is it necessary to create a service certificate to use custom username and password authentication? I want to authenticate my WCF service with custom username and password.
My Service web.config is as follows:
<system.serviceModel>
<bindings>
<wsHttpBinding>`enter code here`
<binding name="NewBinding0">
<security mode="Message">
<transport clientCredentialType="Basic" />
<message clientCredentialType="UserName" />
</security>
</binding>
</wsHttpBinding>
</bindings>
<services>
<service behaviorConfiguration="WcfTest.Service1Behavior" name="WcfTest.TestService">
<endpoint address="" binding="wsHttpBinding" contract="WcfTest.ITestService" />
<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" />
</service>
</services>
<behaviors>
<endpointBehaviors>
<behavior name="NewBehavior" />
</endpointBehaviors>
<serviceBehaviors>
<behavior name="WcfTest.Service1Behavior">
<serviceMetadata httpGetEnabled="false" />
<serviceDebug includeExceptionDetailInFaults="false" />
<serviceCredentials>
<!-- Use our own custom validation -->
<userNameAuthentication userNamePasswordValidationMode="Custom"
customUserNamePasswordValidatorType="MyValidator,WcfTest"/>
</serviceCredentials>
</behavior>
</serviceBehaviors>
</behaviors>
</system.serviceModel>
and Client Web.config is:
<system.serviceModel>
<bindings>
<wsHttpBinding>
<binding name="WSHttpBinding_ITestService" closeTimeout="00:01:00"
openTimeout="00:01:00" receiveTimeout="00:10:00"
sendTimeout="00:01:00" bypassProxyOnLocal="false"
transactionFlow="false" hostNameComparisonMode="StrongWildcard"
maxBufferPoolSize="524288" maxReceivedMessageSize="65536"
messageEncoding="Text" textEncoding="utf-8"
useDefaultWebProxy="true" allowCookies="false">
<readerQuotas maxDepth="32" maxStringContentLength="8192"
maxArrayLength="16384" maxBytesPerRead="4096"
maxNameTableCharCount="16384" />
<reliableSession ordered="true" inactivityTimeout="00:10:00"
enabled="false" />
<security mode="Message">
<transport clientCredentialType="Windows" proxyCredentialType="None"
realm="" />
<message clientCredentialType="UserName"
negotiateServiceCredential="true"
algorithmSuite="Default"
establishSecurityContext="true" />
</security>
</binding>
</wsHttpBinding>
</bindings>
<client>
<endpoint address="http://localhost:2374/Service1.svc" binding="wsHttpBinding"
bindingConfiguration="WSHttpBinding_ITestService"
contract="ServiceReference1.ITestService"
name="WSHttpBinding_ITestService">
<identity>
<userPrincipalName value="NYSA31\abc" />
</identity>
</endpoint>
</client>
</system.serviceModel>
But i am getting following error accessing the service.
WsHttpBinding demands service certificate. WCF 4 (and older versions with special KB) allows exposing service authenticated with UserName and password without certificate but do you really want it? It means that user name and password will go in the plain text over the wire = no security because anybody who will capture the packet will be able to authenticate with stolen credentials.
To use user name password without certificate you need custom binding or you can use ClearUserNameBinding.
Related
I have seriously ran into a problem and could not resolve it. I have searched a ton of forums but couldn't find anything matching to resolve my issue.
I have two components. One is a WCF service and the other is a client which is basically a hardware that fetches the information from the web service. The WCF service is hosted over IIS with https. The client was able to hit the service when the SSL certificate was not installed, but after the installation of SSL certificate the machine started giving the error I mentioned in the title of my question.
