I'm developping a WPF application that needs authentification. I want to use the client application services to use the ASP.Net Membership Provider (see this link if you don't know what I'm talking about). Actually, I made my own provider based on the MembershipProvider. It works perfectly with a ASP.Net projet.
But now, I don't want my authentification to be hosted in a ASP.Net projet anymore, but to be in WCF.
So, I did a WCF service and used a WebHttpBinding. Everything is ok, until the login is entered. The call is made to the service, no doubt about it, but nothing happens. In fact, it's like the call has been made but isn't served.
I can confirm it because I used the service trace viewer to log all the messages to the service.
Eventually, I receive a timeout with the message :
The incoming HTTP request's URI 'http://localhost:21200/Authentication_JSON_AppService.axd/Login' does not match any service operation.
It's like if the Provider isn't taking the call or receive it. I really don't know where to look. I've done my research but I did'nt find similar examples. Here's my settings :
1. Config file for the Membership Provider (working in a ASP.NET project)
<system.web.extensions>
<scripting>
<webServices>
<authenticationService enabled="true" />
<roleService enabled="true" />
</webServices>
</scripting>
</system.web.extensions>
<system.web>
<authentication mode="Forms" />
<authorization>
<allow users="*"/>
</authorization>
<membership defaultProvider="FooMembershipProvider">
<providers>
<add name="FooMembershipProvider" type="Foo.Web.Security.FooMembershipProvider, Foo.Web" />
</providers>
</membership>
</system.web>
2. Config file for my application, section service (working if I use the ASP.NET project)
<system.serviceModel>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" />
<behaviors>
<endpointBehaviors>
<behavior name="WebBehavior">
<webHttp />
<enableWebScript />
</behavior>
</endpointBehaviors>
<serviceBehaviors>
<behavior name="WebBehavior">
<serviceMetadata httpGetEnabled="true" httpGetUrl="" />
<serviceDebug includeExceptionDetailInFaults="true" />
</behavior>
</serviceBehaviors>
</behaviors>
<bindings>
<basicHttpBinding>
<binding name="basicHttpMode">
<security mode="None" />
</binding>
</basicHttpBinding>
<webHttpBinding>
<binding name="webHttpMode">
<security mode="None" />
</binding>
</webHttpBinding>
</bindings>
<services>
<service behaviorConfiguration="WebBehavior"
name="Foo.Security.Business.Manager.Wcf.Host.SecurityManager">
<endpoint address=""
binding="webHttpBinding"
contract="Foo.Security.Business.Contract.ISecurityContract"
behaviorConfiguration="WebBehavior"
bindingConfiguration="webHttpMode" />
<host>
<baseAddresses>
<add baseAddress="http://localhost:21200" />
</baseAddresses>
</host>
</service>
</services>
</system.serviceModel>
3. Config file for my application, section call of the service (working if I use the ASP.NET project)
<membership defaultProvider="ClientAuthenticationMembershipProvider">
<providers>
<add name="ClientAuthenticationMembershipProvider" type="System.Web.ClientServices.Providers.ClientFormsAuthenticationMembershipProvider, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35"
serviceUri="http://localhost:21200/Authentication_JSON_AppService.axd"
credentialsProvider="Foo.Windows.LoginWindow, Foo.Windows" />
<add name="FooMembershipProvider"
type="Foo.Security.Business.Provider.FooMembershipProvider, Foo.Security.Business"
serviceUri="http://localhost:21200/Authentication_JSON_AppService.axd"
credentialsProvider="Foo.Windows.LoginWindow, Foo.Windows" />
</providers>
</membership>
<roleManager defaultProvider="ClientRoleProvider" enabled="true">
<providers>
<add name="ClientRoleProvider"
type="System.Web.ClientServices.Providers.ClientRoleProvider, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35"
serviceUri="http://localhost:21200/Role_JSON_AppService.axd"
cacheTimeout="86400" />
</providers>
</roleManager>
If anyone could give me some hints where to look, it would be appreciated. Thanks.
One thing that you could try, is to use https.
