I am using WCF REST service with basic authentication(UserName / Password) in IIS.
My interface - ICustomer.cs is as below:
namespace SampleService
{
[ServiceContract]
public interface ICustomer
{
[OperationContract]
[WebInvoke(Method = "GET",
RequestFormat = WebMessageFormat.Json,
ResponseFormat = WebMessageFormat.Json,
UriTemplate = "/Customer/{email}")]
string GetCustomerID(string email);
}
}
Customer.svc is as below:
<%# ServiceHost Language="C#" Debug="true" Service="SampleService.Customer" CodeBehind="Customer.svc.cs" %>
Customer.svc.cs:
namespace SampleService
{
public class Customer : ICustomer
{
public string GetCustomerID(string strEmail)
{
string returnJsonString = bllContactDetails.GetCustomerID(strEmail).ToString(Formatting.None);
WebOperationContext customContext;
customContext = Utility.General.SetCustomHttpStatusCode(returnJsonString);
return returnJsonString;
}
}
public class RestAuthorizationManager : ServiceAuthorizationManager
{
protected override bool CheckAccessCore(OperationContext operationContext)
{
//Extract the Authorization header, and parse out the credentials converting the Base64 string:
var authHeader = WebOperationContext.Current.IncomingRequest.Headers["Authorization"];
if ((authHeader != null) && (authHeader != string.Empty))
{
var svcCredentials = System.Text.ASCIIEncoding.ASCII
.GetString(Convert.FromBase64String(authHeader.Substring(6)))
.Split(':');
var user = new { Name = svcCredentials[0], Password = svcCredentials[1] };
if ((user.Name == "testuser" && user.Password == "testpassword"))
{
//User is authrized and originating call will proceed
return true;
}
else
{
//not authorized
return false;
}
}
else
{
//No authorization header was provided, so challenge the client to provide before proceeding:
WebOperationContext.Current.OutgoingResponse.Headers.Add("WWW-Authenticate: Basic realm=\"MyWCFService\"");
//Throw an exception with the associated HTTP status code equivalent to HTTP status 401
throw new WebFaultException(HttpStatusCode.Unauthorized);
}
}
}
}
I have added Web.Config as below:
<system.serviceModel>
<behaviors>
<serviceBehaviors>
<behavior name="ServiceBehavior">
<serviceMetadata httpGetEnabled="true"
httpsGetEnabled="true"/>
<serviceDebug includeExceptionDetailInFaults="true"/>
<serviceAuthorization serviceAuthorizationManagerType=" SampleService.RestAuthorizationManager, SampleService"/>
</behavior>
</serviceBehaviors>
<endpointBehaviors>
<behavior name="webHttpServiceBehavior">
<!-- Important this is the behavior that makes a normal WCF service to REST based service-->
<webHttp/>
</behavior>
</endpointBehaviors>
</behaviors>
<services>
<service name="SampleService.Customer" behaviorConfiguration="ServiceBehavior">
<host>
<baseAddresses>
<add baseAddress="https://192.168.0.122:443/" />
</baseAddresses>
</host>
<endpoint binding="webHttpBinding" contract="SampleService.ICustomer" behaviorConfiguration="webHttpServiceBehavior" />
</service>
</services>
</system.serviceModel>
I have created Custom SSL and also enabled Basic Authentication in IIS.
When view my IIS hosted WCF service in browser it shows all the list of services.
But when I try to get data using Customer.svc method it is throwing error as below:
HTTP 404. The resource you are looking for (or one of its
dependencies) could have been removed, had its name changed, or is
temporarily unavailable. Please review the following URL and make
sure that it is spelled correctly.
Please find
Also, please let me know if it is the correct binding I'm using for obtaining Basic Authentication.
Related
I am creating a WCF service in ASP.NET and there i need to implement Get and Post Methods for simple Login page
This is for running the application on Local host.I have SQL server for the database.
