WSHttpBinding binding, client authentication - wcf

i am new to wcf and using wshttpbinding ,but i want to remove the user name and password form the service client (which i have to pass),
my client code is
RServiceClient serviceClient = new RServiceClient();
serviceClient.ClientCredentials.Windows.ClientCredential.UserName = "UserName";
serviceClient.ClientCredentials.Windows.ClientCredential.Password = "Password";
i dont want to pass this username and password.
my client app.config is:
<binding name="WSHttpBinding_IRService"
closeTimeout="00:01:00"
openTimeout="00:01:00"
receiveTimeout="00:10:00"
sendTimeout="00:01:00"
bypassProxyOnLocal="false"
transactionFlow="false"
hostNameComparisonMode="StrongWildcard"
maxBufferPoolSize="524288"
maxReceivedMessageSize="65536"
messageEncoding="Text"
textEncoding="utf-8"
useDefaultWebProxy="true"
allowCookies="false">
<readerQuotas maxDepth="32"
maxStringContentLength="8192"
maxArrayLength="16384"
maxBytesPerRead="4096"
maxNameTableCharCount="16384" />
<reliableSession ordered="true"
inactivityTimeout="00:10:00"
enabled="false" />
<security mode="Message">
<transport clientCredentialType="Windows"
proxyCredentialType="None"
realm="" />
<message clientCredentialType="Windows"
negotiateServiceCredential="true"
algorithmSuite="Default" />
</security>
</binding>
rite now service is hosted in a web.
is there any change in service.config or client side app .config.
in my weak knowledge after googleing is that change should be the client side but i m unable to do that. :-(
note: my contract requires sessions too.
thanx in advance.

You need to change the web.config at the server side, your client web.config will be automatically updated after a refresh on the web reference.
If you do not want to use login/password, i can advice you to set up a mutual certificate authentication.
This approach is secure and interoperable with other WS stacks (eq. Java CXF, ...)
For Mutual Certification Authentication :
You will need a X.509 certificate to allow the client to be sure that the server is really who is pretend to be and an other X.509 certificate at the client-side.
Here an example of web.config, more informations at MSDN :
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<system.serviceModel>
<behaviors>
<serviceBehaviors>
<behavior name="serviceCredentialBehavior">
<serviceCredentials>
<serviceCertificate findValue="Contoso.com"
storeLocation="LocalMachine"
storeName="My"
x509FindType="FindBySubjectName" />
</serviceCredentials>
</behavior>
</serviceBehaviors>
</behaviors>
<services>
<service behaviorConfiguration="serviceCredentialBehavior"
name="ServiceModel.Calculator">
<endpoint address="http://localhost/Calculator"
binding="wsHttpBinding"
bindingConfiguration="InteropCertificateBinding"
name="WSHttpBinding_ICalculator"
contract="ServiceModel.ICalculator" />
</service>
</services>
<bindings>
<wsHttpBinding>
<binding name="InteropCertificateBinding">
<security mode="Message">
<message clientCredentialType="Certificate"
negotiateServiceCredential="false"
establishSecurityContext="false" />
</security>
</binding>
</wsHttpBinding>
</bindings>
<client />
</system.serviceModel>
</configuration>