This is the web.config of my service
`
<system.serviceModel>
<!--<behaviors>
<serviceBehaviors>
<behavior name="">
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="false" />
</behavior>
</serviceBehaviors>
</behaviors>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true"
multipleSiteBindingsEnabled="true" />-->
<bindings>
<wsHttpBinding>
<binding name="wshttpbinding" bypassProxyOnLocal="true" receiveTimeout="00:10:00">
<reliableSession inactivityTimeout="23:00:00" enabled="true"/>
<security mode="None">
<transport clientCredentialType="None" />
<message clientCredentialType="None" establishSecurityContext="false" />
</security>
</binding>
</wsHttpBinding>
</bindings>
<services>
<service behaviorConfiguration="Services.ServiceBehavior" name="CJDWebServices.Service">
<endpoint address="" binding="wsHttpBinding" bindingConfiguration="wshttpbinding"
contract="CJDWebServices.IService">
<identity>
<dns value="localhost" />
</identity>
</endpoint>
<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" />
<host>
<baseAddresses>
<add baseAddress="http://localhost/TxService/" />
</baseAddresses>
</host>
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="Services.ServiceBehavior">
<!-- To avoid disclosing metadata information,
set the value below to false and remove the metadata endpoint above before deployment -->
<serviceMetadata httpGetEnabled="True"/>
<!-- To receive exception details in faults for debugging purposes,
set the value below to true. Set to false before deployment
to avoid disclosing exception information -->
<serviceDebug includeExceptionDetailInFaults="False" />
</behavior>
</serviceBehaviors>
</behaviors>
</system.serviceModel>
</configuration>
`
And this is the app.config of my application running on the hardware
`
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<system.serviceModel>
<bindings>
<wsHttpBinding>
<binding name="WSHttpBinding_IService" closeTimeout="00:01:00"
openTimeout="00:01:00" receiveTimeout="00:25:00" sendTimeout="00:25:00"
bypassProxyOnLocal="false" transactionFlow="false" hostNameComparisonMode="StrongWildcard"
maxBufferPoolSize="2147483647" maxReceivedMessageSize="2147483647"
messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true"
allowCookies="false">
<readerQuotas maxDepth="2147483647" maxStringContentLength="2147483647" maxArrayLength="16384"
maxBytesPerRead="2147483647" maxNameTableCharCount="2147483647" />
<reliableSession ordered="true" inactivityTimeout="23:59:00"
enabled="True" />
<security mode="Transport">
<transport clientCredentialType="Windows" proxyCredentialType="None"
realm="" />
<message clientCredentialType="Windows" negotiateServiceCredential="true"
establishSecurityContext="true" />
</security>
</binding>
<binding name="WSHttpBinding_IMachineMgmt" closeTimeout="00:02:00"
openTimeout="00:02:00" receiveTimeout="00:25:00" sendTimeout="00:25:00"
bypassProxyOnLocal="false" transactionFlow="false" hostNameComparisonMode="StrongWildcard"
maxBufferPoolSize="2147483647" maxReceivedMessageSize="2147483647"
messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true"
allowCookies="false">
<readerQuotas maxDepth="2147483647" maxStringContentLength="2147483647" maxArrayLength="2147483647"
maxBytesPerRead="2147483647" maxNameTableCharCount="2147483647" />
<reliableSession ordered="true" inactivityTimeout="23:59:00"
enabled="true" />
<security mode="Transport">
<transport clientCredentialType="Windows" proxyCredentialType="None"
realm="" />
<message clientCredentialType="Windows" negotiateServiceCredential="true"
establishSecurityContext="true" />
</security>
</binding>
<binding name="WSHttpBinding_IPM" closeTimeout="00:02:00" openTimeout="00:02:00"
receiveTimeout="00:05:00" sendTimeout="00:05:00" bypassProxyOnLocal="false"
transactionFlow="false" hostNameComparisonMode="StrongWildcard"
maxBufferPoolSize="2147483647" maxReceivedMessageSize="2147483647"
messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true"
allowCookies="false">
<readerQuotas maxDepth="2147483647" maxStringContentLength="2147483647" maxArrayLength="2147483647"
maxBytesPerRead="2147483647" maxNameTableCharCount="2147483647" />
<reliableSession ordered="true" inactivityTimeout="00:10:00"
enabled="true" />
<security mode="Transport">
<transport clientCredentialType="Windows" proxyCredentialType="None"
realm="" />
<message clientCredentialType="Windows" negotiateServiceCredential="true"
establishSecurityContext="true" />
</security>
</binding>
</wsHttpBinding>
</bindings>
<client>
<endpoint address="https://dummy1/dummy1/dummy1.svc" binding="wsHttpBinding" <!-- This is the one causing trouble --!>
bindingConfiguration="WSHttpBinding_IService" contract="IService"
name="WSHttpBinding_IService">
<identity>
<dns value="dummy1" />
</identity>
</endpoint>
<endpoint address="https://dummy2/dummy2/dummy2.asmx" binding="wsHttpBinding"
bindingConfiguration="WSHttpBinding_IMachineMgmt"
contract="MonService.IMachineMgmt" name="WSHttpBinding_IMachineMgmt">
<identity>
<dns value="dummy2" />
</identity>
</endpoint>
<endpoint address="https://dummy3/dummy3/" binding="wsHttpBinding"
bindingConfiguration="WSHttpBinding_IPM" contract="IPM" name="WSHttpBinding_IPM">
<identity>
<dns value="dummy3" />
</identity>
</endpoint>
</client>
</system.serviceModel>
<appSettings>
<empty here>
</appSettings>
</configuration>
`
The service mentioned below is my pain area
<endpoint address="https://dummy1/dummy1/dummy1.svc" binding="wsHttpBinding" <!-- This is the one causing trouble --!>
bindingConfiguration="WSHttpBinding_IService" contract="IService"
name="WSHttpBinding_IService">
<identity>
<dns value="dummy1" />
</identity>
</endpoint>
I have tried playing around with changing the security mode from none to transport and vice versa, but no luck. I even tried it on the web service configuration file but still no luck.