C#:
This is the interface I have coded:
[ServiceContract]
public interface ILogin
{
[OperationContract(Name = "PostUserDetails")]
[WebInvoke(Method = "POST",UriTemplate = "")]
string UserName(Stream data);
string UserPassword(Stream data);
[OperationContract(Name = "GetUserDetails")]
[WebGet(UriTemplate = "GetUserDetails/inputStr/{name}")]
string UserName(string name);
string UserPassword(string name);
}
This is the class I have coded:
public class Login :ILogin
{
public string UserName(Stream data)
{
StreamReader streamReader = new StreamReader(data);
string xmlString = streamReader.ReadToEnd();
string returnValue = xmlString;
return returnValue;
}
public string UserPassword(Stream data)
{
StreamReader streamReader = new StreamReader(data);
string xmlString = streamReader.ReadToEnd();
string returnValue = xmlString;
return returnValue;
}
public string UserName(string strUserName)
{
StringBuilder strReturnValue = new StringBuilder();
// return username prefixed as shown below
strReturnValue.Append(string.Format("You have entered userName as {0}", strUserName));
return strReturnValue.ToString();
}
public string UserPassword(string strUserName)
{
StringBuilder strReturnValue = new StringBuilder();
// return username prefixed as shown below
strReturnValue.Append(string.Format("You have entered userName as {0}", strUserName));
return strReturnValue.ToString();
}
}
I have also configured the web.config as:
<system.serviceModel>
<services>
<service name="MyWCFService.Login" behaviourConfiguration ="loginbehaviour" >
<endpoint name="webHttpBinding" address="" binding="webHttpBinding" contract="MyWCFService.ILogin" behaviorConfiguration="webHttp">
</endpoint>
<endpoint name ="mexHttpBinding" address="mex" binding="mexHttpBinding" contract="IMetadataExchange"></endpoint>
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="MyWCFServiceBehaviour">
<serviceMetadata httpGetEnabled="false"></serviceMetadata>
<serviceDebug includeExceptionDetailInFaults="false"/>
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true"/>
<serviceDebug includeExceptionDetailInFaults="false"/>
</behavior>
</serviceBehaviors>
<endpointBehaviors>
<behavior name="webHttp"></behavior>
<webHttp/>
</endpointBehaviors>
</behaviors>
<protocolMapping>
<add binding="basicHttpsBinding" scheme="https" />
</protocolMapping>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" />
</system.serviceModel>
I am getting HTTP Error 404.7 - Not Found Error
First of all you cant use Stream as your input. because stream con not serialized. then you don't need to create two separate methods. create login like this and use * as your Method. something like this:
[OperationContract(Name = "PostUserDetails")]
[WebInvoke(Method = "*",UriTemplate = "")]
string UserName(Data data);
string UserPassword(Data data);
I have a WCF web service working with basic authentification.
I want to define a user/password for this service. So I wrote my web.config to user basic authentification :
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="UsernameWithTransportCredentialOnly">
<security mode="TransportCredentialOnly">
<transport clientCredentialType="Basic"/>
</security>
</binding>
</basicHttpBinding>
</bindings>
<behaviors>
<serviceBehaviors>
<behavior name="ServiceWithMetaData">
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
<serviceAuthorization serviceAuthorizationManagerType="InterfaceWS.CredentialsChecker,App_Code.CredentialsChecker"/>
</behavior>
</serviceBehaviors>
</behaviors>
<services>
<service behaviorConfiguration="ServiceWithMetaData" name="InterfaceWS.MyService" >
<endpoint
address="https://localhost:44336/MyService.svc"
binding="basicHttpBinding"
bindingConfiguration="UsernameWithTransportCredentialOnly"
name="BasicEndpoint"
contract="InterfaceWS.IErpService">
</endpoint>
</service>
</services>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true"
multipleSiteBindingsEnabled="false" />
</system.serviceModel>
I created a class inherited from ServiceAuthorizationManager :
namespace InterfaceWS
{
public class CredentialsChecker : ServiceAuthorizationManager
{
protected override bool CheckAccessCore(OperationContext operationContext)
{
//Extract the Authorization header, and parse out the credentials converting the Base64 string:
var authHeader = WebOperationContext.Current.IncomingRequest.Headers["Authorization"];
if ((authHeader != null) && (authHeader != string.Empty))
{
var svcCredentials = System.Text.ASCIIEncoding.ASCII
.GetString(Convert.FromBase64String(authHeader.Substring(6)))
.Split(':');
var user = new
{
Name = svcCredentials[0],
Password = svcCredentials[1]
};
if ((user.Name == "testuser" && user.Password == "testpassword"))
{
//User is authrized and originating call will proceed
return true;
}
else
{
//not authorized
return false;
}
}
else
{
//No authorization header was provided, so challenge the client to provide before proceeding:
WebOperationContext.Current.OutgoingResponse.Headers.Add("WWW-Authenticate: Basic realm=\"MyWCFService\"");
//Throw an exception with the associated HTTP status code equivalent to HTTP status 401
throw new WebFaultException(HttpStatusCode.Unauthorized);
}
}
public override bool CheckAccess(OperationContext operationContext)
{
return false;
}
}
}
But the CheckAccessCore is never reached and i'm unable to connect to my Service. What did I do wrong ?
serviceAuthorization is about granting access to particular resources based on user credentials. You want authentication.