Related

How to pass authentication to WCF service

I have web site configured in IIS. The default web site is the main web site and there is MVC application and WCF application configured under the default web site. Something like below
The default web site is using OpenID connect authentication using cookie authentication. So when user try to access any resource from default web site or its child applications he gets redirected to login page. This is working fine as expected.
Now i have requirement where MVC application needs to invoke an operation from WCF service on a button click. So i added a service reference into MVC application and configured binding as below
WCF Service Configuration
<system.serviceModel>
<extensions>
<behaviorExtensions>
<add name="silverlightFaults" type="Framework.Wcf.SilverlightFaultBehavior, Framework, Version=1.0.0.0, Culture=neutral, PublicKeyToken=b297de4b0f792ff8" />
</behaviorExtensions>
</extensions>
<services>
<service name="DocumentManagementService.DocumentManagementService" behaviorConfiguration="DocumentManagementServiceBehavior">
<endpoint name="BasicHttpEndPoint" binding="basicHttpBinding" contract="DocumentManagementService.Contracts.IDocumentManagement" bindingConfiguration="BasicHttpEndPoint" behaviorConfiguration="SilverlightFaultBehavior" />
</service>
</services>
<bindings>
<basicHttpBinding>
<binding name="BasicHttpEndPoint" closeTimeout="00:2:00" openTimeout="00:2:00" receiveTimeout="0:5:00" sendTimeout="00:5:00" allowCookies="false" bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard" maxBufferSize="104857600" maxBufferPoolSize="524288" maxReceivedMessageSize="104857600" messageEncoding="Text" textEncoding="utf-8" transferMode="Buffered" useDefaultWebProxy="true">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="104857600" maxBytesPerRead="4096" maxNameTableCharCount="16384" />
<security mode="Transport">
<transport clientCredentialType="None" proxyCredentialType="None" realm="" />
<message clientCredentialType="UserName" algorithmSuite="Default" />
</security>
</binding>
</basicHttpBinding>
</bindings>
<behaviors>
<serviceBehaviors>
<behavior name="DocumentManagementServiceBehavior">
<serviceMetadata httpGetEnabled="false" httpsGetEnabled="true"/>
<serviceDebug includeExceptionDetailInFaults="false" />
</behavior>
</serviceBehaviors>
<endpointBehaviors>
<behavior name="SilverlightFaultBehavior">
<silverlightFaults />
</behavior>
</endpointBehaviors>
</behaviors>
<serviceHostingEnvironment multipleSiteBindingsEnabled="true" aspNetCompatibilityEnabled="true" />
</system.serviceModel>
MVC Configuration ( this is client)
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="BasicHttpEndPoint" closeTimeout="00:2:00" openTimeout="00:2:00" receiveTimeout="0:5:00" sendTimeout="00:5:00" allowCookies="false" bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard" maxBufferSize="104857600" maxBufferPoolSize="524288" maxReceivedMessageSize="104857600" messageEncoding="Text" textEncoding="utf-8" transferMode="Buffered" useDefaultWebProxy="true">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="104857600" maxBytesPerRead="4096" maxNameTableCharCount="16384" />
<security mode="Transport">
<transport clientCredentialType="None" proxyCredentialType="None" realm="" />
<message clientCredentialType="UserName" algorithmSuite="Default" />
</security>
</binding>
</basicHttpBinding>
</bindings>
<client>
<endpoint address="https://XXXXX/DocumentManagementService/DocumentManagementService.svc"
binding="basicHttpBinding" bindingConfiguration="BasicHttpEndPoint"
contract="DMProxy.IDocumentManagement" name="BasicHttpEndPoint" />
</client>
</system.serviceModel>
However when i invoke the WCF Operation i get error
The HTTP request is unauthorized with client authentication scheme
'Anonymous'. The authentication header received from the server was
''.
Note that when user clicks on a button, at that time he is already been authenticated. I am not sure how that authentication will get passed to WCF application.
Update 1
IIS Authetication for Default Web Site
IIS Authetication for WCF
Update 2
I think* i need to add authentication cookie in Cookies and HttpHeader before i make WCF call. ?? Any idea how would i do that

The remote server returned an unexpected response: (400) Bad Request in WCF configuration

