Im trying to setup my config for my WCF service correctly.
On our web server we are going to have a Service that is both accessible to Extenal internet users and Internal users.
to access the site externally you will go to http://services.ourdomain.com
to access the site internally you will go to http://servername:9090
I'd like to configure how the users are authenticated. so for external i will use a usernamevalidator and internal for now just have no authentication, but this may change in future.
how can i setup my config file that when access to the service is coming externally it will use the customvalidator but for internal it will just use regular basicHttpBinding?
Try something like this in your service config:
<services>
<service name = "MyService">
<endpoint address = "http://services.ourdomain.com" binding = "customBinding"/>
<endpoint address = "http://servername:9090" binding = "basicBinding"/>
</service>
</services>
<bindings>
<binding name = "basicBinding">
<security mode = "None"/>
</binding>
<binding name = "customBinding">
<security mode = "Message">
<message clientCredentialType="UserName">
</security>
</binding>
</bindings>
Related
I have a silverlight application with wcf service self hosted in it.When I publish the the application with service on iis7 on windows server 2008,I cant see any data from service in my application(Service is not getting called).While debugging application I can see the data coming from servcie(sql server table data).Also when I publish the same application on my local system i.e. IIS-7 on windows7,I am able to access the service and data,on any system in network as well as on system where it is published.
I have made all the possible setting on iis7 which I found and also url for service is correct everywhere(dynamically generated),as I have published it successfully on iis 7 in windows 7 ,only the application is not accessing wcf when published on iis in windows server.
Also I have gone through all posts available here,but found no exact solution.
Settings for iis 7 and wcf i have done are
-aspnet_iisreg.exe(installed)
-all required setting in windows features turn on and off.
-on iis,all permissions are set for required user.
-Setting are done in mime type and handler mapping.
-I can browse successfully the wcf service with no error,and the same url is used while calling service from application.
Here is a piece of my code,where I am generating service endpoint url dynamically.
Try
busyIndicator.IsBusy = True
mService.Endpoint.Address = New EndpointAddress(DynamicEndpointHelper.ResolveEndpointUrl(mService.Endpoint.Address.Uri.ToString(),
App.Current.Host.Source.ToString()))
mService.GetProjectNamesAsync()
Catch ex As Exception
MessageBox.Show(ex.Message)
End Try
End Sub
Public Class DynamicEndpointHelper
' Put the development server site URL including the trailing slash
' This should be same as what's set in the Dropthings web project's
' ' properties as the URL of the site in development server
Private Const BaseUrl As String = "http://localhost:1632/"
Public Shared Function ResolveEndpointUrl(endpointUrl As String, xapPath As String) As String
Dim baseUrl__1 As String = xapPath.Substring(0, xapPath.IndexOf("ClientBin"))
Dim relativeEndpointUrl As String = endpointUrl.Substring(BaseUrl.Length)
Dim dynamicEndpointUrl As String = baseUrl__1 & relativeEndpointUrl
Return dynamicEndpointUrl
End Function
End Class
web.config part:
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="testing.Web.Service1.basicHttpBinding" >
<security mode="Transport">
<transport clientCredentialType="Windows" />
</security>
</binding>
</basicHttpBinding>
</bindings>
<services>
<service name="testing.Web.Service1">
<endpoint address="" binding="basicHttpBinding" contract="testing.Web.Service1" />
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="">
<serviceMetadata httpGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="false" />
</behavior>
</serviceBehaviors>
</behaviors>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true"
multipleSiteBindingsEnabled="true" />
</system.serviceModel>
ServiceReference.ClientConfig part
<configuration>
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="BasicHttpBinding_Service1" maxBufferSize="2147483647"
maxReceivedMessageSize="2147483647">
<security mode="None" />
</binding>
</basicHttpBinding>
</bindings>
<client>
<endpoint address="http://localhost:1632/Service1.svc" binding="basicHttpBinding"
bindingConfiguration="BasicHttpBinding_Service1" contract="sr_service1.Service1"
name="BasicHttpBinding_Service1" />
</client>
</system.serviceModel>
</configuration>
The endpoint address the sivlerlight application is trying to call is defined in the ServiceReference.clientconfig as: http://localhost:1632/Service1.svc. I assume that is not the actual deployed address you want to use. See this article for how to dynamically assign the service endpoint address.
My computer have a proxy server defined globally (in internet options configuration).
I have a .Net 4 application that use a WCF client to a remote host. The client code has been generated by VS add service reference dialog. As my proxy can't reach the host, each call ends with a communication exception.
How can I set up my client configuration to not use the default proxy ?
You can tell WCF not to use the default proxy by setting the BasicHttpBinding.UseDefaultWebProxy to false:
<client>
<endpoint address="http://server/myservice"
binding="basicHttpBinding"
contract="IMyService" />
</client>
<bindings>
<basicHttpBinding>
<binding useDefaultWebProxy="false" />
</basicHttpBinding>
</bindings>
In your Binding configuration, set useDefaultWebProxy=false
I have a WCF service with following configuration:
<service behaviorConfiguration="MyServiceBehavior" name="Service1">
<endpoint address=""
binding="wsHttpBinding" bindingConfiguration="MembershipBinding"
name="ASPmemberUserName" contract="TestWcfService.IService1" />
</service>
.
.
.
.
.
<wsHttpBinding>
<binding name="MembershipBinding">
<security mode="Message">
<message clientCredentialType="UserName" />
</security>
</binding>
</wsHttpBinding>
I want to pass the username to the service proxy on client and retrieve it on the server side. I use bellow code to pass the user name to the proxy class:
Service1Client sc = new Service1Client();
sc.ClientCredentials.UserName.UserName = HttpContext.Current.User.Identity.Name;
When I try to retrieve the username on the server, the ServiceSecurityContext.Current returns null. Any ideas why it acts like this?