You can use serviceCredentials/userNameAuthentication tags in the configuration.
Example of configuration is given here: https://learn.microsoft.com/en-us/dotnet/framework/wcf/samples/membership-and-role-provider
I have a self-hosted WCF RESTful API that exposes some functionality that I don't want exposed to unauthorized users. All administrators must be signed in using a custom ASP.NET membership provider to call the REST API. Currently I just send a API key which is unsecure as it can be seen by all. All calls to the REST API is done via jQuery. I'm not using TLS/SSL or other transport security mechanisms. All REST API calls are done against the same server/domain, so there are no cross-domain calls or JSONP stuff going on.
My question is, what is the best practice in my case for securing my REST API? Perhaps I should use OAuth for this - the more I read about OAuth the more it seems it is not for my scenario with jQuery.
IVeraCMS.cs:
[ServiceContract]
public interface IVeraCMS {
[OperationContract]
[WebInvoke(Method = "GET",
BodyStyle = WebMessageBodyStyle.WrappedRequest,
RequestFormat = WebMessageFormat.Json,
ResponseFormat = WebMessageFormat.Json)]
string PerformanceCounter(string API_Key);
}
VeraCMS.cs:
[ServiceBehavior(ConcurrencyMode = ConcurrencyMode.Multiple, InstanceContextMode = InstanceContextMode.PerCall,
IncludeExceptionDetailInFaults = false, MaxItemsInObjectGraph = 1000)]
public class VeraCMS : IVeraCMS
{
public string PerformanceCounter(string API_Key)
{
if (ConfigurationManager.AppSettings["API_key"] != API_Key)
throw new SecurityException("Access denied");
var procPercentage = new PerformanceCounter("Processor", "% Processor Time", "_Total");
procPercentage.NextValue();
var memPercentage = new PerformanceCounter("Memory", "Available MBytes");
memPercentage.NextValue();
const int samplingIntervalMs = 100;
Thread.Sleep(samplingIntervalMs);
var json = "{" + String.Format("\"ProcTime\":\"{0}%\",\"AvailMemory\":\"{1}MB\"" ,
procPercentage.NextValue().ToString(), memPercentage.NextValue().ToString()
) + "}";
return json;
}
}
}
Web.config:
<system.serviceModel>
<bindings>
<webHttpBinding>
<binding name="VeraWAF.WebPages.Interfaces.VeraCMS.Endpoint.Binding" maxReceivedMessageSize="4096" crossDomainScriptAccessEnabled="true" />
</webHttpBinding>
</bindings>
<services>
<service behaviorConfiguration="VeraWAF.WebPages.Interfaces.VeraCMS.Service.Behavior"
name="VeraWAF.WebPages.Interfaces.VeraCMS">
<endpoint address="" behaviorConfiguration="VeraWAF.WebPages.Interfaces.VeraCMS.Endpoint.Behavior"
binding="webHttpBinding" bindingConfiguration="VeraWAF.WebPages.Interfaces.VeraCMS.Endpoint.Binding"
contract="VeraWAF.WebPages.Interfaces.IVeraCMS" />
</service>
</services>
<behaviors>
<endpointBehaviors>
<behavior name="VeraWAF.WebPages.Interfaces.VeraCMS.Endpoint.Behavior">
<webHttp defaultOutgoingResponseFormat="Json" />
</behavior>
</endpointBehaviors>
<serviceBehaviors>
<behavior name="VeraWAF.WebPages.Interfaces.VeraCMS.Service.Behavior">
<serviceDebug includeExceptionDetailInFaults="true" />
</behavior>
</serviceBehaviors>
</behaviors>
You can do basic HTTP authentication like this:
WebServiceHost secureHost
secureHost.Credentials.UserNameAuthentication.UserNamePasswordValidationMode = UserNamePasswordValidationMode.Custom;
secureHost.Credentials.UserNameAuthentication.CustomUserNamePasswordValidator = new ClientValidator(username, password);
// Need to reference System.IdentityModel
public class ClientValidator : UserNamePasswordValidator
{
private readonly string _password;
private readonly string _username;
public ClientValidator(string username, string password)
{
_password = password;
_username = username;
}
public override void Validate(string userName, string password)
{
if (userName != _username || (password != _password))
{
WebFaultException rejectEx = new WebFaultException(HttpStatusCode.Unauthorized);
rejectEx.Data.Add("HttpStatusCode", rejectEx.StatusCode);
throw rejectEx;
}
}
}
Just keep in mind that your username and password can be easily sniffed if you are not using SSL. You can change the Validate method to fetch username and password from DB or some other service.
