Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

WCF service using transport clientCredentialType Basic

I'm trying to create a wcf service which does basic authentication, but i'm having some troubles.

Here's what my web.config for the service looks like:

  <?xml version="1.0" encoding="utf-8" ?>
<configuration>
    <system.serviceModel>
        <client />
        <services>
            <service name="Service.DataExchangeService" behaviorConfiguration="MyBehavior">
                <endpoint address="" binding="wsHttpBinding" bindingConfiguration="wsDataImportEndpoint" contract="Service.IDataExchangeService">
                    <identity>
                        <dns value="localhost" />
                    </identity>
                </endpoint>
                <endpoint address="mex" binding="mexHttpsBinding" contract="IMetadataExchange" />
                <host>
                    <baseAddresses>
                        <add baseAddress="http://localhost:8732/Design_Time_Addresses/DataExchange.Server.Service/Service1/" />
                    </baseAddresses>
                </host>
            </service>
        </services>
        <bindings>
            <wsHttpBinding>
                <binding name="wsDataImportEndpoint" maxBufferPoolSize="2147483647"
                    maxReceivedMessageSize="2147483647">
                    <readerQuotas maxDepth="32" maxStringContentLength="2147483647"
                        maxArrayLength="16384" maxBytesPerRead="4096" maxNameTableCharCount="16384" />
                    <security mode="Transport">
                        <transport clientCredentialType="Basic"/>
                        <message clientCredentialType="UserName" negotiateServiceCredential="true" />
                    </security>
                </binding>
            </wsHttpBinding>
        </bindings>
        <behaviors>
            <serviceBehaviors>
                <behavior name="MyBehavior">
                    <serviceMetadata httpsGetEnabled="true" />
                    <serviceDebug includeExceptionDetailInFaults="true" />
                    <serviceCredentials>
                        <userNameAuthentication customUserNamePasswordValidatorType="DataExchange.Server.Service.UserNameValidator, DataExchange.Server.Service"
                                                userNamePasswordValidationMode="Custom" />
                    </serviceCredentials>
                </behavior>
                <behavior name="">
                    <serviceMetadata httpGetEnabled="true" />
                    <serviceDebug includeExceptionDetailInFaults="false" />
                </behavior>
            </serviceBehaviors>
        </behaviors>
    </system.serviceModel>
    <connectionStrings>
        <add name="ApplicationServices" connectionString="data source=sharept07\mssqlserver2008;initial catalog=VOS.Membership;integrated security=True;" providerName="System.Data.SqlClient" />
        <add name="ROSEntities" connectionString="metadata=res://*/ROSModel.csdl|res://*/ROSModel.ssdl|res://*/ROSModel.msl;provider=System.Data.SqlClient;provider connection string=&quot;data source=sharept07\MSSQLServer2008;initial catalog=VOS;integrated security=True;multipleactiveresultsets=True;App=EntityFramework&quot;" providerName="System.Data.EntityClient" />
    </connectionStrings>
</configuration>

and here's what my client config file looks like:

<?xml version="1.0" encoding="utf-8" ?>
<configuration>
    <system.serviceModel>
        <bindings>
            <wsHttpBinding>
                <binding name="WSHttpBinding_IDataExchangeService" closeTimeout="00:01:00"
                    openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00"
                    bypassProxyOnLocal="false" transactionFlow="false" hostNameComparisonMode="StrongWildcard"
                    maxBufferPoolSize="524288" maxReceivedMessageSize="2147483647"
                    messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true"
                    allowCookies="false">
                    <readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
                        maxBytesPerRead="4096" maxNameTableCharCount="16384" />
                    <reliableSession ordered="true" inactivityTimeout="00:10:00"
                        enabled="false" />
                    <security mode="Transport">
                        <transport clientCredentialType="Basic" proxyCredentialType="None"
                            realm="" />
                        <message clientCredentialType="UserName" negotiateServiceCredential="true" />
                    </security>
                </binding>
            </wsHttpBinding>
        </bindings>
        <client>
            <endpoint address="https://server.com:446/DataExchangeService/DataExchangeService.svc"
                binding="wsHttpBinding" bindingConfiguration="WSHttpBinding_IDataExchangeService"
                contract="DataExchangeSvc.IDataExchangeService" name="WSHttpBinding_IDataExchangeService">
                <identity>
                    <dns value="localhost" />
                </identity>
            </endpoint>
        </client>
    </system.serviceModel>
</configuration>

and here's how i'm calling the service within my client:

 static void Main(string[] args)
    {
        using (var client = new DataExchangeSvc.DataExchangeServiceClient())
        {
            client.ClientCredentials.UserName.UserName = "test";
            client.ClientCredentials.UserName.Password = "test";
            var data = client.RetrieveData();
        }
    }

When i set the the transport mode to "None" within security node in the Service config file the above works perfectly if i omit the credential lines, but the moment i change it to Basic i keep getting this error:

There was no endpoint listening at https://server.com:446/DataExchangeService/DataExchangeService.svc that could accept the message. This is often caused by an incorrect address or SOAP action. See InnerException, if present, for more details.

I don't really know what's going on so if anyone can guide me in any way that would be extremely helpful.

Thanks

like image 395
zSynopsis Avatar asked Dec 27 '22 13:12

zSynopsis


1 Answers

I think what you really want here is to use TransportWithMessageCredential instead of just Transport. Just using <security mode="Transport"> will get your service going over HTTPS but has nothing to do with using credentials for authentication. If you use <security mode="TransportWithMessageCredential"> you can use HTTPS and have username and password. Here is an MSDN article about this.

EDIT

If you really do just want to use Transport, take out the <message> node from your service config.

like image 56
Zann Anderson Avatar answered Jan 16 '23 09:01

Zann Anderson