In this case you are sending a password over the network in clear text. Sometimes the technology will save you, in that if you try that it will not work.
I am not sure if this is the case here, but since it is only the login that does not work, it is worth a try.
Maybe this will help:
http://underground.infovark.com/2008/03/21/wcf-webhttp-binding-and-authentication/
Related
I'm new to WCF. I created WCF method that returns file. I deployed it to azure App Service and it worked when i called it like this
https://myapp.azurewebsites.net/myService.svc/MyMethod?MyParam=MyValue
Than i turned on Azure active directory authentication for azure App Service and now i get 404 error. But authentication against AAD works - i get redirected to login page if i'm not singed in user.
I tried searching SO and google and i can't figure out what i'm doing wrong or if it is just not possible to set up this way with WCF.
Web config:
<?xml version="1.0"?>
<configuration>
<appSettings>
<add key="aspnet:UseTaskFriendlySynchronizationContext" value="true"/>
</appSettings>
<system.web>
<customErrors mode="Off"/>
<compilation targetFramework="4.5.2"/>
<httpRuntime targetFramework="4.5.2"/>
<httpModules>
<add name="ApplicationInsightsWebTracking" type="Microsoft.ApplicationInsights.Web.ApplicationInsightsHttpModule, Microsoft.AI.Web"/>
</httpModules>
</system.web>
<system.serviceModel>
<serviceHostingEnvironment multipleSiteBindingsEnabled="true" />
<bindings>
<webHttpBinding>
<binding name="ServiceWebBindingName" transferMode="Streamed" maxReceivedMessageSize="2147483647" >
<readerQuotas maxArrayLength="2147483647" maxStringContentLength="2147483647" />
</binding>
</webHttpBinding>
</bindings>
<behaviors>
<endpointBehaviors>
<behavior name="DefaultRestServiceBehavior">
<webHttp defaultOutgoingResponseFormat="Json" defaultBodyStyle="Wrapped" automaticFormatSelectionEnabled="false"/>
</behavior>
</endpointBehaviors>
<serviceBehaviors>
<behavior name="">
<serviceMetadata httpGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
</behavior>
</serviceBehaviors>
</behaviors>
<services>
<service name="My.App.Service">
<endpoint address="myService.svc"
binding="webHttpBinding"
bindingConfiguration="ServiceWebBindingName"
behaviorConfiguration="DefaultRestServiceBehavior"
name="FileManagerServiceEndpoint"
contract="My.App.IService"/>
</service>
</services>
</system.serviceModel>
<system.webServer>
<modules runAllManagedModulesForAllRequests="true">
<remove name="ApplicationInsightsWebTracking"/>
<add name="ApplicationInsightsWebTracking" type="Microsoft.ApplicationInsights.Web.ApplicationInsightsHttpModule, Microsoft.AI.Web"
preCondition="managedHandler"/>
</modules>
<!--
To browse web app root directory during debugging, set the value below to true.
Set to false before deployment to avoid disclosing web app folder information.
-->
<directoryBrowse enabled="false"/>
<validation validateIntegratedModeConfiguration="false"/>
</system.webServer>
</configuration>
So i found out i did not notice, that my original service url was
http://myapp.azurewebsites.net/myService.svc/MyMethod?MyParam=MyValue
and one that i was redirected to after adding azure ad authentication was
https://myapp.azurewebsites.net/myService.svc/MyMethod?MyParam=MyValue
So redirect points to HTTPS and not HTTP.
It is probably possible to set azure ad application not enforce HTTPS traffic, however in spirit of security and to avoid possible IE zone switching issues I added HTTPS transport to my WCF binding in web.config. Here is great example how to do it How to enable HTTPS on WCF RESTful Service? and it now works flawlessly.
it's my first try to make a WCF service that uses Asp.Net Membership provider for Authentication , what i try to do is very simple :
1- The default Asp web app where users will register and create accounts (using Asp.Net Membership provider)
2- WCF service that can be used only by the members registered
so i tried this example : Configuring an ASP.NET Application to Use Membership
I created a default Asp web app, Membership works fine.