I have WCF hosted under website application at IIS. Below is service declarations in web.config
<system.serviceModel>
<services>
<service name="Emp.Depart.Handle">
<endpoint behaviorConfiguration="HandleBehavior" binding="basicHttpBinding"
bindingConfiguration="BasicHttpBinding_IHandle"
contract="Emp.Depart.IHandle" />
</service>
</services>
<behaviors>
<endpointBehaviors>
<behavior name="HandleBehavior">
<dataContractSerializer maxItemsInObjectGraph="2147483647" />
</behavior>
</endpointBehaviors>
<serviceBehaviors>
<behavior name="HandleBehaviors">
<dataContractSerializer maxItemsInObjectGraph="2147483647" />
<serviceMetadata httpGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
</behavior>
</serviceBehaviors>
</behaviors>
<bindings>
<basicHttpBinding>
<binding name="BasicHttpBinding_IHandle" closeTimeout="00:01:00"
openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00"
allowCookies="false" bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard"
maxBufferSize="2147483647" maxBufferPoolSize="2147483647" maxReceivedMessageSize="2147483647"
transferMode="Buffered" useDefaultWebProxy="true">
<readerQuotas maxDepth="2147483647" maxStringContentLength="2147483647"
maxArrayLength="2147483647" maxBytesPerRead="2147483647" maxNameTableCharCount="2147483647" />
<security mode="None">
<transport clientCredentialType="None" proxyCredentialType="None"
realm="" />
<message clientCredentialType="UserName" algorithmSuite="Default" />
</security>
</binding>
</basicHttpBinding>
</bindings>
</system.serviceModel>
Despite of the previous declarations i got the error :
WCF The remote server returned an unexpected response: (400) Bad Request
when trying to connect from client, cofig of client is as follows :
<basicHttpBinding>
<binding name="BasicHttpBinding_Ihl7" closeTimeout="00:01:00"
openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:05:00"
allowCookies="false" bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard"
maxBufferSize="2147483646" maxBufferPoolSize="2147483646" maxReceivedMessageSize="2147483646"
messageEncoding="Text" textEncoding="utf-8" transferMode="Buffered"
useDefaultWebProxy="true">
<readerQuotas maxDepth="2147483646" maxStringContentLength="2147483646" maxArrayLength="2147483646"
maxBytesPerRead="2147483646" maxNameTableCharCount="2147483646" />
<security mode="None">
<transport clientCredentialType="None" proxyCredentialType="None"
realm="" />
<message clientCredentialType="UserName" algorithmSuite="Default" />
</security>
</binding>
</basicHttpBinding>
I can't identify the cause of the problem, i searched and increased maxRecievedMessage but nothing happened.
Please advice.
not nice and also strange way, but removing the name of the configuration may work bases on: WCF service maxReceivedMessageSize basicHttpBinding issue
also these could be useful:
how to increase MaxReceivedMessageSize when calling a WCF from C#
http://msdn.microsoft.com/en-us/library/ee358768.aspx/

WCF wsHttpBinding Security Error

I have a WCF hosted in a Windows Service and running with user domain account.
All my clients (Console applicatio or Web Applications) in the domain work very well.
I have a console application that is not in the domain that does not work.
Herei is the error :
Exception non gérée : System.ServiceModel.Security.SecurityNegotiationException:
L'appelant n'a pas été authentifié par le service. ---> System.ServiceModel.Fau
ltException: The request for security token could not be satisfied because authe
ntication failed.
Here is the WCF Server config :
<wsHttpBinding>
<binding name="TransactionalBind" transactionFlow="true"/>
</wsHttpBinding>
[...]
<endpoint address="http://machine.domain.fr:1083/MyService/"
binding="wsHttpBinding"
bindingConfiguration="TransactionalBind"
contract="MyService.IMyService"/>
[...]
<behavior name="MyBahavior">
<serviceMetadata httpGetEnabled="True"/>
<serviceDebug includeExceptionDetailInFaults="True" />
<dataContractSerializer maxItemsInObjectGraph="2147483647" />
</behavior>
Here is my client config :
<wsHttpBinding>
<binding name="WSHttpBinding_IMyService" closeTimeout="00:01:00"
openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00"
bypassProxyOnLocal="false" transactionFlow="true" hostNameComparisonMode="StrongWildcard"
maxBufferPoolSize="524288" maxReceivedMessageSize="65536"
messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true"
allowCookies="false">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
maxBytesPerRead="4096" maxNameTableCharCount="16384" />
<reliableSession ordered="true" inactivityTimeout="00:10:00"
enabled="false" />
<security mode="Message">
<transport clientCredentialType="Windows" proxyCredentialType="None"
realm="" />
<message clientCredentialType="Windows" negotiateServiceCredential="true"
algorithmSuite="Default" />
</security>
</binding>
</wsHttpBinding>
[...]
<client>
<endpoint address="http://machine.domain.fr:1083/MyService/"
binding="wsHttpBinding" bindingConfiguration="WSHttpBinding_IMyService"
contract="wsArchi.IMyService" name="WSHttpBinding_IMyService">
</endpoint>
</client>
Can you help me please ?
Many Thanks
Try using BasicHttpBinding...
I was facing issues when i used WSHttpBinding....
BasicHttpBinding solved my problem.!!!