The service is accessible on the machine by the URL if I browse it on the browser
In response to your problem, I propose the following two solutions:
1.First of all, in the MSDN post there is an example of using wshttpbinding transport, accompanied by the corresponding code, you can learn about it.
Here is the web.config on its server side:
<system.serviceModel>
<protocolMapping>
<add scheme="https" binding="wsHttpBinding" />
</protocolMapping>
<bindings>
<wsHttpBinding>
<!-- configure wsHttp binding with Transport security mode and clientCredentialType as None -->
<binding>
<security mode="Transport">
<transport clientCredentialType="None"/>
</security>
</binding>
</wsHttpBinding>
</bindings>
<!--For debugging purposes set the includeExceptionDetailInFaults attribute to true-->
<behaviors>
<serviceBehaviors>
<behavior>
<!-- To expose metadata over a secure transport uncomment the serviceMetadata behavior
and the mex endpoint above
Note: you must have a valid certificate for svcutil to work -->
<!--<serviceMetadata httpsGetEnabled="True"/>-->
<serviceDebug includeExceptionDetailInFaults="False" />
</behavior>
</serviceBehaviors>
</behaviors>
</system.serviceModel>
Here is the app.config on its client side:
<system.serviceModel>
<client>
<!-- this endpoint has an https: address -->
<endpoint address="https://localhost/servicemodelsamples/service.svc" binding="wsHttpBinding" bindingConfiguration="Binding1" contract="Microsoft.Samples.TransportSecurity.ICalculator"/>
</client>
<bindings>
<wsHttpBinding>
<!-- configure wsHttpbinding with Transport security mode
and clientCredentialType as None -->
<binding name="Binding1">
<security mode="Transport">
<transport clientCredentialType="None"/>
</security>
</binding>
</wsHttpBinding>
</bindings>
</system.serviceModel>
2.Finally, you can try to use custom bindings:
wcf custom bindings
I'm trying to set up a WCF webservice in IIS 7 with SSL and I'm a bit lost with config files.
I want the data from the server to the client to be garbled (Is this enough with SSL?)
The client will also need to identity itself to the server through a certificate.
I have the following certificates in place:
dev.test.com - accessing the url https://dev.test.com/TestService.svc shows that there is this valid certificate in place.
TestServer - a dummy certificate that identifies the server (Do I need really need this? Or perhaps I can reuse the dev.test.com? Maybe have server.test.com?)
