I've created simple WinForms app that uses free webservice http://www.webservicemart.com/uszip.asmx. But this app fails to use service operation with error:
The remote server returned an unexpected response: (407) Proxy Authentication Required (The ISA Server requires authorization to fulfill the request. Access to the Web Proxy service is denied)
Code that creates proxy and triggers service operation:
ChannelFactory<ServiceReference1.USZipSoap> proxy = new ChannelFactory<ServiceReference1.USZipSoap>("USZipSoap");
ServiceReference1.USZipSoap client = proxy.CreateChannel();
string str = client.ValidateZip("12345");
MessageBox.Show(str);
Is this problem with a network of my company or this is a proxy on the side of webservicemart.com?
I've googled a lot of information on changing configuration files, creating a custom binding, etc. But I feel the lack of more basic understanding... If this error is about ISA server of our corporate network then what configuration should I make to ISA Server to not restrict me from using external webservices?
In your binding configuration make sure that useDefaultWebProxy is set to true - it will use configuration you have found in IE. In your configuration file add following snippet to ensure default your credentials are used for authentication on the proxy server:
<system.net>
<defaultProxy useDefaultCredentials="true" />
</system.net>
This worked for me... replacing 10.1.0.50 and the port number with your proxy server's IP
<system.net>
<defaultProxy useDefaultCredentials="true">
<proxy usesystemdefault="False" proxyaddress="http://10.1.0.50:8080" bypassonlocal="True" />
</defaultProxy>
</system.net>
Seems like all the traffic in your company is being redirected through a proxy. Can you browse to the web service from your IE and see its wsdl and invoke the test page to see some results. If that is the case then try adding the below section into your web.config:
<system.net>
<defaultProxy>
<proxy proxyaddress="<your proxy address>" bypassonlocal="true" />
</defaultProxy>
</system.net>
You can find the proxy address from the settings of your IE.
NOTE: When you move to different environments then you need to make sure that its the same case else you need to remove the above configuration.
You can set the web.config of the service to allow to use the proxy settings as defined in Internet Explorer.
Sometime in the future.
WebRequest.DefaultWebProxy.Credentials = CredentialCache.DefaultNetworkCredentials;
Related
I'm building a web service and are using Jetty as the server. For some of the API-s this service provides, we want them to be authenticated by certificate. So I have following code:
SslContextFactory sslContextFactory = new SslContextFactory();
sslContextFactory.setWantClientAuth(true);
Server server = new Server(pool);
ServerConnector sslConnector = new ServerConnector(server,
new SslConnectionFactory(sslContextFactory, "HTTP/1.1"),
new HttpConnectionFactory(httpsConfig));
server.addConnector(sslConnector);
Now, my service also has a corresponding web UI. When users access the web UI which in turn calls backend API-s, the browser prompts the user for a cert. I don't want this to happen because the API called by the web UI do not support certificate authentication. However, the above code is configuring in a global way. Is there any way to resolve this ?
Update:
I've looked at other server implementations.
For example, in ASP.NET, we can define following config:
<location path="some-api">
<system.webServer>
<security>
<access sslFlags="SslNegotiateCert"/>
</security>
</system.webServer>
</location>
There is also similar settings in Apache Http Server
So it seems SSL/TLS itself isn't prohibiting me from doing so. Are there any Jetty settings that I have missed ?
The TLS level certificate validation occurs before the HTTP Request is even sent/processed/parsed.
It's not possible to skip that validation based on information after the TLS handshake.
You could, as an alternate method, just put the certificate validation on a different port on the same machine (with a different ServerConnector configuration), leaving the normal connector without client certificate validation.
WCF service is hosted in IIS and uses netTCPRelayBinding.
At some locations the TCP ports are blocked and HTTP must be used. Other times TCP ports are open and this mode is preferred.
Thus, I'd like to be able to set the ConnectivityMode to AutoDetect (or to just HTTP) declaratively in the web.config file.
For self hosted WCF, this is easily done:
ServiceBusEnvironment.SystemConnectivity.Mode = ConnectivityMode.AutoDetect;
How is this done declaratively in web.config?
At the moment there is no configuration element for this setting however in your web.config you could use AppSettings to set the value
<appSettings>
<add key="ServiceBusConnectivityMode" value="Http" />
</appSettings>
In the code you would then read the key value and parse it into enum value
ServiceBusEnvironment.SystemConnectivity.Mode = (ConnectivityMode)Enum.Parse(typeof(ConnectivityMode), ConfigurationManager.AppSettings["ServiceBusConnectivityMode"])
I am getting an error when my application tries to communicate with a web service
(407) Proxy Authentication Required ( The ISA Server requires authorization to fulfill the request. Access to the Web Proxy filter is denied. )
I saw a few topics but I could not understand. I am using VB.net
As the error says, your proxy server is preventing access to the service. You can either write some code to ask the user for credentials for the proxy, or (easier) you can put the following in your applications app.config:
<system.net>
<defaultProxy useDefaultCredentials="true"/>
<system.net>
There are other settings if you have more complex requirements. Try here for guidance
http://msdn.microsoft.com/en-us/library/09361bca
Your app.config file should look like this:
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<system.net>
<defaultProxy useDefaultCredentials="true" />
</system.net>
</configuration>
I think the error referring to TraceUtility is unrelated - different problem.
I have a MVC page which consumes a WebService over SSL. The certificate is installed and when the application is running its able to detect the certificate.
The problem is this codes works perfectly fine in my local machine while i try to call the MVC page hosted.
But when MVC page hosted in server is called it throws an error:
There was no endpoint listening at https:// that could accept the message. This is often caused by an incorrect address or SOAP action.
I found out the issue was indeed with the App Pool identity. When I changed it to run with my credentials it solved the problem. But i cannot do this in production environment.
I need to make it work with Identity : Network Service in IIS App pool.
I have tried giving permission to certificate using winhttpcertcfg for network service and that also didn't help.
Not sure what is missing.
Thanks in Advance.
adding this solved my problem:
<system.net> <defaultProxy useDefaultCredentials="true" enabled="true"> <proxy usesystemdefault="True" proxyaddress="myproxyserver:port"; bypassonlocal="False"/> </defaultProxy> <settings> <servicePointManager expect100Continue="false" /> <ipv6 enabled="true"/> </settings> </system.net>
We have a service on our 3rd party site which is configured to be invoked on a https (server to firewall and routing everything is configured for https)! Since We are unable to communicate with it due to certificate issue with DataPower on our side, we thought why not test the connectivity on http!
So now they trying to make the WCF Service as http on the same IP and port, they could see the Service not responding to inbound calls and ignoring the http request coming on a https configured IP + port!
I am not sure what can be done to say the .net WCF Service, hey ignore its on http and just get it rolling! They did disable https binding and just try with a http binding!
Any ideas would be great! Thanks!
(P.S. I dont have access to their code or config!)
Is is IIS hosted or self hosted?
If it is hosted in IIS, then IIS needs to have the SSL certificate removed and the configuration set to HTTP instead of HTTPS.
In WCF, you would have to disable Transport security, which is usually in the configuration on the binding, like:
<binding>
<security mode="Transport">
To disable HTTPS you would need to set mode="None" (or something other than Transport).
This worked for me... Adding this to webconfig or appconfig of the project
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>
<directoryBrowse enabled="true" />
</system.webServer>
</configuration>