This is the first time im doing this and have come accross an issue. I think im nearly there but I need help from the gods!, (thats you guys !).
I have a web service (WCF) that works great. I now need to add an SSL certificate to this. I have installed the SSL certificate onto IIS and binded it to the web service.
I have also added the following into my web.config
<endpoint address="" behaviorConfiguration="WebBehavior" binding="webHttpBinding" contract="MyWebService.IService1" />
<endpoint address="https://myDomain.co.uk/Service1.svc" binding="wsHttpBinding" bindingConfiguration="TransportSecurity" contract="MyWebService.IService1">
<identity>
<certificateReference storeName="My" storeLocation="LocalMachine" x509FindType="FindBySubjectName" findValue="CertName" />
</identity>
I also have the following bindings
<binding name="secureHttpBinding" allowCookies="true">
<security mode="Transport">
<transport clientCredentialType="Certificate" />
</security>
</binding>
</webHttpBinding>
<wsHttpBinding>
<binding name="TransportSecurity">
<security mode="Transport">
<transport clientCredentialType="Certificate" />
</security>
</binding>
</wsHttpBinding>
<protocolMapping>
<add scheme="http" binding="wsHttpBinding" />
<add scheme="https" binding="basicHttpBinding" />
</protocolMapping>
My Issue is when I call the web service as HTTP its fine,
When I call it as HTTPS I am getting a 403 error. Im not sure what the issue is.
Help Please
Thanks in Advance
Alpesh
I found the answer.
First, the end point should only be the following. I removed the other end porint
<endpoint address="" behaviorConfiguration="WebBehavior" binding="webHttpBinding" bindingConfiguration="secureHttpBinding" contract="MyWebService.IService1" />
The binding should be
<webHttpBinding>
<binding name="secureHttpBinding" allowCookies="true">
<security mode="Transport" />
</binding>
</webHttpBinding>
I removed the the following line
<transport clientCredentialType="Certificate" />
This solved my issue. i hope this helps others. Thanks
Related
I have a WcfService hosted on Console Application on user(client) computer that provides access to document scanner device (Avision AD240) to scan documents and want to call this service from another website (e.g hosted on www.someotherdomain.com).
In summary: my website users work with jetScan document scanner and want to upload scanned images on the server in the website. I've done that in local IIS but I don't know how to address the local hosted service in the remote server hosted web application.
My WcfService Web.Config file looks like:
<?xml version="1.0"?>
<configuration>
<appSettings>
<add key="aspnet:UseTaskFriendlySynchronizationContext" value="true" />
</appSettings>
<system.web>
<compilation debug="true" targetFramework="4.7.2" />
<httpRuntime targetFramework="4.7.2"/>
</system.web>
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="BasicHttpBinding_IScannerService" maxReceivedMessageSize="2147483647">
</binding>
</basicHttpBinding>
</bindings>
<behaviors>
<serviceBehaviors>
<behavior>
<!-- To avoid disclosing metadata information, set the values below to false before deployment -->
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true"/>
<!-- To receive exception details in faults for debugging purposes, set the value below to true. Set to false before deployment to avoid disclosing exception information -->
<serviceDebug includeExceptionDetailInFaults="false"/>
</behavior>
</serviceBehaviors>
</behaviors>
<services>
<service name="WcfServiceScanner.ScannerService">
<endpoint address="" binding="basicHttpBinding" bindingConfiguration="BasicHttpBinding_IScannerService" contract="WcfServiceScanner.IScannerService">
<identity>
<dns value="localhost" />
</identity>
</endpoint>
<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" />
<host>
<baseAddresses>
<add baseAddress="http://localhost:8733/Design_Time_Addresses/WcfServiceScanner/WcfServiceScanner/" />
</baseAddresses>
</host>
</service>
</services>
<protocolMapping>
</protocolMapping>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" />
</system.serviceModel>
<system.webServer>
<!--<modules runAllManagedModulesForAllRequests="true"/>-->
<!--
To browse web app root directory during debugging, set the value below to true.
Set to false before deployment to avoid disclosing web app folder information.
