding configuration:
<bindings>
<basicHttpBinding>
<binding name="BasicHttpsBinding_SomeService" ......>
<readerQuotas ......../>
<security mode="Transport">
<transport clientCredentialType="Windows"
proxyCredentialType="None" realm=""/>
</security>
you also need to configure an endpoint to use that binding configuration, of course!
<services>
<service name="some_product.SomeService">
<endpoint
address=""
behaviorConfiguration="some_product.SomeServiceAspNetAjaxBehavior"
binding="webHttpBinding"
bindingConfiguration="BasicHttpBinding_SomeService"
contract="some_product.SomeService"/>
<!-- add this endpoint !! -->
<endpoint
address="secure"
binding="basicHttpBinding"
bindingConfiguration="BasicHttpsBinding_SomeService"
contract="some_product.SomeService"/>
</service>
</services>
Just defining the binding configuration without having an endpoint that actually refers to it doesn't really help......