I have a WCF REST service that has to accept a raw input stream from a client. In order to receive the raw stream, I'm using a custom binding in my web.config file. The service works fine if I set it to connect over standard HTTP. However, I'm having difficulty getting it to work over HTTPS.
Manual addressing is not supported with message level security. Configure the binding ('CustomBinding', 'http://tempuri.org/') to use transport security or to not do manual addressing.
Below is the configuration I'm using for HTTP:
<service behaviorConfiguration="LocalBehavior" name="RestService.CreditService">
<endpoint address="" behaviorConfiguration="web" binding="customBinding" bindingConfiguration="RawReceiveCapable" contract="RestService.ICreditService" />
</service>
<behavior name="LocalBehavior">
<serviceMetadata httpGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
</behavior>
<endpointBehaviors>
<behavior name="web">
<webHttp />
</behavior>
</endpointBehaviors>
<binding name="RawReceiveCapable">
<webMessageEncoding webContentTypeMapperType="RestService.Data.RawContentTypeMapper, RestService, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null" />
<httpTransport manualAddressing="true" maxReceivedMessageSize="524288000"
transferMode="Streamed" />
</binding>
And here is the configuration I'm using for HTTPS:
<service behaviorConfiguration="SecureBehavior" name="RestService.CreditService">
<endpoint address="basic" behaviorConfiguration="web" binding="customBinding" bindingConfiguration="RawReceiveCapable" name="httpsEndpoint" contract="RestService.ICreditService" />
<host>
<baseAddresses>
<add baseAddress="http://sitcreditserviceszalecorp.cloudapp.net:3389/CreditService.svc" />
<add baseAddress="https://sitcreditserviceszalecorp.cloudapp.net:443/CreditService.svc" />
</baseAddresses>
</host>
</service>
<behavior name="SecureBehavior">
<serviceMetadata httpGetEnabled="false" httpsGetEnabled="true" />
<serviceDebug httpHelpPageEnabled="false" httpsHelpPageEnabled="true" includeExceptionDetailInFaults="true" />
</behavior>
<binding name="RawReceiveCapable">
<webMessageEncoding webContentTypeMapperType="RestService.Data.RawContentTypeMapper, RestService, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null" />
<security authenticationMode="CertificateOverTransport"
requireSecurityContextCancellation ="true">
</security>
<httpsTransport manualAddressing="true" maxReceivedMessageSize="524288000" transferMode="Streamed" authenticationScheme="Anonymous" requireClientCertificate="false" />
</binding>
Can anyone point out what I'm doing wrong? Thanks.
I had the same issue until I came across an article suggesting to remove the security element. That worked for me.
Related
I am using Plesk for hosting my wcf service.
Getting an error of not found while host , although my service is working fine on my local iis .
This is error which i am facing while accessing my service from Plesk server
This is how my service is running on my local iis
below is myservice web configuration. referencing for endpoints.
<system.serviceModel>
<services>
<service name="ExploreQuranRestService.QuranService" behaviorConfiguration="serviceBehavior">
<!-- Service Endpoints -->
<endpoint address="customBinding" binding="customBinding" bindingConfiguration="basicConfig" contract="ExploreQuranRestService.IQuranServiceK" />
<endpoint address="" binding="webHttpBinding" behaviorConfiguration="REST" contract="ExploreQuranRestService.IQuranServiceK" />
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="serviceBehavior">
<serviceMetadata httpsGetEnabled="true" httpGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
</behavior>
</serviceBehaviors>
<endpointBehaviors>
<behavior name="REST">
<webHttp />
</behavior>
</endpointBehaviors>
</behaviors>
<bindings>
<customBinding>
<binding name="basicConfig">
<binaryMessageEncoding />
<httpTransport transferMode="Streamed" maxReceivedMessageSize="67108864" />
</binding>
</customBinding>
</bindings>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" />
</system.serviceModel>
I have to make a WCF service in visual studio 2015 MVC and it needs to be accesible only by SSL certificate, I´m using IIS (in Windows10) and trying to limit SSL for only this service (stored in a specifc folder).
When I change IIS option of this folder to "require SSL" the service said that "the http request is unauthorized with client authentication scheme 'anonymous'"
I changed web.config too, maybe something is bad there, the service´s name is EncServiceSSL
How can I do it?
