I'm trying to launch a WCF service over SSL on IIS 6 through a load balancer. My initial problem was an obvious and pretty well discussed one - the address shown on the WSDL page pointed to https://SERVERNAME/WebServices/mydomainws.svc instead of www.mydomain.com. The answer to this problem is to add a host header value in IIS. I did that and it worked... sort of. I now get http://www.mydomain.com/WebServices/mydomainws.svc when viewing the wsdl in a browser. If I click on that link (the non-ssl link) I get a service definition that again references the server name.
The next oft recommended remedy is to use WCF Extras which provides an extension that allows you to specify a base address. But setting that config entry only updated the soap12:address. The EndPointReference address is still using the machine name.
To summarize: WSDL as viewed in web browser at https://www.mydomain.com/WebServices/mydomainws.svc: http://www.mydomain.com/WebServices/mydomainws.scv
Clicking the above link brings me to an actual wsdl file with the following service entry:
https://ServerName/WebServices/mydomainws.svc
My server config file has the following serviceModel entries:
<system.serviceModel>
<bindings>
<wsHttpBinding>
<binding name="TransportSecurity">
<security mode="Transport">
<message clientCredentialType="None"/>
<transport clientCredentialType="None"/>
</security>
</binding>
</wsHttpBinding>
</bindings>
<services>
<service name="mydomain.ws.mydomainws" behaviorConfiguration="mydomainwsBehavior">
<!-- Service Endpoints -->
<endpoint address="" **behaviorConfiguration="CorrectEndPoint"** binding="wsHttpBinding" bindingConfiguration="TransportSecurity" contract="mydomain.ws.Imydomainws"/>
<endpoint address="mex" **behaviorConfiguration="CorrectEndPoint"** binding="mexHttpsBinding" contract="IMetadataExchange"/>
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="mydomainwsBehavior">
<!-- To avoid disclosing metadata information, set the value below to false and remove the metadata endpoint above before deployment -->
<serviceMetadata httpGetEnabled="true" />
<!-- To receive exception details in faults for debugging purposes, set the value below to true. Set to false before deployment to avoid disclosing exception information -->
<serviceDebug includeExceptionDetailInFaults="true"/>
</behavior>
</serviceBehaviors>
<endpointBehaviors>
**<behavior name="CorrectEndPoint">
<wsdlExtensions location="https://www.mydomain.com/WebServices/mydomainws.svc" singleFile="true"/>
</behavior>**
</endpointBehaviors>
</behaviors>
<serviceHostingEnvironment multipleSiteBindingsEnabled="true" />
<extensions>
<behaviorExtensions>
<add name="wsdlExtensions" type="WCFExtras.Wsdl.WsdlExtensionsConfig, WCFExtras, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null"/>
</behaviorExtensions>
</extensions>
</system.serviceModel>
Can anyone point me in the right direction?
Thanks,
George
This should be handeled by new behavior useRequestHeadersForMetadataAddress. Try to add this to your service behavior:
<serviceBehaviors>
<behavior name="LoadBalancedBehavior">
<serviceMetadata httpGetEnabled="true" />
<useRequestHeadersForMetadataAddress>
<defaultPorts>
<add scheme="http" port="80" />
<add scheme="https" port="443" />
</defaultPorts>
</useRequestHeadersForMetadataAddress>
<!-- Other service behaviors as necesary -->
</behavior>
</serviceBehaviors>
This behavior is availabel in WCF 4.0 and should be available as KB for WCF 3.x.