-->
<directoryBrowse enabled="true"/>
<httpProtocol>
<customHeaders>
<add name="Access-Control-Allow-Origin" value="*"/>
<add name="Access-Control-Allow-Headers" value="Content-Type, Accept" />
<add name="Access-Control-Allow-Methods" value="POST,GET,OPTIONS" />
<add name="Access-Control-Max-Age" value="1728000" />
</customHeaders>
</httpProtocol>
</system.webServer>
</configuration>
and a part of my remote server web application web.config file looks like :
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="BasicHttpBinding_IScannerService" maxReceivedMessageSize="2147483647"/>
</basicHttpBinding>
<netTcpBinding>
<binding name="NetTcpBinding_IScannerService">
<security>
<transport sslProtocols="None" />
</security>
</binding>
</netTcpBinding>
</bindings>
<client>
<endpoint address="http://localhost:8080/WcfService" binding="basicHttpBinding"
bindingConfiguration="BasicHttpBinding_IScannerService" contract="WcfScannerService.IScannerService"
name="BasicHttpBinding_IScannerService" />
<endpoint address="net.tcp://localhost:8090/WcfService" binding="netTcpBinding"
bindingConfiguration="NetTcpBinding_IScannerService" contract="WcfScannerService.IScannerService"
name="NetTcpBinding_IScannerService">
<identity>
<userPrincipalName value="DESKTOP-KILE609\Hosein" />
</identity>
</endpoint>
</client>
</system.serviceModel>
The code is fine if it is locally accessible.
The following steps may help you:
Make sure the network is working on the other machine.
Check whether the IP address and port are occupied or shielded by the firewall.
Adding ?wsdl in the end of the url,if that works and show you an xml file, the service is reachable.
Thanks.
I'm trying to publish a webservice created and published in VS2015. When I publish it in IIS, I have the following error:
Could not find a base address that matches scheme http for the endpoint with binding WebHttpBinding. Registered base address schemes are [https]
I saw a lot of posts about it, and I tried to change my IIS and my web.config with no success.
I have configured a https website in IIS with self-signed certificate. It works normally, but when I try to access the webservice, I got the error that I described above. If I use this webservice in http websites, it works with no problem.
My web.config
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<configSections>
<!-- For more information on Entity Framework configuration, visit http://go.microsoft.com/fwlink/?LinkID=237468 -->
<section name="entityFramework" type="System.Data.Entity.Internal.ConfigFile.EntityFrameworkSection, EntityFramework, Version=5.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" requirePermission="false" />
</configSections>
<appSettings>
<add key="aspnet:UseTaskFriendlySynchronizationContext" value="true" />
</appSettings>
<system.web>
<compilation targetFramework="4.6" />
<httpRuntime targetFramework="4.6" />
<customErrors mode="Off"/>
</system.web>
<system.serviceModel>
<!--CONFIGURAÇÃO DO SERVIÇO-->
<services>
<service name="ServicoRest.ServiceGestorWMS">
<endpoint address="../ServiceGestorWMS.svc" binding="webHttpBinding" contract="ServicoRest.IServiceGestorWMS" behaviorConfiguration="webBehaviour" />
<endpoint address="mex"
binding="mexHttpsBinding"
contract="IMetadataExchange" />
</service>
</services>
<bindings>
<webHttpBinding>
<binding maxBufferPoolSize="2147483647" maxBufferSize="2147483647" maxReceivedMessageSize="2147483647">
<security mode="TransportCredentialOnly">
<transport clientCredentialType="Windows"/>
</security>
</binding>
<binding name="webHttpsBinding" maxBufferPoolSize="2147483647" maxBufferSize="2147483647" maxReceivedMessageSize="2147483647">
<security mode="Transport">
<transport clientCredentialType="Windows"/>
</security>
</binding>
</webHttpBinding>
</bindings>
<behaviors>
<serviceBehaviors>
<behavior>
<!-- To avoid disclosing metadata information, set the values below to false before deployment -->
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />
<!-- To receive exception details in faults for debugging purposes, set the value below to true. Set to false before deployment to avoid disclosing exception information -->
<serviceDebug includeExceptionDetailInFaults="false" />
</behavior>
</serviceBehaviors>
<!--CONFIGURAÇÃO DO SERVIÇO-->
<endpointBehaviors>
<behavior name="webBehaviour">
<webHttp />
</behavior>
</endpointBehaviors>
</behaviors>
<protocolMapping>
<add binding="basicHttpsBinding" scheme="https" />
</protocolMapping>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" />
</system.serviceModel>
<system.webServer>
<!--SE VOCÊ PRECISAR ACESSAR O SERVIÇO DE OUTRO DOMÍNIO VIA JAVASCRIPT VOCÊ DEVE INFORMAR O BLOCO DE CÓDIGO ABAIXO -->
<httpProtocol>
<customHeaders>
<add name="Access-Control-Allow-Origin" value="*" />
<add name="Access-Control-Allow-Headers" value="Content-Type, Accept" />
<add name="Access-Control-Allow-Methods" value="GET, POST, PUT, DELETE, OPTIONS" />
</customHeaders>
</httpProtocol>
<modules runAllManagedModulesForAllRequests="true" />
<!--
To browse web app root directory during debugging, set the value below to true.