TestClient - a dummy certificate on the client side
And this is how my config files are set up:
Web.config (Server):
<bindings>
<wsHttpBinding>
<binding name="wsHttpEndpointBinding"
messageEncoding="Mtom">
<security mode="Message">
<transport clientCredentialType="None" />
<message clientCredentialType="Certificate" />
</security>
</binding>
</wsHttpBinding>
</bindings>
<services>
<service
name="TestService"
behaviorConfiguration="TestServiceBehavior">
<endpoint
name="TestEndPoint"
address=""
binding="wsHttpBinding"
bindingConfiguration="wsHttpEndpointBinding"
bindingNamespace="http://www.example.com/"
contract="iWebService">
<!--<identity>
<dns value=""/>
</identity>-->
</endpoint>
<endpoint address="mex" binding="mexHttpsBinding" bindingConfiguration="" name="MexHttpsBindingEndpoint" contract="IMetadataExchange"/>
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="TestServiceBehavior">
<serviceMetadata httpGetEnabled="false" httpsGetEnabled="true" />
<serviceCredentials>
<clientCertificate>
<authentication certificateValidationMode="PeerOrChainTrust" />
</clientCertificate>
<serviceCertificate findValue="TestServer" storeLocation="LocalMachine"
storeName="My" x509FindType="FindBySubjectName" />
</serviceCredentials>
</behavior>
</serviceBehaviors>
</behaviors>
<serviceHostingEnvironment multipleSiteBindingsEnabled="true" />
App.config (Client):
<bindings>
<wsHttpBinding>
<binding name="wsHttpBinding" bypassProxyOnLocal="false"
transactionFlow="false" hostNameComparisonMode="StrongWildcard"
messageEncoding="Mtom" textEncoding="utf-8" useDefaultWebProxy="true"
allowCookies="false">
<reliableSession ordered="true"
enabled="false" />
<security mode="Message">
<transport clientCredentialType="None" proxyCredentialType="None"
realm="" />
<message clientCredentialType="Certificate" negotiateServiceCredential="true"
algorithmSuite="Default" />
</security>
</binding>
<binding name="TestEndPoint" bypassProxyOnLocal="false"
transactionFlow="false" hostNameComparisonMode="StrongWildcard"
messageEncoding="Mtom"
textEncoding="utf-8" useDefaultWebProxy="true" allowCookies="false">
<reliableSession ordered="true"
enabled="false" />
<security mode="Transport">
<transport clientCredentialType="None" proxyCredentialType="None"
realm="" />
<message clientCredentialType="Certificate" negotiateServiceCredential="true" />
</security>
</binding>
</wsHttpBinding>
</bindings>
<client>
<endpoint address="https://dev.test.com/TestService.svc"
behaviorConfiguration="TestServiceBehavior"
binding="wsHttpBinding" bindingConfiguration="wsHttpBinding"
contract="IContractName" name="wsHttpBinding">
<identity>
<dns value="TestServer" />
</identity>
</endpoint>
<endpoint address="https://dev.test.com/DistributionCenterService.svc"
binding="wsHttpBinding" bindingConfiguration="TestEndPoint" contract="IContract.Name"
name="TestEndPoint" />
</client>
<behaviors>
<endpointBehaviors>
<behavior name="TestServiceBehavior">
<clientCredentials>
<clientCertificate findValue="TestClient"
storeName="My"
storeLocation="CurrentUser"
x509FindType="FindBySubjectName"/>
<serviceCertificate>
<authentication
certificateValidationMode="PeerOrChainTrust"
revocationMode="NoCheck"
trustedStoreLocation="CurrentUser"/>
</serviceCertificate>
</clientCredentials>
</behavior>
</endpointBehaviors>
</behaviors>
When I try to access the https://dev.test.com/TestService.svc, I get
Could not find a base address that matches scheme http for the endpoint with binding WSHttpBinding. Registered base address schemes are [https].
Anyway, I'm really lost with what config setting I should be using.
I believe for you to be able to use https, your security mode on the wsHttpBinding for the client needs to be either Transport or (probably in your case) TransportWithMessageCredential.
I'm hosting a WCF service in IIS 7.5 using .NET 4.0. I also have a WPF application that I am using as my client that was built with Visual Studio 2010 and .NET 4.0. I added my service reference and when I attempt to call a function, I get the following exception
The content type application/xml; charset=utf-8 of the response message does not match the content type of the binding (application/soap+xml; charset=utf-8)
I am able to navigate to the service in a web browser and my bindings appear to be the same between the client and service (WsHttp bindings).