My problem is configuring the WCF App.Config :
So please guys correct me if I'm wrong
1- is it the right example (cause i want to use that WCF service later for Asp.Net Membership Authentication from Winform App, everybody say don't use it from the winform, it's not secure use WCF Service)
2- if yes, correct me here : what i need to put in the App.Config of the WCF is
Connectionstring : pointing to the ASPNETDB.MDF database base file where the users are saved
Membership/Profiles/Roles Provider
Behavior
Bindings : wsHttpBinding
3- If by miracle i'm right until here, this is my App.Config File :
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<!--_______________________________________ Connection String-->
<connectionStrings>
<add name="ApplicationServices"
connectionString="data source=.\SQLEXPRESS;Integrated Security=SSPI;AttachDBFilename=E:\DOCUMENTS\CODE\WCFwsHttpBindingTest\WebAppWsHttpBinding\App_Data\aspnetdb.mdf;User Instance=true"
providerName="System.Data.SqlClient" />
</connectionStrings>
<system.web>
<compilation debug="true" />
<!--_________________________________________ Provider-->
<membership>
<providers>
<clear/>
<add name="AspNetSqlMembershipProvider" type="System.Web.Security.SqlMembershipProvider"
connectionStringName="ApplicationServices"
enablePasswordRetrieval="false"
enablePasswordReset="true"
requiresQuestionAndAnswer="false"
requiresUniqueEmail="false"
maxInvalidPasswordAttempts="5"
minRequiredPasswordLength="6"
minRequiredNonalphanumericCharacters="0"
passwordAttemptWindow="10"
applicationName="/" />
</providers>
</membership>
</system.web>
<system.serviceModel>
<services>
<service behaviorConfiguration="MyServiceBehavior"
name="WCFwsHttpBinding.Service1">
<endpoint address =""
binding="wsHttpBinding"
bindingConfiguration="MembershipBinding"
name="ASPmemberUserName"
contract="WCFwsHttpBinding.IService1">
</endpoint>
</service>
</services>
<!--__________________________________________ Behavior-->
<behaviors>
<serviceBehaviors>
<behavior name="MyServiceBehavior">
<serviceCredentials>
<userNameAuthentication userNamePasswordValidationMode="MembershipProvider" membershipProviderName="AspNetSqlMembershipProvider"/>
</serviceCredentials>
</behavior>
</serviceBehaviors>
</behaviors>
<!--__________________________________________ Binding-->
<bindings>
<wsHttpBinding>
<binding name="MembershipBinding">
<security mode="Message">
<message clientCredentialType="UserName" />
</security>
</binding>
</wsHttpBinding>
</bindings>
</system.serviceModel>
</configuration>
when i try debug, i get this Error:
Could not find a base address that matches scheme http for the endpoint with binding WSHttpBinding. Registered base address schemes are [].
Thank you so much for helping.
I'm trying to deploy a WCF service as a Windows Azure Role using wsHttpBinding.
When the client tries to connect to it, it keeps getting the following exception:
[SynchronizingContextState.Process] [System.Net.WebException: The remote server returned an error: (415) Cannot process the message because the content type 'application/soap+xml; charset=utf-8' was not the expected type 'text/xml; charset=utf-8'..]
at System.Net.HttpWebRequest.GetResponse()
at System.ServiceModel.Channels.HttpChannelFactory`1.HttpRequestChannel.HttpChannelRequest.WaitForReply(TimeSpan timeout)
This would seem to indicate that the service is using basicHttpBinding instead. However, I checked my Web.config many times and can't seem to find anything wrong. Plus, the same service works perfectly when being hosted outside Azure.
I connected to the Azure VM and confirmed that the correct Web.config is deployed, but it looks as if it's just being ignored, because I cannot get the service metadata either, even though it's supposedly enabled.