Set to false before deployment to avoid disclosing web app folder information.
-->
<directoryBrowse enabled="true" />
</system.webServer>
<connectionStrings>
<add name="" connectionString="metadata=res://*/Model1.csdl|res://*/Model1.ssdl|res://*/Model1.msl;provider=System.Data.SqlClient;provider connection string="data source=;initial catalog=;persist security info=True;user id=sa;password=;MultipleActiveResultSets=True;App=EntityFramework"" providerName="System.Data.EntityClient" />
</connectionStrings>
<entityFramework>
<defaultConnectionFactory type="System.Data.Entity.Infrastructure.SqlConnectionFactory, EntityFramework" />
</entityFramework>
</configuration>
<!--ProjectGuid: {D84BF523-87CA-4D7D-90AE-CEE789984582}-->
Murphy,
You do not seem to have set the binding. You would need something like the code below in your web.config if you want to support HTTP and HTTPS for the webHttpBinding:
<webHttpBinding>
<binding maxBufferPoolSize="2147483647" maxBufferSize="2147483647" maxReceivedMessageSize="2147483647">
<security mode="TransportCredentialOnly">
<transport clientCredentialType="Windows"/>
</security>
</binding>
<binding name="webHttpsBinding" maxBufferPoolSize="2147483647" maxBufferSize="2147483647" maxReceivedMessageSize="2147483647">
<security mode="Transport">
<transport clientCredentialType="Windows"/>
</security>
</binding>
</webHttpBinding>
Ok, I really need help getting this setup. Currently i have an ssl cert installed. I have a wcf service installed in iis as an application. I have set it to require ssl and i am able to connect to the service. Issue is i want windows authentication. and i want to disable anonymous security. Soon as i disable anonymous and keep windows auth. i get an error:
"the authentication schemes configured on the host ('IntegratedWindowsAuthentication') do not allow those configured on the binding 'BasicHttpBinding' ('Anonymous'). Please ensure that the SecurityMode is set to Transport or TransportCredentialOnly.etc etc...."
When i turn anonymous back on with windows auth. Yes i can access the service but it doesn't use the windows auth.. its weird because other files such as test.html for example still require username/password. i don't know how to properly restrict a webservice for windows auth using ssl... can anyone help me?? please
<?xml version="1.0"?>
<configuration>
<system.web>
<compilation debug="true" strict="false" explicit="true" targetFramework="4.0" />
<customErrors mode="Off"/>
</system.web>
<system.serviceModel>
<bindings>
<wsHttpBinding>
<binding name="TransportSecurity">
<security mode="Transport">
<transport clientCredentialType="Windows" />
</security>
<readerQuotas maxDepth="2147483647"
maxStringContentLength="2147483647"
maxArrayLength="2147483647"
maxBytesPerRead="2147483647"
maxNameTableCharCount="2147483647" />
</binding>
</wsHttpBinding>
</bindings>
<services>
<service name="WcfConcur.ConcurService">
<endpoint address=""
binding="wsHttpBinding"
bindingConfiguration="TransportSecurity"
contract="WcfConcur.IConcurService"/>
<endpoint address="mex"
binding="mexHttpsBinding"
contract="IMetadataExchange" />
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior>
<!-- To avoid disclosing metadata information, set the value below to false and remove the metadata endpoint above before deployment -->
<serviceMetadata httpsGetEnabled="true"/>
<!-- To receive exception details in faults for debugging purposes, set the value below to true. Set to false before deployment to avoid disclosing exception information -->
<serviceDebug includeExceptionDetailInFaults="true"/>
</behavior>
</serviceBehaviors>
</behaviors>
<serviceHostingEnvironment multipleSiteBindingsEnabled="true" />
</system.serviceModel>
<system.webServer>
<modules runAllManagedModulesForAllRequests="true"/>
</system.webServer>
</configuration>
on the client side, i add a reference to the wcf. and it downloads this automatically. thing is my intial wcf address that is hosted is https://address/whatever.svc and when it downloads it shows http://internal address i don't know if thats the issue
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<startup>
<supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.0,Profile=Client" />
</startup>
<system.serviceModel>
<client>
<endpoint address="http://internal address/wcfConcurService/ConcurService.svc"
binding="basicHttpBinding" bindingConfiguration="BasicHttpBinding_IConcurService"
contract="wcfConcurRef.IConcurService" name="BasicHttpBinding_IConcurService" />
</client>
<bindings>
<basicHttpBinding>
<binding name="BasicHttpBinding_IConcurService" />
</basicHttpBinding>
</bindings>
</system.serviceModel>
</configuration>
The error message thrown, when anonymous access is disabled, seems to indicate an issue with the client configuration.
