I am having hard time converting a BasicHttpBinding to custom binding. Specifically I need to convert the security element-
<basicHttpBinding>
<binding name="MySecureBasicHttpBinding">
<security mode="TransportWithMessageCredential">
<transport clientCredentialType="None" proxyCredentialType="None" />
<message clientCredentialType="UserName" algorithmSuite="Default" />
</security>
</binding>
</basicHttpBinding>
Can anyone help write the same in custom binding?
Please also refer to post\doc, from where I can find out the correspondence between the security mode & values as in basicHttpBinding and those in custom bindings.
Thanks
Try this:
<customBinding>
<binding name="UsernamePasswordOverHttps">
<security
authenticationMode="UserNameOverTransport"
messageSecurityVersion="WSSecurity10WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10" />
<textMessageEncoding messageVersion="Soap11" />
<httpsTransport />
</binding>
</customBinding>
Related
I have a WCF Service with netTcpBinding and I want to add GZip compression to it.
Here is my current binding:
<netTcpBinding>
<binding>
<security mode="TransportWithMessageCredential">
<message clientCredentialType="UserName" />
</security>
</binding>
</netTcpBinding>
But to add GZip Compression, I need to convert it to a customBinding.
So I think the new binding must looks like this:
<customBinding>
<binding>
<security ??? />
<binaryMessageEncoding compressionFormat="GZip" />
<tcpTransport />
</binding>
</customBinding>
How can I achieve mode="TransportWithMessageCredential" and clientCredentialType="UserName" of netTcpBinding in customBinding?
i'm using message security with a certificate authentication
<basicHttpBinding>
<binding name ="customBinding">
<security mode="Message">
<message clientCredentialType="Certificate"/>
</security>
</binding>
</basicHttpBinding>
i'm trying to log client user name, when i do this:
ServiceSecurityContext.Current.WindowsIdentity.Name
i get null. how can i retrieve the client's user name while using this security mode?
<basicHttpBinding>
<binding name="BasicHttpEndpointBinding">
<security mode="TransportCredentialOnly">
<transport clientCredentialType="Windows" />
</security>
</binding>
</basicHttpBinding>
ServiceSecurityContext Class uses windows authentication
I have nothing to test, but may you can try mix transport-Window with message-Certificat. I'm really not sure, if this is possible.
<basicHttpBinding>
<binding name ="customBinding">
<security mode="Message">
<message clientCredentialType="Certificate" />
<transport clientCredentialType="Windows"/>
</security>
</binding>
</basicHttpBinding>
and for your web.config:
<system.web><authentication mode="Windows"/></system.web>
For Reference:
message-Windows https://learn.microsoft.com/en-us/dotnet/framework/wcf/feature-details/message-security-with-a-windows-client
message-Certificate https://learn.microsoft.com/en-us/dotnet/framework/wcf/feature-details/message-security-with-a-certificate-client
I got in my binding the username from the client with basicHttpBinding with Transport-Security (ssl):
<security mode="Transport">
<transport clientCredentialType="Windows"/>
</security>
and without ssl:
<security mode="TransportCredentialOnly">
<transport clientCredentialType="Windows"/>
</security>
Be sure, IIS is configured with Authentication - WindowsAuthentication Enabled.
Hope this helps someone who is dealing with this.
I've been given a wsdl for a service which VS2010 generated the following binding as part of it's configuration.
<bindings>
<basicHttpBinding>
<binding name="NotificationHttpBinding">
<security mode="Transport">
<transport clientCredentialType="None" proxyCredentialType="None" realm="" />
<message clientCredentialType="UserName" algorithmSuite="Default" />
</security>
</binding>
</basicHttpBinding>
</bindings>
I'm a little confused as what the message node will do given the mode is set to Transport?
Nothing. This will not be used at all. It is safe to remove it.
In our WCF application I am trying to configure reliable sessions.