Here's my Web.config file:
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<configSections>
<section name="entityFramework" type="System.Data.Entity.Internal.ConfigFile.EntityFrameworkSection, EntityFramework, Version=4.4.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" requirePermission="false" />
</configSections>
<entityFramework>
<defaultConnectionFactory type="System.Data.Entity.Infrastructure.SqlConnectionFactory, EntityFramework" />
</entityFramework>
<system.web>
<compilation debug="true" targetFramework="4.0" />
<customErrors mode="Off" />
</system.web>
<system.serviceModel>
<behaviors>
<serviceBehaviors>
<behavior name="BackendServiceBehavior">
<serviceDebug includeExceptionDetailInFaults="true" />
<serviceMetadata httpGetEnabled="true" />
</behavior>
</serviceBehaviors>
</behaviors>
<bindings>
<wsHttpBinding>
<binding name="BackendServiceBinding" maxReceivedMessageSize="655360">
<security mode="None" />
</binding>
</wsHttpBinding>
</bindings>
<serviceHostingEnvironment multipleSiteBindingsEnabled="true" />
<services>
<service name="MyNamespace.BackendService" behaviorConfiguration="BackendServiceBehavior">
<endpoint name="Backend" address="" binding="wsHttpBinding" bindingConfiguration="BackendServiceBinding" contract="MyNamespace.IBackendService" />
<endpoint name="BackendMex" address="mex" binding="mexHttpBinding" contract="IMetadataExchange" />
<host>
<baseAddresses>
<add baseAddress="http://localhost/BackendService.svc" />
</baseAddresses>
</host>
</service>
</services>
</system.serviceModel>
</configuration>
Am I missing something here? Thank you very much.
Did you try adding to the endpoint behavior?
<behavior name="web">
<webHttp />
</behavior>
(if you want MEX to be working do it for it to too)
Ok, I finally fixed it, it was a bad case of PEBKAC. =/
I've seen somebody have the same problem because he didn't include the namespace in the service name so I suspected it was a namespace issue, but I've looking at the wrong place all the time.
Turns out the Azure implementation for the service was defined in the wrong namespace. I corrected it and voilá, now it works.
Hope this is useful to somebody else, at least.
I have a WCF service that I'm using in my Silverlight project. I've followed pretty much any information on how to set up https and ssl for WCF services. The service can be called perfectly fine if SSL in not required but I noticed while examining the communications with fiddler that the WCF service was still in http protocol. Further more if I enable SSL the WCF service cant be browsed in a browser (right clicking in VS2010 -> selecting browse) .
My suspicion is that the service is still being called on some internal method with the http protocol.
Any suggestions to how to fix this?
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<system.web>
<compilation debug="true" targetFramework="4.0">
<assemblies>
<add assembly="System.Data.Entity, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
</assemblies>
</compilation>
</system.web>
<system.serviceModel>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true"
multipleSiteBindingsEnabled="true" />
<behaviors>
<serviceBehaviors>
<behavior name="">
<serviceMetadata httpsGetEnabled="true"/>
<serviceDebug includeExceptionDetailInFaults="true"/>
</behavior>
</serviceBehaviors>
</behaviors>
<bindings>
<customBinding>
<binding name="AuthService.customBinding" >
<binaryMessageEncoding />
<httpsTransport />
</binding>
</customBinding>
</bindings>
<services>
<service name="AuthService">
<endpoint address="" binding="customBinding" bindingConfiguration="AuthService.customBinding" contract="AuthService" />
<endpoint address="mex" binding="mexHttpsBinding" contract="IMetadataExchange" />
</service>
</services>
</system.serviceModel>
</configuration>
Thanks
Any specific reason on why you are using a custom binding. Also your service name attribute and contract attribute needs to be fully qualified.
You can use simple basicHttpBinding if you want your WCF service to be compliant with basic profile 1.1 which allows non .NET clients to access as well.
I am trying to add a WCF service reference to my web application using VS2010. It seems to add OK, but the web.config is not updated, meaning I get a runtime exception:
Could not find default endpoint
element that references contract
'CoolService.CoolService' in the
ServiceModel client configuration
section. This might be because no
configuration file was found for your
application, or because no endpoint
element matching this contract could
be found in the client element.