The client configuration appears to be using the basicHttpBinding which is different from the server configuration which is using wsHttpBinding. To resolve the binding issue, you should copy the server binding configuration to the client configuration file and then update the client endpoint to use the new binding configuration.
Your client configuration should look something like:
<system.serviceModel>
<client>
<endpoint address="https://enter-external-address-here/wcfConcurService/ConcurService.svc"
binding="wsHttpBinding" bindingConfiguration="TransportSecurity"
contract="wcfConcurRef.IConcurService" name="BasicHttpBinding_IConcurService" />
</client>
<bindings>
<wsHttpBinding>
<binding name="TransportSecurity">
<security mode="Transport">
<transport clientCredentialType="Windows" />
</security>
</binding>
</wsHttpBinding>
</bindings>
</system.serviceModel>
I had some problem with my cybersource test security key..
this is my web.config/app.config
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="ITransactionProcessor">
<security mode="TransportWithMessageCredential" />
</binding>
<binding name="ITransactionProcessor1" />
<binding name="BasicHttpBinding_IServiceBilling" />
</basicHttpBinding>
</bindings>
<client>
<endpoint address="http://wcf.tw.gamagic.com/BillingPlus/ServiceBilling.svc"
binding="basicHttpBinding" bindingConfiguration="BasicHttpBinding_IServiceBilling"
contract="BillingWcf.IServiceBilling" name="BasicHttpBinding_IServiceBilling" />
<endpoint address="https://ics2wstest.ic3.com/commerce/1.x/transactionProcessor"
binding="basicHttpBinding" bindingConfiguration="ITransactionProcessor"
contract="cyberSourceWcf.ITransactionProcessor" name="portXML" />
</client>
</system.serviceModel>
And I use the most updated version of test web service they provided
https://ics2ws.ic3.com/commerce/1.x/transactionProcessor/CyberSourceTransaction_1.109.wsdl
and When I tried the enrollAuthService, the system always return this error
Security Data : No WS-Security Header
Do you guys have any idea what's going on?
It was fixed for me when I changed security mode from Transport to TransportWithMessageCredential.
I'm having the following message: The maximum message size quota for incoming messages (65536) has been exceeded. To increase the quota, use the MaxReceivedMessageSize property on the appropriate binding element in my mvc 4 application using a web service.
The web service is a asmx file. I've tries some of the solutions mentioned in the forum
(like exending the maxReceivedMessageSize), but still I got the same error message:
My web config:
<?xml version="1.0"?>
<!--
For more information on how to configure your ASP.NET application, please visit
http://go.microsoft.com/fwlink/?LinkId=169433
-->
<configuration>
<system.web>
<compilation debug="true" targetFramework="4.5" />
<httpRuntime targetFramework="4.5" />
</system.web>
<system.webServer>
<directoryBrowse enabled="true"/>
</system.webServer>
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="ServiceSoap" maxBufferSize="2147483647" maxReceivedMessageSize="2147483647"/>
</basicHttpBinding>
</bindings>
<client>
<endpoint address="http://haifaws.haifanet.org.il/service.asmx"
binding="basicHttpBinding" bindingConfiguration="ServiceSoap"
contract="ServiceReference1.ServiceSoap" name="ServiceSoap" />
<endpoint address="http://haifaws.haifanet.org.il/service2.asmx"
binding="basicHttpBinding" bindingConfiguration="Service2Soap"
contract="ServiceReference2.Service2Soap" name="Service2Soap" />
</client>
</system.serviceModel>
</configuration>
Thanks a lot
Figured it out...
In web config of the application:
Keep on identical naming in client and binding tags
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="BasicHttpBinding_IService1" maxBufferSize="2147483647" maxReceivedMessageSize="2147483647" />
</basicHttpBinding>
</bindings>
<client>
<endpoint address="http://localhost:60971/Service1.svc" binding="basicHttpBinding" bindingConfiguration="BasicHttpBinding_IService1" contract="ServiceClient.IService1" name="BasicHttpBinding_IService1" />
</client>
</system.serviceModel>