The problem was caused by certificate settings. Below link helped solve the issue:
A simple WCF service with username password authentication: the things they don’t tell you
current setup:
- i have got a WCF service with wsHttpBding, see the service config below
- i have implemented a ServiceHostFactory to solve the problem of incorrect schema location and soap addresses, modifying them from machine name to the correct server hostname
- my test client (WCFStorm) i can generate a proxy, see all the methods and invoke them successfully.
- my dev environment (client-> HTTPS -> service) works perfectly.
problems:
- prod environment (client -> HTTPS -> F5 -> HTTP -> service)
- my service is behind F5 load balancer which offloads SSL
- my test client (WCFStorm) i can generate a proxy and see all the methods but when i invoke any of the methods i get a remote server not found 404 error
my service config:
<services>
<service behaviorConfiguration="Service1Behavior"
name="MyService">
<endpoint name="secure" address="" binding="wsHttpBinding" bindingConfiguration="custBinding" contract="IService"/>
<endpoint address="mex" binding="mexHttpsBinding" contract="IMetadataExchange" />
</service>
</services>
<bindings>
<wsHttpBinding>
<binding name="custBinding">
<security mode="Transport">
<transport clientCredentialType="None" />
<message clientCredentialType="None" negotiateServiceCredential="false"
establishSecurityContext="false" />
</security>
</binding>
</wsHttpBinding>
</bindings>
<behaviors>
<serviceBehaviors>
<behavior name="Service1Behavior">
<serviceMetadata httpsGetEnabled="true" httpGetEnabled="true" httpGetUrl="http://myserver/MyService.svc"/>
<serviceDebug includeExceptionDetailInFaults="true"/>
<dataContractSerializer maxItemsInObjectGraph="6553600" />
</behavior>
</serviceBehaviors>
</behaviors>
please note that all my schema locations and soap addresses on the wsdl are correct in prod, but i simply cannot invoke any methods.
please help.
We have a similar situation and here's how we got it working.
in the service - we changed the binding to use basicHttpBinding and added a key that must be passed with every request.
in the client - we changed the http in the config to https and in the basicHttpBindings config changed the security mode to Transport with clientCredentialType="None".
Hope this helps.
UPDATE: I found this article soon after and I updated the configuration and it worked. So now we are using wsHttpBinding instead of basicHttpBinding.
http://blogs.msdn.com/b/morgan/archive/2010/04/15/setting-up-wcf-with-a-load-balancer-using-ssl-in-the-middle.aspx
The problem with your service config is that the security mode is Transport, where in reality it should be None. Because any calls to your service will be HTTP behind F5 load balancer, you can not use Transport security mode there (client -> HTTPS -> F5 -> HTTP -> service). However, when calling the service from your client, the client config will need to be Transport security mode and the endpoint address will need to have an HTTPS address.
<wsHttpBinding>
<binding name="custBinding">
<security mode="None">
<transport clientCredentialType="None" />
<message clientCredentialType="None" negotiateServiceCredential="false" establishSecurityContext="false" />
</security>
</binding>
</wsHttpBinding>
This might be a little late for you, but here is how we do it. Once I have generated the proxy, I just change the http: in the config to https. Now, if I have to sometimes call it with ssl, and othertimes without, I will copy the config section, and give the copy a different name, and then when you construct the client, you can pass in the config name, and it will pick up the correct one.
We couldn't get this working through Layer 7 load balancing - there was various error messages returned from the service. Instead it's set up on Layer 4 load balancing with no issues.
We have a windows service that we are trying to use as WCF host for a WPF application. It works fine in development but when we have tried to move to our production environment we have had nothing but problems. From reading posts from others, we figured out how to turn on WCF logging and this was a big help. It turned out that our security bindings on the service and the client did not match. We set them both to use windows security but still no luck now we are trying to set the security mode to 'None' but it still is not working. Here is the bindings section of our service config file:
<system.serviceModel>
<bindings>
<netTcpBinding>
<binding name="netTcp">
<security mode='None'>
</security>
</binding>
</netTcpBinding >
</bindings>
<services>
<service name="CompanyService">
<endpoint
address= "our.url.com/CompanyService"
binding="netTcpBinding"
contract="CompanyServices.ICompanyService" />
</service>
</services>
</system.serviceModel>
Here is the serviceModel section of our client app config:
<system.serviceModel>
<bindings>
<netTcpBinding>
<binding name="NetTcpBinding_Config" >
<security mode="None">
</security>
</binding>
</netTcpBinding>
</bindings>
<client>
<endpoint address="our.url.com/CompanyService" binding="netTcpBinding" bindingConfiguration="NetTcpBinding_Config" contract="CompanyServiceProxy.ICompanyService" name="NetTcpBinding_ICompanyService" />
</client>
</system.serviceModel>
If I need to supply additional infor please tell me what I need to supply.
Thanks
Standard net.tcp binding uses Windows credentials by default, and those really require client and service to be in the same Windows domain. Is this the case here??
OK, sorry, you mentioned security=None (your listings weren't properly formatted so I only saw a fraction of the actual config).
I guess your problem really lies in the addresses used:
address= "our.url.com/CompanyService"
When using net.tcp binding, you have to specify that before the address, so change this on both the client and the server to:
address= "net.tcp://our.url.com/CompanyService"
Also, what I don't quite understand is your title: it mentions "streaming" - have you specified streaming mode anywhere? In your config or your service contracts?
Marc