WEB.config:
<system.serviceModel>
<behaviors>
<serviceBehaviors>
<behavior name="">
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="false" />
</behavior>
<behavior name="ServiceCredentialsBehavior">
<serviceMetadata httpGetEnabled="false" httpsGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="false" />
<serviceAuthorization serviceAuthorizationManagerType="MyNamespace.ClientCertificateValidator, MyAssembly">
<authorizationPolicies>
<add policyType="MyNamespace.AdamAuthorizationPolicy, MyAssembly" />
</authorizationPolicies>
</serviceAuthorization>
<serviceCredentials>
<serviceCertificate findValue="1234xx" x509FindType="FindBySubjectName" storeLocation="LocalMachine" storeName="Root"/>
<clientCertificate>
<authentication certificateValidationMode="PeerTrust" trustedStoreLocation="LocalMachine" />
</clientCertificate>
</serviceCredentials>
<useRequestHeadersForMetadataAddress>
<defaultPorts>
<add scheme="https" port="443"/>
</defaultPorts>
</useRequestHeadersForMetadataAddress>
</behavior>
</serviceBehaviors>
</behaviors>
<services>
<service behaviorConfiguration="ServiceCredentialsBehavior" name="System.Web.ApplicationServices.AuthenticationService">
<endpoint address="http://localhost:8111/ServicesSSL/EncServiceSSL"
binding="wsHttpBinding"
bindingConfiguration="QuoteService"
name="SecuredByClientCertificate"
contract="encelogistica.QuoteServiceReference.QuoteServiceSoapChannel" />
</service>
</services>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" />
<bindings>
<basicHttpBinding>
<binding name="QuoteService">
<security mode="Transport">
<transport clientCredentialType="Windows" />
</security>
</binding>
<binding name="QuoteServiceSoap" />
</basicHttpBinding>
</bindings>
<client>
<endpoint address="http://localhost:8111/ServicesSSL/EncServiceSSL.asmx"
binding="basicHttpBinding" bindingConfiguration="QuoteServiceSoap"
contract="QuoteServiceReference.QuoteServiceSoap" name="QuoteServiceSoap" />
</client>
</system.serviceModel>
</configuration>
Currently our services use Message level security, but as we are using Soap UI for testing. After many hours, we discovered that Soap UI is not good with Message level security, something to do with java core I believe.
Have tried to unravel the web.config to use Transport level security, which I believe is supported by Soap UI, but as soon as I change the security mode to Transport I get the following error:
Could not find a base address that matches scheme https for the endpoint with binding WSHttpBinding. Registered base address schemes are [http].
Can someone have a look at the config as I am sure that I have missed something.
<system.serviceModel>
<services>
<service name="MyService"
behaviorConfiguration="ServiceBehavior">
<endpoint address=""
binding="wsHttpBinding"
bindingConfiguration="ServiceWsHttpBinding"
name="ClaimServiceHttpEndpoint"
contract="IMyService" />
<endpoint address="mex"
binding="mexHttpBinding"
contract="IMetadataExchange" />
</service>
</services>
<bindings>
<wsHttpBinding>
<binding name="ServiceWsHttpBinding"
maxBufferPoolSize="2147483647"
maxReceivedMessageSize="2147483647">
<readerQuotas maxDepth="2000000"
maxStringContentLength="2147483647"
maxArrayLength="2147483647"
maxBytesPerRead="2147483647"
maxNameTableCharCount="2147483647" />
<security mode="Message">
<message clientCredentialType="UserName"
negotiateServiceCredential="false"
establishSecurityContext="false" />
</security>
</binding>
</wsHttpBinding>
</bindings>
<behaviors>
<endpointBehaviors>
<behavior name="ClientEndpointBehavior">
<clientCredentials>
<serviceCertificate>
<authentication certificateValidationMode="None" />
</serviceCertificate>
</clientCredentials>
</behavior>
</endpointBehaviors>
<serviceBehaviors>
<behavior name="ServiceBehavior">
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="false" />
<serviceDebug includeExceptionDetailInFaults="true" />
<serviceCredentials>
<serviceCertificate findValue="CN=test.service.com"
storeLocation="LocalMachine"
storeName="My"
x509FindType="FindBySubjectDistinguishedName" />
<userNameAuthentication userNamePasswordValidationMode="Custom"
customUserNamePasswordValidatorType="MyObject.UserAuthentication, MyObject.Utils" />
</serviceCredentials>
<serviceAuthorization principalPermissionMode="Custom">
<authorizationPolicies>
<add policyType="MyObject.Utils.AuthPolicy, Myobject.Utils" />
</authorizationPolicies>
</serviceAuthorization>
</behavior>
<behavior name="">
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="false" />
</behavior>
</serviceBehaviors>
</behaviors>
<protocolMapping>
<add binding="basicHttpsBinding" scheme="https" />
</protocolMapping>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" />
I've been tasked with updating an older WSE 3.0 amsx service with a newer WCF service, and it looks like I've got the signature/wsdl of the old service spoofed well enough but I can't seem to get the security configurations set in right.
I'm certainly no WSE wizard but I did find this wse3 policy file entry pertaining to the "Inquiry" service I'm updating:
<extensions>
<extension name="usernameOverTransportSecurity"
type="Microsoft.Web.Services3.Design.UsernameOverTransportAssertion, Microsoft.Web.Services3, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
<extension name="requireActionHeader"
type="Microsoft.Web.Services3.Design.RequireActionHeaderAssertion, Microsoft.Web.Services3, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
<extension name="mutualCertificate11Security" type="Microsoft.Web.Services3.Design.MutualCertificate11Assertion, Microsoft.Web.Services3, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
<extension name="x509" type="Microsoft.Web.Services3.Design.X509TokenProvider, Microsoft.Web.Services3, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
</extensions>
<policy name="Inquiry">
<usernameOverTransportSecurity />
<!--requireActionHeader /-->
</policy>
...
