I have a WCF service with following configuration:
<service behaviorConfiguration="MyServiceBehavior" name="Service1">
<endpoint address=""
binding="wsHttpBinding" bindingConfiguration="MembershipBinding"
name="ASPmemberUserName" contract="TestWcfService.IService1" />
</service>
.
.
.
.
.
<wsHttpBinding>
<binding name="MembershipBinding">
<security mode="Message">
<message clientCredentialType="UserName" />
</security>
</binding>
</wsHttpBinding>
I want to pass the username to the service proxy on client and retrieve it on the server side. I use bellow code to pass the user name to the proxy class:
Service1Client sc = new Service1Client();
sc.ClientCredentials.UserName.UserName = HttpContext.Current.User.Identity.Name;
When I try to retrieve the username on the server, the ServiceSecurityContext.Current returns null. Any ideas why it acts like this?
The problem was caused by certificate settings. Below link helped solve the issue:
A simple WCF service with username password authentication: the things they don’t tell you
Related
I keep getting the above error when my client program tries to call my WCF service method. It is passing credentials via ClientCredential.UserName.
I am not able to figure out what's happening here and all the posts related to this kind of issue are not solving this problem.
Mine is a shared hosting Environment on Godaddy server where my WCF service is hosted.
Configuration is as follows:
<endpoint
name="wsBinding"
address=""
binding="wsHttpBinding"
contract="ServiceLib.IBooking"
bindingConfiguration="myWSSettings"/>
<bindings>
<wsHttpBinding>
<binding name="myWSSettings">
<security mode="Transport">
<message clientCredentialType="UserName" />
</security>
</binding>
</wsHttpBinding>
</bindings>
Would really appreciate any help.
Thanks
Sandeep
I need to authenticate a WCF service using windows authentication. I have used the bellow configurations
End Points at server
<endpoint binding="basicHttpBinding" bindingConfiguration="Secured" contract="TestWCFSecurity.IService1" address="" />
<endpoint address="mex" binding="basicHttpBinding" contract="IMetadataExchange" bindingConfiguration="Secured" />
Binding Configurations
<bindings>
<basicHttpBinding>
<binding name="Secured">
<security mode="Transport">
<transport clientCredentialType="Windows" proxyCredentialType="Windows" />
</security>
</binding>
</basicHttpBinding>
</Bindings>
While I generate the proxy for the client side, I get the following endpoint
<client>
<endpoint address="https://FQNoftheSystem/TestWCF/Service1.svc"
binding="basicHttpBinding" bindingConfiguration="BasicHttpBinding_IService1"
contract="IService1" name="BasicHttpBinding_IService1" />
</client>
Issues
The client configuration is https, while at the server it is http
because of which the endpoints do not match. Using "Transport"
security would mean a https flow. why am I getting http endpoint at
the server?
I have used basichttpbinding with transport security. is this allowed?
using basichttpbinding with transport generates https for client and http at the server.
Any pointers would really help. Thanks
According to this basicHttpBinding supports transport security.
This seems more like a IIS configuration problem than WCF problem.
See here for information on how to setup SSL on IIS
I'm a new member in this fantastic website and this is my first question here ..
I wish I can find the solution..
I'm building a website and I need to secure the communications between clients and the server.
I should Use WCF in the implementation.
My project's requirements :
use WCF
binding: ws2007HttpBinding
security: HTTPS
client: Sign
I should use HTTPS for securing the communications and I should make the client sign the message (it's important).
I install certificates in both server and Client But I don't knoe how to make the clients sign the message.
I can't use message security in the wcf because I need HTTPS. Anyone can help me to know what is the TransportWithMessageCredential do for signing and how to implement such a thing??
Here is part of the app.config of the server:
<bindings>
<ws2007HttpBinding>
<binding name="ServiceWS2007HttpBindingConfg">
<security mode="TransportWithMessageCredential">
<transport clientCredentialType="None" />
<message clientCredentialType="Certificate" negotiateServiceCredential="false" />
</security>
</binding>
</ws2007HttpBinding>
</bindings>
<services>
<service name="Service">
<endpoint address="https://MAHER-PC/EBPP/Service.svc" binding="ws2007HttpBinding"
bindingConfiguration="ServiceWS2007HttpBindingConfg" contract="IService" />
</service>
</services>
thanks....
Depends on what you're planning to sign.
A good place to start would be to have a look at setting the ProtectionLevel for your service in the service contract.
Information:
http://msdn.microsoft.com/en-gb/library/aa347692.aspx
How to:
http://msdn.microsoft.com/en-gb/library/aa347791.aspx
I have a need to secure my WCF service using SSL. The problem I'm running into is that this is a WCF Workflow service, and I can't seem to override the default bindings that it sets up behind the scenes.
There must be something that I'm missing in the configuration file, as whatever I do, the binding always comes back as: BasicHttpBinding_IService at address : http://myurl.com/biz/MyService.xamlx
It should be: https://myurl.com/biz/MyService.xamlx.
These are the bindings and endpoint sections:
<bindings>
<basicHttpBinding>
<binding name="basicBinding">
<security mode="Transport">
<transport clientCredentialType="None" />
</security>
</binding>
</basicHttpBinding>
</bindings>
<services>
<service name="MyNamespace.MyService">
<endpoint address="https://myurl.com/biz/MyService.xamlx"
binding="basicHttpBinding"
bindingConfiguration="basicBinding"
contract="IService" />
</service>
</services>
Thanks for any help!
A few things to try:
change the binding to wsHttpBinding and that will force SSL.
change clientCredentialType to Certificate.
use this example and set the httpsGetEnabled to true:
http://blog.adnanmasood.com/2008/07/16/https-with-basichttpbinding-note-to-self/
Im trying to setup my config for my WCF service correctly.
On our web server we are going to have a Service that is both accessible to Extenal internet users and Internal users.
to access the site externally you will go to http://services.ourdomain.com
to access the site internally you will go to http://servername:9090
I'd like to configure how the users are authenticated. so for external i will use a usernamevalidator and internal for now just have no authentication, but this may change in future.
how can i setup my config file that when access to the service is coming externally it will use the customvalidator but for internal it will just use regular basicHttpBinding?
Try something like this in your service config:
<services>
<service name = "MyService">
<endpoint address = "http://services.ourdomain.com" binding = "customBinding"/>
<endpoint address = "http://servername:9090" binding = "basicBinding"/>
</service>
</services>
<bindings>
<binding name = "basicBinding">
<security mode = "None"/>
</binding>
<binding name = "customBinding">
<security mode = "Message">
<message clientCredentialType="UserName">
</security>
</binding>
</bindings>