I know there are alot of google results about this error but none of them seemed to be relevant/help my specific problem. I tried installing Non-HTTP Activation features as well as a wide variety of other small tricks. Anybody be able to help? Thanks
edit, here are my configs (they are quite lengthy)
Client
<?xml version="1.0"?>
<configuration>
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="ContentSoap"
closeTimeout="00:01:00" openTimeout="00:01:00"
receiveTimeout="00:10:00" sendTimeout="00:01:00" allowCookies="false"
bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard"
maxBufferSize="2147483647" maxBufferPoolSize="2147483647"
maxReceivedMessageSize="2147483647"
messageEncoding="Text" textEncoding="utf-8" transferMode="Buffered"
useDefaultWebProxy="true">
<readerQuotas maxDepth="32" maxStringContentLength="8192"
maxArrayLength="2147483647"
maxBytesPerRead="4096" maxNameTableCharCount="16384" />
<security mode="None">
<transport clientCredentialType="None" proxyCredentialType="None"
realm="" />
<message clientCredentialType="UserName" algorithmSuite="Default" />
</security>
</binding>
<binding name="OrderSoap"
closeTimeout="00:01:00" openTimeout="00:01:00"
receiveTimeout="00:10:00" sendTimeout="00:01:00" allowCookies="false"
bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard"
maxBufferSize="65536" maxBufferPoolSize="524288"
maxReceivedMessageSize="65536"
messageEncoding="Text" textEncoding="utf-8" transferMode="Buffered"
useDefaultWebProxy="true">
<readerQuotas maxDepth="32" maxStringContentLength="8192"
maxArrayLength="16384" maxBytesPerRead="4096"
maxNameTableCharCount="16384" />
<security mode="None">
<transport clientCredentialType="None" proxyCredentialType="None"
realm="" />
<message clientCredentialType="UserName" algorithmSuite="Default" />
</security>
</binding>
</basicHttpBinding>
<netTcpBinding>
<binding name="NetTcpBindingEndpoint" closeTimeout="00:01:00"
openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00"
transactionFlow="false" transferMode="Buffered"
transactionProtocol="OleTransactions"
hostNameComparisonMode="StrongWildcard" listenBacklog="10"
maxBufferPoolSize="2147000000" maxBufferSize="65536" maxConnections="10"
maxReceivedMessageSize="2147000000">
<readerQuotas maxDepth="32" maxStringContentLength="8192"
maxArrayLength="2147000000" maxBytesPerRead="4096"
maxNameTableCharCount="16384" />
<reliableSession ordered="true" inactivityTimeout="00:01:00"
enabled="true" />
<security mode="None">
<transport clientCredentialType="Windows"
protectionLevel="EncryptAndSign" />
<message clientCredentialType="Windows" />
</security>
</binding>
</netTcpBinding>
<wsHttpBinding>
<binding name="WSHttpBinding_IInmateCanteenServiceWeb"
closeTimeout="00:01:00" openTimeout="00:01:00"
receiveTimeout="00:10:00" sendTimeout="00:01:00"
bypassProxyOnLocal="false" transactionFlow="false"
hostNameComparisonMode="StrongWildcard"
maxBufferPoolSize="2147483647" maxReceivedMessageSize="2147483647"
messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true"
allowCookies="false">
<readerQuotas maxDepth="32" maxStringContentLength="8192"
maxArrayLength="16384" maxBytesPerRead="4096"
maxNameTableCharCount="16384" />
<reliableSession ordered="true" inactivityTimeout="00:10:00"
enabled="false" />
<security mode="Transport">
<transport clientCredentialType="None" proxyCredentialType="None"
realm="" />
</security>
</binding>
</wsHttpBinding>
</bindings>
<client>
<endpoint name="ContentSoap"
address="http://media.team.twvending.net/storeservices/content.asmx"
binding="basicHttpBinding" bindingConfiguration="ContentSoap"
contract="MediaPortContent.ContentSoap" />
<endpoint name="OrderSoap"
address="http://media.team.twvending.net/storeservices/order.asmx"
binding="basicHttpBinding" bindingConfiguration="OrderSoap"
contract="MediaPortOrder.OrderSoap" />
<endpoint name="NetTcpBindingEndpoint"
address="..."
binding="netTcpBinding" bindingConfiguration="NetTcpBindingEndpoint"
contract="WebCallBack.ICallbackService" />
<endpoint name="WSHttpBinding_IInmateCanteenServiceWeb"
address="..."