Related
I have a running, mature WCF service that I am trying to deploy on Windows Azure as a Web Role (with a custom wrapper, of course). My RoleEntryPoint.OnStart() method creates a ServiceHost instance, where it trips with the zero application endpoints error. The configuration (web.config) service model section is:
<system.serviceModel>
<services>
<service name="Linguasys.QualitativeAnalysis.Processing" behaviorConfiguration="defaultServiceBehavior">
<endpoint address="" behaviorConfiguration="wcfAzureWrapperStoryMapping.StoryMapperAspNetAjaxBehavior" binding="webHttpBinding" contract="Linguasys.QualitativeAnalysis.IProcessing" />
<!--
<endpoint address="soap" behaviorConfiguration="" binding="basicHttpBinding" contract="Linguasys.QualitativeAnalysis.IProcessing" />
-->
</service>
</services>
<behaviors>
<endpointBehaviors>
<behavior name="wcfAzureWrapperStoryMapping.StoryMapperAspNetAjaxBehavior">
<!--
<enableWebScript />
-->
<webHttp faultExceptionEnabled="true" />
</behavior>
</endpointBehaviors>
<serviceBehaviors>
<behavior name="defaultServiceBehavior">
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="false" />
<serviceDebug includeExceptionDetailInFaults="true" />
</behavior>
</serviceBehaviors>
</behaviors>
<bindings>
<webHttpBinding></webHttpBinding>
<basicHttpBinding></basicHttpBinding>
</bindings>
<protocolMapping>
<add binding="basicHttpsBinding" scheme="https" />
</protocolMapping>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true">
<!--
<serviceActivations>
<add relativeAddress="StoryMapper.svc" service="Linguasys.QualitativeAnalysis.Processing"/>
</serviceActivations>
-->
</serviceHostingEnvironment>
</system.serviceModel>
Never mind the activation bits, the basic HTTP binding, etc. They were added later to see whether it will work.
I see that my web.config ends up at the siteroot and approot and all the other places.
What am I missing?
Your RoleEntryPoint.OnStart() method runs in WaIISHost.exe which does not know anything about your web.config. For more info see http://azure.microsoft.com/blog/2010/12/02/new-full-iis-capabilities-differences-from-hosted-web-core/, and for information about how the processes run see http://blogs.msdn.com/b/kwill/archive/2011/05/05/windows-azure-role-architecture.aspx.
Two options:
Move your WCF configuration to WebRole1.dll.config (or whatever your role entry point binary's name is). Make sure you set the .config to Content and copy local.
Instantiate your ServiceHost in w3wp (ie. Global.asax).
I am working on a WCF service which runs along with ASP.NET MVC 2 application with https port which have been configured using webMatrix-ssl certificate. The service is running perfectly in the browser and could download wsdl as well. But when am trying to load the service into wcftestclient tool and as well as my own client, getting the below error.
Error: Cannot obtain Metadata from 'localhost:44300/MyService' If this is a Windows (R) Communication Foundation service to which you have access, please check that you have enabled metadata publishing at the specified address. For help enabling metadata publishing, please refer to the MSDN documentation at go.microsoft.com/fwlink/?LinkId=65455.WS-Metadata Exchange Error URI: localhost:44300/MyService Metadata contains a reference that cannot be resolved: 'localhost:44300/MyService'. The remote server returned an unexpected response: (302) Found. Too many automatic redirections were attempted.HTTP GET Error URI: localhost:44300/MyService There was an error downloading 'localhost:44300/MyService'. The request failed with the error message:--"
I had added the attribute aspNetCompatibilityEnabled="true" for wcf service routing, if that attribute has been removed all works fine. Initially this service has been configured with basicHttpBinding & had this same issue. After reading this article, I have changed to wshttpBinding as suspected binding could also be the problem, still am getting the same issue, below is my web.config.
Could anyone of you please help me to repair this?