WCF charset=utf-8 of the response message does not match the content type of the binding (application/soap+xml; charset=utf-8)

I'm hosting a WCF service in IIS 7.5 using .NET 4.0. I also have a WPF application that I am using as my client that was built with Visual Studio 2010 and .NET 4.0. I added my service reference and when I attempt to call a function, I get the following exception
The content type application/xml; charset=utf-8 of the response message does not match the content type of the binding (application/soap+xml; charset=utf-8)
I am able to navigate to the service in a web browser and my bindings appear to be the same between the client and service (WsHttp bindings).
I know there are alot of google results about this error but none of them seemed to be relevant/help my specific problem. I tried installing Non-HTTP Activation features as well as a wide variety of other small tricks. Anybody be able to help? Thanks
edit, here are my configs (they are quite lengthy)
Client
<?xml version="1.0"?>
<configuration>
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="ContentSoap"
closeTimeout="00:01:00" openTimeout="00:01:00"
receiveTimeout="00:10:00" sendTimeout="00:01:00" allowCookies="false"
bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard"
maxBufferSize="2147483647" maxBufferPoolSize="2147483647"
maxReceivedMessageSize="2147483647"
messageEncoding="Text" textEncoding="utf-8" transferMode="Buffered"
useDefaultWebProxy="true">
<readerQuotas maxDepth="32" maxStringContentLength="8192"
maxArrayLength="2147483647"
maxBytesPerRead="4096" maxNameTableCharCount="16384" />
<security mode="None">
<transport clientCredentialType="None" proxyCredentialType="None"
realm="" />
<message clientCredentialType="UserName" algorithmSuite="Default" />
</security>
</binding>
<binding name="OrderSoap"
closeTimeout="00:01:00" openTimeout="00:01:00"
receiveTimeout="00:10:00" sendTimeout="00:01:00" allowCookies="false"
bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard"
maxBufferSize="65536" maxBufferPoolSize="524288"
maxReceivedMessageSize="65536"
messageEncoding="Text" textEncoding="utf-8" transferMode="Buffered"
useDefaultWebProxy="true">
<readerQuotas maxDepth="32" maxStringContentLength="8192"
maxArrayLength="16384" maxBytesPerRead="4096"
maxNameTableCharCount="16384" />
<security mode="None">
<transport clientCredentialType="None" proxyCredentialType="None"
realm="" />
<message clientCredentialType="UserName" algorithmSuite="Default" />
</security>
</binding>
</basicHttpBinding>
<netTcpBinding>
<binding name="NetTcpBindingEndpoint" closeTimeout="00:01:00"
openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00"
transactionFlow="false" transferMode="Buffered"
transactionProtocol="OleTransactions"
hostNameComparisonMode="StrongWildcard" listenBacklog="10"
maxBufferPoolSize="2147000000" maxBufferSize="65536" maxConnections="10"
maxReceivedMessageSize="2147000000">
<readerQuotas maxDepth="32" maxStringContentLength="8192"
maxArrayLength="2147000000" maxBytesPerRead="4096"
maxNameTableCharCount="16384" />
<reliableSession ordered="true" inactivityTimeout="00:01:00"
enabled="true" />
<security mode="None">
<transport clientCredentialType="Windows"
protectionLevel="EncryptAndSign" />
<message clientCredentialType="Windows" />
</security>
</binding>
</netTcpBinding>
<wsHttpBinding>
<binding name="WSHttpBinding_IInmateCanteenServiceWeb"
closeTimeout="00:01:00" openTimeout="00:01:00"
receiveTimeout="00:10:00" sendTimeout="00:01:00"
bypassProxyOnLocal="false" transactionFlow="false"
hostNameComparisonMode="StrongWildcard"
maxBufferPoolSize="2147483647" maxReceivedMessageSize="2147483647"
messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true"
allowCookies="false">