Based off of this msdn resource I should be able to use a custom binding to mimic the wse security, and here's my current web.config:
<system.serviceModel>
<extensions>
<behaviorExtensions>
<add name="portName" type="CustomWsdlExtension.PortNameWsdlBehaviorExtension, TT_Demo3"/>
</behaviorExtensions>
</extensions>
<behaviors>
<serviceBehaviors>
<behavior>
<serviceMetadata httpGetEnabled="true"/>
<serviceDebug includeExceptionDetailInFaults="true"/>
</behavior>
</serviceBehaviors>
<endpointBehaviors>
<behavior name="customPortName12">
<portName name="InquirySoap12"/>
</behavior>
</endpointBehaviors>
</behaviors>
<bindings>
<customBinding>
<binding name="OnePointTwo">
<security authenticationMode="UserNameOverTransport" />
<textMessageEncoding messageVersion="Soap12WSAddressingAugust2004" />
<httpsTransport/>
</binding>
</customBinding>
</bindings>
<services>
<service name="TT_Demo3.Inquiry">
<endpoint address=""
binding="customBinding"
bindingConfiguration="OnePointTwo"
contract="InquirySoap"
behaviorConfiguration="customPortName12"
name="InquirySoap12"/>
<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange"/>
</service>
</services>
<serviceHostingEnvironment multipleSiteBindingsEnabled="true"/>
</system.serviceModel>
The error I'm getting is Could not find a base address that matches scheme https for the endpoint with binding CustomBinding. Registered base address schemes are [http].
I've seen a lot of fixes for this type of issue to be adding a <security mode="transport" /> element to the binding but CustomBinding doesn't seem to support this.
Any ideas? Thanks in advance.
I've spent hours trying to figure out this particular error and have had no luck.
I keep getting an error reading like I'm missing an endpoint and I'm new to WCF web Services so I'm not sure what direction to look. Anyway, The error reads.
Could not find default endpoint element that references contract 'ServiceReference1.ServiceContract' in the ServiceModel client configuration section. This might be because no configuration file was found for your application, or because no endpoint element matching this contract could be found in the client element.
I create the object like this and then add a method.
ServiceReference1.ServiceContractClient test = new ServiceReference1.ServiceContractClient();
var connecting = test.Connect();
I have endpoints in my web.config file of the WcfProject. Here's my web.config
<?xml version="1.0"?>
<configuration xmlns:xdt="http://schemas.microsoft.com/XML-Document-Transform">
<system.web>
<compilation xdt:Transform="RemoveAttributes(debug)" />
<sessionState cookieless="false" mode="InProc"/>
<pages controlRenderingCompatibilityVersion="3.5" clientIDMode="AutoID"/>
</system.web>
<system.webServer>
<httpProtocol>
<customHeaders>
<add name="X-UA-Compatible" value="IE=edge" />
<add name="Access-Control-Allow-Origin" value="*" />
</customHeaders>
</httpProtocol>
</system.webServer>
<system.serviceModel>
<bindings>
<webHttpBinding>
<binding name="RestBinding"></binding>
</webHttpBinding>
</bindings>
<services>
<service behaviorConfiguration="ServiceBehavior" name="WcfRestService1.Service">
<endpoint name="ServiceBinding" contract="WcfRestService1.IService" binding="webHttpBinding" bindingConfiguration="RestBinding" behaviorConfiguration="RestBehavior" />
<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" />
<endpoint address="basic" binding="wsHttpBinding" bindingConfiguration="" contract="WcfRestService1.IService" />
<host>
<baseAddresses>
<add baseAddress="http://servername/WcfRestService1/Service.svc" />
</baseAddresses>
</host>
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="ServiceBehavior">
<serviceMetadata httpGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
</behavior>
</serviceBehaviors>
<endpointBehaviors>
<behavior name="RestBehavior">
<webHttp helpEnabled="true" />
</behavior>
</endpointBehaviors>
</behaviors>
<client>
<endpoint name="Default"
address="http://servername/WcfRestService1/Service.svc"
binding="webHttpBinding"
bindingConfiguration="RestBinding"
behaviorConfiguration="RestBehavior"
contract="WcfRestService1.IService" />
</client>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" />
</system.serviceModel>
</configuration>
I'm not sure what i need.
Thanks for any help.
You can not consume REST service using Service Proxy generated either by using Visual studio add service reference feature or using svcutil.exe. You need to use WebClient, HttpWebRequest or any other third party library capable of making http calls.