<system.serviceModel>
<extensions>
<behaviorExtensions>
<add name="ExceptionBehavior" type="ServiceExceptionHander.ExceptionHandlerBehaviorExtension, ServiceExceptionHandler" />
</behaviorExtensions>
</extensions>
<behaviors>
<serviceBehaviors>
<behavior name="ServiceBehavior">
<serviceMetadata httpsGetEnabled="true"/>
<serviceDebug includeExceptionDetailInFaults="true" />
<ExceptionBehavior />
</behavior>
</serviceBehaviors>
</behaviors>
<services>
<service name="ServiceImplementation.MyService" behaviorConfiguration="ServiceBehavior">
<endpoint binding="wsHttpBinding" bindingConfiguration="securityBinding" contract="ServiceContracts.IMyServiceContracts"/>
<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange"/>
</service>
</services>
<bindings>
<wsHttpBinding>
<binding name="securityBinding">
<security mode="Transport">
<transport clientCredentialType="None"/>
</security>
</binding>
</wsHttpBinding>
</bindings>
<serviceHostingEnvironment multipleSiteBindingsEnabled="true" aspNetCompatibilityEnabled="true">
<serviceActivations>
<add factory="System.ServiceModel.Activation.ServiceHostFactory" service="ServiceImplementation.MyService" relativeAddress="MyService.svc"/>
</serviceActivations>
</serviceHostingEnvironment>
</system.serviceModel>
I have been successfull in implementing NetTcp bindings and metadata under WAS but I am having a problem with the netMsmqBinding under WAS/IIS. In a nutshell, I can implement MEX for a Self Hosted NetMsmq binding application but not WAS/IIS. It seems like WAS is rejecting any of the addresses that I use where I can use any address in the self hosted app. In other words I can do this in self hosted:
<system.serviceModel>
<services>
<service name="Microsoft.Samples.MSMQTransactedSample.OrderProcessorService" behaviorConfiguration="OrderProcessorServiceBehavior">
<host>
<baseAddresses>
<add baseAddress="http://localhost:8000/ServiceModelSamples/service" />
</baseAddresses>
</host>
<!-- Define NetMsmqEndpoint -->
<endpoint address="net.msmq://localhost/private/ServiceModelSamplesTransacted" binding="netMsmqBinding" bindingConfiguration="TransactedBinding" contract="Microsoft.Samples.MSMQTransactedSample.IOrderProcessor" />
<!-- the mex endpoint is exposed at http://localhost:8000/ServiceModelSamples/service/mex -->
<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" />
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="OrderProcessorServiceBehavior">
<serviceMetadata httpGetEnabled="True" />
</behavior>
</serviceBehaviors>
</behaviors>
<bindings>
<netMsmqBinding>
<binding name="TransactedBinding">
<security mode="None" />
</binding>
</netMsmqBinding>
</bindings>
</system.serviceModel>
Hoever, when I try something similar in WAS, it says no endpoint lisening at address 8000. It won't host the metdata. Can someone help me get metadata or implement MEX for NetMsmq in WAS:
<system.serviceModel>
<bindings>
<netMsmqBinding>
<binding name="MsmqBindingNonTransactionalNoSecurity" exactlyOnce="false">
<security mode="None"/>
</binding>
</netMsmqBinding>
</bindings>
<services>
<service name="Portal.LoadSim.Services.MsmqService" behaviorConfiguration="PortalServiceBehavior">
<host>
<baseAddresses>
<add baseAddress="http://localhost:8000/PortalLoadSimServices10/MsmqService"/>
</baseAddresses>
</host>
<!-- Define NetMsmqEndpoint -->
<endpoint address="net.msmq://localhost/private/PortalLoadSimServices10/MsmqService.svc" binding="netMsmqBinding" bindingConfiguration="MsmqBindingNonTransactionalNoSecurity" contract="Portal.LoadSim.Shared.IMsmqService" />
<!-- the mex endpoint is exposed at http://localhost:8000/PortalLoadSimServices10/MsmqService/mex -->
<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" />
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="PortalServiceBehavior">
<!-- To avoid disclosing metadata information, set the value below to false and remove the metadata endpoint above before deployment -->
<serviceMetadata httpGetEnabled="true"/>
<!-- To receive exception details in faults for debugging purposes, set the value below to true. Set to false before deployment to avoid disclosing exception information -->
<serviceDebug includeExceptionDetailInFaults="false" />
</behavior>
</serviceBehaviors>
</behaviors>
</system.serviceModel>
You need to add URL access control for your services. This command should work for you:
netsh http add urlacl url=http://localhost:8000/PortalLoadSimServices10/MsmqService user="NT AUTHORITY\NetworkService" listen=yes
To delete the entry
delete urlacl url=http://localhost:8000/PortalLoadSimServices10/MsmqService
HTH
UPDATE: This is not the anwer to your problem. This is what you would do if you wanted to run the services as a self-hosted application and run it under non-standard account. Sorry I was getting it mixed up. I tried using your configuration on a sample application at home and found I had to do two things to get it to work - one, I have to rename the queue to the path and name of the svc file (e.g. PortalLoadSimServices10/MsmqService.svc) and rather than using the base address just browse to the svc file in your IIS host application. You might also need to modify the queue permissions so iis can access it correctly. Let me know if this solves your issue.