binding="wsHttpBinding"
bindingConfiguration="WSHttpBinding_IInmateCanteenServiceWeb"
contract="InmateCanteenWeb.IInmateCanteenServiceWeb" />
<endpoint name="WSHttpBinding_ICommAccountingBinding"
address="..."
binding="wsHttpBinding"
bindingConfiguration="WSHttpBinding_IInmateCanteenServiceWeb"
contract="CommAccountingWeb.ICommAccountingWeb" />
</client>
</system.serviceModel>
and Server
<system.serviceModel>
<behaviors>
<endpointBehaviors>
<behavior name="httpBehavior">
<!--<webHttp />-->
</behavior>
</endpointBehaviors>
<serviceBehaviors>
<behavior name="ServiceBehavior">
<serviceCredentials>
<clientCertificate>
<authentication revocationMode="NoCheck" />
</clientCertificate>
<serviceCertificate findValue="CN=secure.inmatecanteen.com" />
</serviceCredentials>
<serviceMetadata httpsGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
</behavior>
<behavior name="MexBehavior">
<serviceMetadata httpsGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
</behavior>
<behavior name="HttpMexBehavior">
<serviceMetadata httpsGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
</behavior>
<behavior name="BasicHttpMexBehavior">
<serviceMetadata httpGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
</behavior>
<behavior name="">
<serviceMetadata httpsGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
</behavior>
</serviceBehaviors>
</behaviors>
<serviceHostingEnvironment aspNetCompatibilityEnabled="false"
multipleSiteBindingsEnabled="true" />
<bindings>
<wsHttpBinding>
<binding name="myWsHttpBinding" maxBufferPoolSize="2147483647"
maxReceivedMessageSize="2147483647" messageEncoding="Text">
<readerQuotas maxDepth="32" maxStringContentLength="2147483647"
maxArrayLength="2147483647" maxBytesPerRead="2147483647"
maxNameTableCharCount="2147483647" />
<security mode="Transport">
<transport clientCredentialType="None" />
</security>
</binding>
</wsHttpBinding>
<webHttpBinding>
<binding name="myWebHttpBinding">
<security mode="Transport">
<transport clientCredentialType="None" proxyCredentialType="None"
realm="" />
</security>
</binding>
</webHttpBinding>
<basicHttpBinding>
<binding name="myBasicHttpBinding" maxBufferPoolSize="2147483647"
maxReceivedMessageSize="2147483647">
<readerQuotas maxDepth="32" maxStringContentLength="2147483647"
maxArrayLength="2147483647" maxBytesPerRead="2147483647"
maxNameTableCharCount="2147483647" />
</binding>
</basicHttpBinding>
</bindings>
<services>
<service name="CommAccountingWeb.CommAccountingWeb"
behaviorConfiguration="HttpMexBehavior">
<endpoint
address=""
behaviorConfiguration="httpBehavior"
binding="webHttpBinding" bindingConfiguration="myWebHttpBinding"
contract="CommAccountingWeb.ICommAccountingWeb" />
<endpoint
address="mex"
binding="mexHttpsBinding"
contract="IMetadataExchange" />
<host>
<baseAddresses>
<add baseAddress="..."></add>
</baseAddresses>
</host>
</service>
<service name="CommAccountingWeb.CommAccountingBasic"
behaviorConfiguration="BasicHttpMexBehavior">
<endpoint
address=""
binding="basicHttpBinding"
bindingConfiguration="myBasicHttpBinding"
contract="CommAccountingWeb.ICommAccountingBasic" />
<endpoint
address="mex"
binding="mexHttpBinding"
contract="IMetadataExchange" />
<host>
<baseAddresses>
<add baseAddress="..." />
</baseAddresses>
</host>
</service>
</services>
</system.serviceModel>
As I suspected - your client-side config looks like this:
<endpoint name="WSHttpBinding_ICommAccountingBinding"
address="https://secure.inmatecanteen.com/CommAccountingService/CommAccountingWeb.svc"
binding="wsHttpBinding"
bindingConfiguration="WSHttpBinding_IInmateCanteenServiceWeb"
contract="CommAccountingWeb.ICommAccountingWeb" />
It expects wsHttpBinding - but the server-side address it's connecting to is:
<service name="CommAccountingWeb.CommAccountingWeb"
behaviorConfiguration="HttpMexBehavior">
<endpoint
address=""
behaviorConfiguration="httpBehavior"
binding="webHttpBinding" bindingConfiguration="myWebHttpBinding"
contract="CommAccountingWeb.ICommAccountingWeb" />
<host>
<baseAddresses>
<add baseAddress="https://secure.inmatecanteen.com/CommAccountingService/CommAccountingWeb.svc"></add>
</baseAddresses>
</host>
</service>
and this server endpoint uses webHttpBinding.