<readerQuotas maxDepth="32" maxStringContentLength="8192"
maxArrayLength="16384" maxBytesPerRead="4096"
maxNameTableCharCount="16384" />
<reliableSession ordered="true" inactivityTimeout="00:10:00"
enabled="false" />
<security mode="Transport">
<transport clientCredentialType="None" proxyCredentialType="None"
realm="" />
</security>
</binding>
</wsHttpBinding>
</bindings>
<client>
<endpoint name="ContentSoap"
address="http://media.team.twvending.net/storeservices/content.asmx"
binding="basicHttpBinding" bindingConfiguration="ContentSoap"
contract="MediaPortContent.ContentSoap" />
<endpoint name="OrderSoap"
address="http://media.team.twvending.net/storeservices/order.asmx"
binding="basicHttpBinding" bindingConfiguration="OrderSoap"
contract="MediaPortOrder.OrderSoap" />
<endpoint name="NetTcpBindingEndpoint"
address="..."
binding="netTcpBinding" bindingConfiguration="NetTcpBindingEndpoint"
contract="WebCallBack.ICallbackService" />
<endpoint name="WSHttpBinding_IInmateCanteenServiceWeb"
address="..."
binding="wsHttpBinding"
bindingConfiguration="WSHttpBinding_IInmateCanteenServiceWeb"
contract="InmateCanteenWeb.IInmateCanteenServiceWeb" />
<endpoint name="WSHttpBinding_ICommAccountingBinding"
address="..."
binding="wsHttpBinding"
bindingConfiguration="WSHttpBinding_IInmateCanteenServiceWeb"
contract="CommAccountingWeb.ICommAccountingWeb" />
</client>
</system.serviceModel>
and Server
<system.serviceModel>
<behaviors>
<endpointBehaviors>
<behavior name="httpBehavior">
<!--<webHttp />-->
</behavior>
</endpointBehaviors>
<serviceBehaviors>
<behavior name="ServiceBehavior">
<serviceCredentials>
<clientCertificate>
<authentication revocationMode="NoCheck" />
</clientCertificate>
<serviceCertificate findValue="CN=secure.inmatecanteen.com" />
</serviceCredentials>
<serviceMetadata httpsGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
</behavior>
<behavior name="MexBehavior">
<serviceMetadata httpsGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
</behavior>
<behavior name="HttpMexBehavior">
<serviceMetadata httpsGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
</behavior>
<behavior name="BasicHttpMexBehavior">
<serviceMetadata httpGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
</behavior>
<behavior name="">
<serviceMetadata httpsGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
</behavior>
</serviceBehaviors>
</behaviors>
<serviceHostingEnvironment aspNetCompatibilityEnabled="false"
multipleSiteBindingsEnabled="true" />
<bindings>
<wsHttpBinding>
<binding name="myWsHttpBinding" maxBufferPoolSize="2147483647"
maxReceivedMessageSize="2147483647" messageEncoding="Text">
<readerQuotas maxDepth="32" maxStringContentLength="2147483647"
maxArrayLength="2147483647" maxBytesPerRead="2147483647"
maxNameTableCharCount="2147483647" />
<security mode="Transport">
<transport clientCredentialType="None" />
</security>
</binding>
</wsHttpBinding>
<webHttpBinding>
<binding name="myWebHttpBinding">
<security mode="Transport">
<transport clientCredentialType="None" proxyCredentialType="None"
realm="" />
</security>
</binding>
</webHttpBinding>
<basicHttpBinding>
<binding name="myBasicHttpBinding" maxBufferPoolSize="2147483647"
maxReceivedMessageSize="2147483647">
<readerQuotas maxDepth="32" maxStringContentLength="2147483647"
maxArrayLength="2147483647" maxBytesPerRead="2147483647"
maxNameTableCharCount="2147483647" />
</binding>
</basicHttpBinding>
</bindings>
<services>
<service name="CommAccountingWeb.CommAccountingWeb"
behaviorConfiguration="HttpMexBehavior">
<endpoint
address=""
behaviorConfiguration="httpBehavior"
binding="webHttpBinding" bindingConfiguration="myWebHttpBinding"
contract="CommAccountingWeb.ICommAccountingWeb" />
<endpoint
address="mex"
binding="mexHttpsBinding"