Obviously, because the service is not defined in my web.config. Steps to reproduce:
Right click solution > Add > New Project > ASP.NET Empty Web Application.
Right click Service References in the new web app > Add Service Reference.
Enter address of my service and click Go. My service is visible in the left-hand Services section, and I can see all its operations.
Type a namespace for my service.
Click OK. The service reference is generated correctly, and I can open the Reference.cs file, and it all looks OK.
Open the web.config file. It is still empty!
<system.web>
<compilation debug="true" targetFramework="4.0" />
</system.web>
<system.serviceModel>
<bindings />
<client />
</system.serviceModel>
Why is this happening? It also happens with a console application, or any other project type I try. Any help?
Here is the app.config from my WCF service:
<?xml version="1.0"?>
<configuration>
<system.web>
<compilation debug="true" />
</system.web>
<!-- When deploying the service library project, the content of the config file must be added to the host's
app.config file. System.Configuration does not support config files for libraries. -->
<system.serviceModel>
<services>
<service name="CoolSQL.Server.WCF.CoolService">
<endpoint address=""
binding="webHttpBinding"
contract="CoolSQL.Server.WCF.CoolService"
behaviorConfiguration="SilverlightFaultBehavior">
<identity>
<dns value="localhost" />
</identity>
</endpoint>
<endpoint address="mex"
binding="mexHttpBinding"
contract="IMetadataExchange" />
<host>
<baseAddresses>
<add baseAddress="http://localhost:8732/Design_Time_Addresses/CoolSQL.Server.WCF/CoolService/" />
</baseAddresses>
</host>
</service>
</services>
<behaviors>
<endpointBehaviors>
<behavior name="webBehavior">
<webHttp />
</behavior>
<behavior name="SilverlightFaultBehavior">
<silverlightFaults />
</behavior>
</endpointBehaviors>
<serviceBehaviors>
<behavior name="">
<serviceMetadata httpGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
</behavior>
</serviceBehaviors>
</behaviors>
<bindings>
<webHttpBinding>
<binding name="DefaultBinding"
bypassProxyOnLocal="true"
useDefaultWebProxy="false"
hostNameComparisonMode="WeakWildcard"
sendTimeout="00:05:00"
openTimeout="00:05:00"
receiveTimeout="00:00:10"
maxReceivedMessageSize="2147483647"
transferMode="Streamed">
<readerQuotas maxArrayLength="2147483647"
maxStringContentLength="2147483647" />
</binding>
</webHttpBinding>
</bindings>
<extensions>
<behaviorExtensions>
<add name="silverlightFaults"
type="CoolSQL.Server.WCF.SilverlightFaultBehavior, CoolSQL.Server.WCF" />
</behaviorExtensions>
</extensions>
<diagnostics>
<messageLogging logEntireMessage="true"
logMalformedMessages="false"
logMessagesAtServiceLevel="true"
logMessagesAtTransportLevel="false"
maxMessagesToLog="3000"
maxSizeOfMessageToLog="2000" />
</diagnostics>
</system.serviceModel>
<startup>
<supportedRuntime version="v4.0"
sku=".NETFramework,Version=v4.0" />
</startup>
<system.diagnostics>
<sources>
<source name="System.ServiceModel.MessageLogging"
switchValue="Information, ActivityTracing">
<listeners>
<add name="messages"
type="System.Diagnostics.XmlWriterTraceListener"
initializeData="c:\messages.e2e" />
</listeners>
</source>
</sources>
</system.diagnostics>
</configuration>
I discovered how to work around this. My WCF service was implemented in its own project, and hosted in by a separate console application in the same solution. If I run the WCF service as the solution's startup project (eg. let VS host it for me) then adding the reference works fine and the correct lines are added to the client web.config. But if I host service from within my console application, while I can still add the reference, the client's web.config does not get modified. So, a workaround is to first let VS host the service, then add the reference, then change the service to be hosted (at the same address and port) in the console application.
This is surprising behaviour, and I am curious if anyone can shed any light on it?