So while the client expects a SOAP XML message (content type: application/soap+xml; charset=utf-8), the server-side endpoint is a REST endpoint which returns plain XML (content type: application/xml; charset=utf-8)
Solution: you need to make sure both the client and the server endpoint used are in sync with regards to bindings and configuration!
As Steven Westbrook says in a comment on this answer:
Add ?wsdl to your client's endpoint address, and you should have more luck with the service. ?wsdl is important - it means the browser is just getting "Web Services Description Language" for the service, and not calling the service.
I had the same issue and adding ?wsdl solved my headache.
I came across a similar error while creating a client service to one of the existing server side WebService. I could rectify it using SOAP 1.1 transport protocol on the client. Somehow soap 1.2 is giving/expecting a different format. This trace back to the difference between BasicHttpBinding vs WebHttpBinding vs WsHttpBinding.
I got this problem after I added a method that returned a collection of instances of a base class that didn't have a [KnownType] attribute that would resolve to a concrete instance.
With the [KnownType] attribute in place the problem disappeared.
[ServiceContract]
public interface IService {
[OperationContract]
IEnumerable<ItemBase> GetItems();
}
[DataContract]
// [KnownType(typeof(RealItemA))] <--- without these attributes you will get a problem
// [KnownType(typeof(RealItemB))]
public class ItemBase {
}
[DataContract]
public class RealItemA : ItemBase {
}
[DataContract]
public class RealItemB : ITemBase {
}
in my case same error was caused by missing
[datacontract]
[datamember]
attributes in returned data type.
Error message was really misleading.
In my case a specific service was using SOAP 1.1 instead of the usual 1.2.
I had to change the binding from this:
<system.serviceModel>
<bindings>
<customBinding>
<binding name="ServiceSoapBinding">
<textMessageEncoding messageVersion="Soap12"/>
</binding>
</customBinding>
</bindings>
</system.serviceModel>
To this:
<system.serviceModel>
<bindings>
<customBinding>
<binding name="ServiceSoapBinding">
<textMessageEncoding messageVersion="Soap11"/>
</binding>
</customBinding>
</bindings>
</system.serviceModel>
I have a WCF Service being hosted on IIS 5.1 with Anonymous access disabled. Below is a part of the web.config file showing how the service is configured:
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="basicHttpBindingCfg">
<security mode="TransportCredentialOnly">
<transport clientCredentialType="Windows" />
</security>
</binding>
</basicHttpBinding>
</bindings>
<services>
<service behaviorConfiguration="ServiceBehavior" name="HelloService">
<endpoint name="BasicHttpEndpoint"
address=""
binding="basicHttpBinding"
bindingConfiguration="basicHttpBindingCfg"
contract="IHelloService">
</endpoint>
<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" />
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="ServiceBehavior">
<serviceMetadata httpGetEnabled="true"/>
<serviceDebug includeExceptionDetailInFaults="false"/>
</behavior>
</serviceBehaviors>
</behaviors>
</system.serviceModel>
Every time I call any operations that this service exposes from a desktop application, I receive the following error message:
Either a required impersonation level was not provided, or the
provided impersonation level is invalid.
Please note that binding type and hosting environment is pre-determined by the client and cannot be changed.
Any help that may lead to resolving this issue would be greatly appreciated.
Thanks!