I have a WCF Service programmed in VB.NET that is exhibiting strange behavior. The web.config has the following xml:
<system.serviceModel>
<services>
<service behaviorConfiguration="CentricBasicHttpBehavior" name="OnbaseService">
<endpoint binding="basicHttpBinding" bindingConfiguration="CentRicBasicHttpServerBinding" contract="IOnbaseService">
<identity>
<servicePrincipalName value="HTTP/JFOLKENDT7E" />
</identity>
</endpoint>
<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" />
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="CentricBasicHttpBehavior">
<serviceAuthorization impersonateCallerForAllOperations="true" />
<serviceMetadata httpGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
<dataContractSerializer maxItemsInObjectGraph="2147483646" />
<serviceThrottling maxConcurrentCalls="100" maxConcurrentSessions="100" maxConcurrentInstances="100" />
</behavior>
<behavior name="">
<serviceMetadata httpGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
</behavior>
</serviceBehaviors>
</behaviors>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" />
<bindings>
<basicHttpBinding>
<binding name="CentRicBasicHttpServerBinding" maxReceivedMessageSize="5000000">
<security mode="TransportCredentialOnly">
<transport clientCredentialType="Windows" />
</security>
</binding>
</basicHttpBinding>
</bindings>
</system.serviceModel>
When I configure the service in wcf test client, both the Binding Mode and TransportClientCredentialType are coming across as "None". I expected for them to be "TransportCredentialOnly" and "Windows" respectively.
Can someone please share with me how WCF Test Client infers the binding configuration, and how I should go about correcting this issue? The end result is that within the source code of the service, the WindowsIdentity isn't impersonating the user like I expected.
Thanks,
Jason
I work with Jason and we looked at this together. The service configuration needed the name and contact properties to match the fully qualified service class name and fully qualified contact interface name. Otherwise, we were getting the fun new .Net 4.0 defualt bindings for a default service.
In my own experience with WCF, I had modified session Timeouts and connection Timeout settings in the config file but WCF Test Client was not respecting those settings. Seems like WCF Test client just takes up the default values for communicating with WCF services. Hence I test my WCF services using my own custom WCF Test Clients by generating app.config and proxy. cs through svcutil.exe .
I recently built a WCF Service, and now I'm deploying it to Windows Server 2008. Right now, we don't have secure protocol turned on. But we will. I'd like to get it working either way. In the site, I've had Anonymous authentication enabled as well as Forms authentication. The reason I did this was to prevent the authentication popup on the iPad, Android and Internet Explorer. So now they just get to the Login screen. Oh and I did activate WCF in Windows features. If you're also knowledgeable about making this https ready, I'd also like to figure that out. Thanks!!
I'm getting this error when I try pasting in the *.svc PATH into the URL.
System.ServiceModel.ServiceActivationException:
The service
'/WCFServices/Accessioning/QuickDataEntryService.svc'
cannot be activated due to an
exception during compilation
Here is my web.config configuration thus far.
