Menu
I have the following WCF client configuration:
<basicHttpBinding>
<binding name="basicHttpOCCWS" closeTimeout="00:01:00" openTimeout="00:01:00"
receiveTimeout="00:10:00" sendTimeout="00:01:00" allowCookies="false"
bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard"
maxBufferSize="100000000" maxBufferPoolSize="524288"
maxReceivedMessageSize="100000000" messageEncoding="Text"
textEncoding="utf-8" transferMode="Buffered" useDefaultWebProxy="true">
<readerQuotas maxDepth="32" maxStringContentLength="8192"
maxArrayLength="16384" maxBytesPerRead="4096"
maxNameTableCharCount="16384" />
<security mode="TransportCredentialOnly">
<transport clientCredentialType="Basic" />
</security>
</binding>
</basicHttpBinding>
In code, I am setting the username and password as follows:
client.ClientCredentials.UserName.UserName = _cacledUserId;
client.ClientCredentials.UserName.Password = _cachedPassword;
However, the web service running on Tomcat is returning an error:
"An authentication object was not found in the security context."
When I look at the HTTP header, it is missing credential information as shown below:
POST /occ600webservice/services/OCC_WS HTTP/1.1
Content-Type: application/soap+xml; charset=utf-8; action=""
Host: 192.54.173.130:8080
Content-Length: 2223
Expect: 100-continue
Why are my credentials not being sent?
TIA.
Klaus
496
To configure a service to authenticate its clients using Windows Domain username and passwords use the WSHttpBinding and set its Security. Mode property to Message . In addition you must specify an X509 certificate that will be used to encrypt the username and password as they are sent from the client to the service.
1 WCF Basic Authentication Service. The access to the resource in the service to be implemented will be secured using Basic Authentication transport security mechanisms. One of many provided by the Windows Communication Foundation. This kind of mechanism is used in conjunction with HTTPS to provide confidentiality.
For others who run into the same problem, wrap each call to the secured web service resource like this:
var client = new WCClient();
using (OperationContextScope scope = new OperationContextScope(client.InnerChannel))
{
var httpRequestProperty = new HttpRequestMessageProperty();
httpRequestProperty.Headers[System.Net.HttpRequestHeader.Authorization] =
"Basic " +
Convert.ToBase64String(Encoding.ASCII.GetBytes(
client.ClientCredentials.UserName.UserName + ":" +
client.ClientCredentials.UserName.Password));
OperationContext.Current.OutgoingMessageProperties[HttpRequestMessageProperty.Name] =
httpRequestProperty;
client.DoSomething();
}
see the following links:
184
Try changing the security element to also include the message element specifying the clientCredentialType to be UserName otherwise the transport doesn't know that you want to use the ClientCredentials.UserName object that you filled in.
<security mode="TransportCredentialOnly">
<transport clientCredentialType="Basic" proxyCredentialType="None" />
<message clientCredentialType="UserName"/>
</security>
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