Service:
<wsHttpBinding>
<binding name="BindingStabiHTTP" maxBufferPoolSize="524288"
maxReceivedMessageSize="2097152"
messageEncoding="Text">
<reliableSession enabled="true" ordered="true"
inactivityTimeout="00:10:00"/>
<readerQuotas maxDepth="0" maxStringContentLength="0"
maxArrayLength="0" maxBytesPerRead="0"
maxNameTableCharCount="0" />
</binding>
</wsHttpBinding>
Client:
<wsHttpBinding>
<binding name="BindingClientWsHttpStandard" closeTimeout="00:01:00"
openTimeout="00:01:00" receiveTimeout="00:10:00"
sendTimeout="00:01:00" bypassProxyOnLocal="false"
transactionFlow="false" hostNameComparisonMode="StrongWildcard"
maxBufferPoolSize="524288" maxReceivedMessageSize="65536"
messageEncoding="Text" textEncoding="utf-8"
useDefaultWebProxy="true" allowCookies="false">
<readerQuotas maxDepth="32" maxStringContentLength="8192"
maxArrayLength="16384" maxBytesPerRead="4096"
maxNameTableCharCount="16384" />
<reliableSession ordered="true" inactivityTimeout="00:10:00"
enabled="true" />
<security mode="Message">
<transport clientCredentialType="Windows" proxyCredentialType="None"
realm="" />
<message clientCredentialType="Windows"
negotiateServiceCredential="true"
algorithmSuite="Default" establishSecurityContext="true" />
</security>
</binding>
Unfortunately I get an error which is as follows:
No signature message parts were specified for messages with the 'http://schemas.xmlsoap.org/ws/2005/02/rm/CreateSequence' action.
If I disable the reliableSession on the client I get this message:
The action is not supported by this endpoint. Only WS-ReliableMessaging February 2005 messages are processed by this endpoint.
So it seems that the server is configured correctly for RM.
I cannot find anything valuable about the error I get so I don't know how to fix this. Any ideas what can be wrong?
Thank in advance,
Rob
After starting a new test project that worked fine with RM I finally found the problem by comparing the configuration files. It appeared that our service configuration did not specify the correct binding configuration:
<service behaviorConfiguration="somebehavior"
name="somename">
<endpoint address="" binding="wsHttpBinding"
bindingConfiguration="SomeBinding"
name="http"
contract="somecontract" />
<endpoint address="mex"
binding="mexHttpBinding"
bindingConfiguration=""
name="mex"
contract="IMetadataExchange" />
<host>
<baseAddresses>
<add baseAddress="http://localhost:8731/Design_Time_Addresses/somelibrary/someservice/" />
</baseAddresses>
</host>
</service>
This bindingConfiguration was empty. It then takes the default wsHttpBinding which is something different then the one specified (even if there is only 1).
I think the security settings for client and server don't match.
The client has:
<security mode="Message">
<transport clientCredentialType="Windows"
proxyCredentialType="None" realm="" />
<message clientCredentialType="Windows" negotiateServiceCredential="true"
algorithmSuite="Default" establishSecurityContext="true" />
</security>
and the server has nothing at all.....
Can you try to have the same settings for both client and server? Does it work then??
I am new at WCF programming model and I want to use netTcpBinding. Before I ask my question below this is my custom binding :
<customBinding>
<binding name="basic">
<security authenticationMode="UserNameForCertificate"/>
<binaryMessageEncoding/>
<httpsTransport/>
</binding>
</customBinding>
When I create a service reference using a simple console application it finds a certificate and ask me to use it. And this way I can use the webservice ...
But when I change binding to netTcpBinding with TransportWithMessageCredential the service is looking for certificate and could not find it like this :
<netTcpBinding>
<binding name ="sdfsd">
<security mode="TransportWithMessageCredential">
<message clientCredentialType="UserName"/>
<transport clientCredentialType="None"/>
</security>
</binding>
</netTcpBinding>
ServiceCertificate.SetCertificate(StoreLocation.LocalMachine, StoreName.My, X509FindType.FindByIssuerName, "Contoso.com").
At this point I use a CustomNameValidator and I do it programmatically.
So when I use netTcpBinding with TransportWithMessageCredential, why does the call to SetCertificate not find the installed certificate? Am I missing something ? Or do I have to add something?
ok guys...sorry but some of the message is miising ...
my custom binding is
customBinding
<customBinding>
<binding name="basic">
<security authenticationMode="UserNameForCertificate"/>
<binaryMessageEncoding/>
<httpsTransport/>
</binding>
</customBinding>
and netTcpBing that i tried to convert is :
<netTcpBinding>
<binding name ="sdfsd">
<security mode="TransportWithMessageCredential">
<message clientCredentialType="UserName"/>
<transport clientCredentialType="None"/>
</security>
</binding>
</netTcpBinding>