Zen
EDIT: Here is how the client is configured:
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="BasicHttpEndpoint" closeTimeout="00:01:00" openTimeout="00:01:00"
receiveTimeout="00:10:00" sendTimeout="00:01:00" allowCookies="false"
bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard"
maxBufferSize="65536" maxBufferPoolSize="524288" maxReceivedMessageSize="65536"
messageEncoding="Text" textEncoding="utf-8" transferMode="Buffered"
useDefaultWebProxy="true">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
maxBytesPerRead="4096" maxNameTableCharCount="16384" />
<security mode="TransportCredentialOnly">
<transport clientCredentialType="Windows" proxyCredentialType="None"
realm="" />
<message clientCredentialType="UserName" algorithmSuite="Default" />
</security>
</binding>
</basicHttpBinding>
</bindings>
<client>
<endpoint name="BasicHttpEndpoint"
address="http://vm00000033871b.intra.pri/WCFServiceBasicHttp/HelloService.svc"
binding="basicHttpBinding"
bindingConfiguration="BasicHttpEndpoint"
contract="Proxy.IHelloService" />
</client>
</system.serviceModel>
Try this to pass the current users Windows credentials:
Using proxy As New PRX.HelloServiceClient()
proxy.ClientCredentials.Windows.AllowedImpersonationLevel =
TokenImpersonationLevel.Impersonation
proxy.ChannelFactory.Credentials.Windows.ClientCredential =
CredentialCache.DefaultNetworkCredentials
Dim message As String = proxy.Hello("Hi")
MessageBox.Show(message)
End Using
Please, oh, please, please, please help!!! :-)
I am trying to test out WCF with SSL and seem to be missing something. I have done a ton of searching and can't seem to find what I'm missing with the config. I have a basic WCF service hosted in IIS on Windows 7 with a self-signed certificate. I also have a test client web application calling that WCF service.
I am getting the following error in the test client:
There was no endpoint listening at https://<url>/WcfAuthTest/Service1.svc that could accept the message.
I can navigate to the service in a browser and get the standard auto-generated page for a SOAP service.
Here is the config for the WCF Service:
<system.serviceModel>
<bindings>
<wsHttpBinding>
<binding name="wsSecureBinding">
<security mode="Transport">
<transport clientCredentialType="None" />
</security>
</binding>
</wsHttpBinding>
</bindings>
<behaviors>
<serviceBehaviors>
<behavior name="wsSecureBehavior">
<serviceMetadata httpGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
</behavior>
<behavior name="">
<serviceMetadata httpGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="false" />
</behavior>
</serviceBehaviors>
</behaviors>
<services>
<service behaviorConfiguration="wsSecureBehavior" name="Service1">
<endpoint address="" binding="wsHttpBinding" bindingConfiguration="wsSecureBinding" name="wsService1" contract="WcfAuthTest.IService1" />
<endpoint address="mex" binding="mexHttpsBinding" bindingConfiguration="" name="MexHttpsBindingEndpoint" contract="IMetadataExchange" />
</service>
</services>
<serviceHostingEnvironment multipleSiteBindingsEnabled="true" />
The client config is:
<system.serviceModel>
<bindings>
<wsHttpBinding>
<binding name="wsTestBinding" closeTimeout="00:01:00" openTimeout="00:01:00"
receiveTimeout="00:10:00" sendTimeout="00:01:00" bypassProxyOnLocal="false"
transactionFlow="false" hostNameComparisonMode="StrongWildcard"
maxBufferPoolSize="524288" maxReceivedMessageSize="65536" messageEncoding="Text"
textEncoding="utf-8" useDefaultWebProxy="true" allowCookies="false">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
maxBytesPerRead="4096" maxNameTableCharCount="16384" />
<reliableSession ordered="true" inactivityTimeout="00:10:00"
enabled="false" />
<security mode="Transport">
<transport clientCredentialType="None" proxyCredentialType="None"
realm="" />
</security>
</binding>
</wsHttpBinding>
</bindings>
<client>
<endpoint address="https://<url>/WcfAuthTest/Service1.svc"
binding="wsHttpBinding" bindingConfiguration="wsTestBinding"
contract="ServiceReference1.IService1" name="wsTestBinding" />
</client>
Hi I know its been a while since you asked this question.
I am having similar problems with WCF and SSL and just thought you might resolve your problem by setting the property in the Service Behaviours httpsGetEnabled="true"
setting this property enabled me to get to the next stage of problems :)
At the end of your config you have:
<endpoint address="https://<url>/WcfAuthTest/Service1.svc"
binding="wsHttpBinding" bindingConfiguration="wsTestBinding"
contract="ServiceReference1.IService1" name="wsTestBinding" />
<url> looks like it starts but never ends.