contract="IMetadataExchange" />
<host>
<baseAddresses>
<add baseAddress="..."></add>
</baseAddresses>
</host>
</service>
<service name="CommAccountingWeb.CommAccountingBasic"
behaviorConfiguration="BasicHttpMexBehavior">
<endpoint
address=""
binding="basicHttpBinding"
bindingConfiguration="myBasicHttpBinding"
contract="CommAccountingWeb.ICommAccountingBasic" />
<endpoint
address="mex"
binding="mexHttpBinding"
contract="IMetadataExchange" />
<host>
<baseAddresses>
<add baseAddress="..." />
</baseAddresses>
</host>
</service>
</services>
</system.serviceModel>
As I suspected - your client-side config looks like this:
<endpoint name="WSHttpBinding_ICommAccountingBinding"
address="https://secure.inmatecanteen.com/CommAccountingService/CommAccountingWeb.svc"
binding="wsHttpBinding"
bindingConfiguration="WSHttpBinding_IInmateCanteenServiceWeb"
contract="CommAccountingWeb.ICommAccountingWeb" />
It expects wsHttpBinding - but the server-side address it's connecting to is:
<service name="CommAccountingWeb.CommAccountingWeb"
behaviorConfiguration="HttpMexBehavior">
<endpoint
address=""
behaviorConfiguration="httpBehavior"
binding="webHttpBinding" bindingConfiguration="myWebHttpBinding"
contract="CommAccountingWeb.ICommAccountingWeb" />
<host>
<baseAddresses>
<add baseAddress="https://secure.inmatecanteen.com/CommAccountingService/CommAccountingWeb.svc"></add>
</baseAddresses>
</host>
</service>
and this server endpoint uses webHttpBinding.
So while the client expects a SOAP XML message (content type: application/soap+xml; charset=utf-8), the server-side endpoint is a REST endpoint which returns plain XML (content type: application/xml; charset=utf-8)
Solution: you need to make sure both the client and the server endpoint used are in sync with regards to bindings and configuration!
As Steven Westbrook says in a comment on this answer:
Add ?wsdl to your client's endpoint address, and you should have more luck with the service. ?wsdl is important - it means the browser is just getting "Web Services Description Language" for the service, and not calling the service.
I had the same issue and adding ?wsdl solved my headache.
I came across a similar error while creating a client service to one of the existing server side WebService. I could rectify it using SOAP 1.1 transport protocol on the client. Somehow soap 1.2 is giving/expecting a different format. This trace back to the difference between BasicHttpBinding vs WebHttpBinding vs WsHttpBinding.
I got this problem after I added a method that returned a collection of instances of a base class that didn't have a [KnownType] attribute that would resolve to a concrete instance.
With the [KnownType] attribute in place the problem disappeared.
[ServiceContract]
public interface IService {
[OperationContract]
IEnumerable<ItemBase> GetItems();
}
[DataContract]
// [KnownType(typeof(RealItemA))] <--- without these attributes you will get a problem
// [KnownType(typeof(RealItemB))]
public class ItemBase {
}
[DataContract]
public class RealItemA : ItemBase {
}
[DataContract]
public class RealItemB : ITemBase {
}
in my case same error was caused by missing
[datacontract]
[datamember]
attributes in returned data type.
Error message was really misleading.
In my case a specific service was using SOAP 1.1 instead of the usual 1.2.
I had to change the binding from this:
<system.serviceModel>
<bindings>
<customBinding>
<binding name="ServiceSoapBinding">
<textMessageEncoding messageVersion="Soap12"/>
</binding>
</customBinding>
</bindings>
</system.serviceModel>
To this:
<system.serviceModel>
<bindings>
<customBinding>
<binding name="ServiceSoapBinding">
<textMessageEncoding messageVersion="Soap11"/>
</binding>
</customBinding>
</bindings>
</system.serviceModel>