<system.serviceModel>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true">
<!--<baseAddressPrefixFilters>
<add prefix="http://localhost/" />
</baseAddressPrefixFilters>-->
</serviceHostingEnvironment>
<behaviors>
<endpointBehaviors>
<behavior name="AspNetAjaxBehavior">
<enableWebScript />
</behavior>
</endpointBehaviors>
<serviceBehaviors>
<behavior name="ServiceBehavior">
<serviceDebug includeExceptionDetailInFaults="true" />
<serviceMetadata httpGetEnabled="true" />
</behavior>
<!-- Watch this section when adding a new WCF Service! New behaviors will be added; just delete them and use "ServiceBehavior" -->
</serviceBehaviors>
</behaviors>
<services>
<service behaviorConfiguration="ServiceBehavior" name="A.LIMS.UI.Web.WCFServices.Accessioning.QuickDataEntryService">
<endpoint behaviorConfiguration="AspNetAjaxBehavior" binding="webHttpBinding"
contract="A.LIMS.UI.Web.WCFServices.Accessioning.QuickDataEntryService" />
<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" />
</service>
<!--<service name="A.LIMS.UI.Web.WCFServices.Accessioning.IQuickDataEntryService"
behaviorConfiguration="ServiceBehavior">
<endpoint behaviorConfiguration="AspNetAjaxBehavior"
binding="webHttpBinding"
contract="A.LIMS.UI.Web.WCFServices.Accessioning.IQuickDataEntryService" />
</service>-->
<!-- Watch this section when adding a new WCF Service! Duplicate the "QuickDataEntryService" above for an example, but change the fully qualified name -->
</services>
</system.serviceModel>
I have no clue what caused the exception above, but here was the final verdict. There were a lot of things required for WCF and using an SSL certificate (HTTPS protocol). Pardon the formatting.. I don't like how Stack Overflow sometimes puts the code into a block and sometimes it doesn't.
The following were required for the web.config on HTTPS:
Here are some places that required the "requireSSL" attribute:
<authentication mode="Forms">
<forms loginUrl="Login.aspx" timeout="30" protection="All" requireSSL="true" />
</authentication>
<httpCookies httpOnlyCookies="false" requireSSL="true" domain="" />
Notice the "s" in "httsGetEnabled" below:
<behaviors>
<endpointBehaviors>
<behavior name="AspNetAjaxBehavior">
<enableWebScript />
</behavior>
</endpointBehaviors>
<serviceBehaviors>
<behavior name="ServiceBehavior">
<serviceDebug includeExceptionDetailInFaults="true" />
<serviceMetadata httpsGetEnabled="true" />
</behavior>
</serviceBehaviors>
</behaviors>
Bindings (missing in non-SSL web.config):
<bindings>
<webHttpBinding>
<binding name="webBinding">
<security mode="Transport">
</security>
</binding>
</webHttpBinding>
</bindings>
Services (notice the "s" in "mexHttpsBinding"):
<services>
<service behaviorConfiguration="ServiceBehavior" name="A.LIMS.UI.Web.WCFServices.Accessioning.QuickDataEntryService">
<endpoint behaviorConfiguration="AspNetAjaxBehavior" binding="webHttpBinding" bindingConfiguration="webBinding" contract="A.LIMS.UI.Web.WCFServices.Accessioning.QuickDataEntryService" />
<endpoint address="mex" binding="mexHttpsBinding" contract="IMetadataExchange" />
</service>
</services>
Last but not least. I'm not using .NET 4.0, but I did try .NET on a different machine. With .NET 4.0 I couldn't get the WCF services to work without having this configured to the actual URL being used. If there were two domains for the same IP, WCF only worked with the domain in this block inside the system.ServiceModel XML block in the web.config. I did not test https in the .NET 4.0, so I'm assuming the protocol on the URL would be https below:
<serviceHostingEnvironment aspNetCompatibilityEnabled="true">
<baseAddressPrefixFilters>
<add prefix="http://subdomain.domain.com/" />
</baseAddressPrefixFilters>
</serviceHostingEnvironment>
Oh, I also had to turn on WCF on the Windows Server 2008 box. And it required a server reboot!