WCF Authentication: Custom Username and Password Validator asp.net

is it necessary to create a service certificate to use custom username and password authentication? I want to authenticate my WCF service with custom username and password.
My Service web.config is as follows:
<system.serviceModel>
<bindings>
<wsHttpBinding>`enter code here`
<binding name="NewBinding0">
<security mode="Message">
<transport clientCredentialType="Basic" />
<message clientCredentialType="UserName" />
</security>
</binding>
</wsHttpBinding>
</bindings>
<services>
<service behaviorConfiguration="WcfTest.Service1Behavior" name="WcfTest.TestService">
<endpoint address="" binding="wsHttpBinding" contract="WcfTest.ITestService" />
<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" />
</service>
</services>
<behaviors>
<endpointBehaviors>
<behavior name="NewBehavior" />
</endpointBehaviors>
<serviceBehaviors>
<behavior name="WcfTest.Service1Behavior">
<serviceMetadata httpGetEnabled="false" />
<serviceDebug includeExceptionDetailInFaults="false" />
<serviceCredentials>
<!-- Use our own custom validation -->
<userNameAuthentication userNamePasswordValidationMode="Custom"
customUserNamePasswordValidatorType="MyValidator,WcfTest"/>
</serviceCredentials>
</behavior>
</serviceBehaviors>
</behaviors>
</system.serviceModel>
and Client Web.config is:
<system.serviceModel>
<bindings>
<wsHttpBinding>
<binding name="WSHttpBinding_ITestService" closeTimeout="00:01:00"
openTimeout="00:01:00" receiveTimeout="00:10:00"
sendTimeout="00:01:00" bypassProxyOnLocal="false"
transactionFlow="false" hostNameComparisonMode="StrongWildcard"
maxBufferPoolSize="524288" maxReceivedMessageSize="65536"
messageEncoding="Text" textEncoding="utf-8"
useDefaultWebProxy="true" allowCookies="false">
<readerQuotas maxDepth="32" maxStringContentLength="8192"
maxArrayLength="16384" maxBytesPerRead="4096"
maxNameTableCharCount="16384" />
<reliableSession ordered="true" inactivityTimeout="00:10:00"
enabled="false" />
<security mode="Message">
<transport clientCredentialType="Windows" proxyCredentialType="None"
realm="" />
<message clientCredentialType="UserName"
negotiateServiceCredential="true"
algorithmSuite="Default"
establishSecurityContext="true" />
</security>
</binding>
</wsHttpBinding>
</bindings>
<client>
<endpoint address="http://localhost:2374/Service1.svc" binding="wsHttpBinding"
bindingConfiguration="WSHttpBinding_ITestService"
contract="ServiceReference1.ITestService"
name="WSHttpBinding_ITestService">
<identity>
<userPrincipalName value="NYSA31\abc" />
</identity>
</endpoint>
</client>
</system.serviceModel>
But i am getting following error accessing the service.
WsHttpBinding demands service certificate. WCF 4 (and older versions with special KB) allows exposing service authenticated with UserName and password without certificate but do you really want it? It means that user name and password will go in the plain text over the wire = no security because anybody who will capture the packet will be able to authenticate with stolen credentials.
To use user name password without certificate you need custom binding or you can use ClearUserNameBinding.