I was trying an example partially from Chapter 5 - RESTful .Net, but couldn't make it work for some reason (receiving 404-Not found).
using System;
using System.ServiceModel;
using System.ServiceModel.Description;
using System.ServiceModel.Web;
[ServiceContract]
public class RestService
{
[OperationContract]
[WebGet(UriTemplate = "Hosting")]
public void Hosting()
{
Console.WriteLine("RestService::Hosting()");
WebOperationContext.Current.OutgoingResponse.StatusCode = System.Net.HttpStatusCode.OK;
}
static void Main(string[] args)
{
var host = new ServiceHost(typeof(RestService));
var endpoint = host.AddServiceEndpoint(typeof(RestService), new WebHttpBinding(), "http://localhost:8080/Hosting");
endpoint.Behaviors.Add(new WebHttpBehavior());
host.Open();
Console.ReadKey();
}
}
It works (returns status-code OK) if I use WebServiceHost as follows
static void Main(string[] args)
{
var host = new WebServiceHost(typeof(RestService), new Uri("http://localhost:8080"));
host.Open();
Console.ReadKey();
}
So the question is how to make it work with ServiceHost (without any configuration file etc. if possible) ?
WebServiceHost creates an EndPoint for you, nothing wrong if you continue using it. Refer this link for more details...
But you can also add below configuration to your service configuration to use ServiceHost, I have given an example, you can change it to reflect your service classes.
<system.serviceModel>
<services>
<service name="YourService.DateTimeService" behaviorConfiguration="customBehavior">
<endpoint address="Basic" binding="basicHttpBinding" contract="DifferentBindings.IDateTime">
<identity>
<dns value="localhost" />
</identity>
</endpoint>
<endpoint address="Web" binding="webHttpBinding" contract="DifferentBindings.IDateTime" behaviorConfiguration="webHttpBehavior">
<identity>
<dns value="localhost"/>
</identity>
</endpoint>
<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" />
<host>
<baseAddresses>
<add baseAddress="http://localhost:8731/DifferentBindings/DateTimeService/" />
</baseAddresses>
</host>
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior>
<!-- To avoid disclosing metadata information,
set the value below to false before deployment -->
<serviceMetadata httpGetEnabled="True"/>
<!-- To receive exception details in faults for debugging purposes,
set the value below to true. Set to false before deployment
to avoid disclosing exception information -->
<serviceDebug includeExceptionDetailInFaults="False" />
</behavior>
</serviceBehaviors>
<endpointBehaviors>
<behavior name="webHttpBehavior">
<webHttp/>
</behavior>
</endpointBehaviors>
</behaviors>
</system.serviceModel>
So I was curious how complex this will be with WCF. Tried it out. It's streight forward.
I used this tutorial to create a simple service that has a doWork method that expects a string and returns a greeting.
Greeting:
[DataContract]
public class Greeting
{
[DataMember]
public string Str { get; set; }
}
Svc Contract:
[OperationContract]
[WebInvoke(Method = "ResponseFormat = WebMessageFormat.BodyStyle = WebMessageBodyStyle.Bare, UriTemplate = "sayHello/{name}/")]
Greeting DoWork(string name);
Svc Impl:
public class GreetingService : IGreetingService
{
public Greeting DoWork(string name)
{
return new Greeting {Str = string.Format("Hello {0}", name)};
}
}
Then you can first test it by:
Right click on the svc file in visual studio > view in browser
add 'sayHello/test' to the url
see the greeting in the browser
A consumer for this can be implemented in AngularJS using either the $http oder the $resource service
<!DOCTYPE html>
<html ng-app="restTest">
<head>
<title></title>
<script src="https://ajax.googleapis.com/ajax/libs/angularjs/1.2.27/angular.min.js"></script>
<script src="https://ajax.googleapis.com/ajax/libs/angularjs/1.2.27/angular-resource.min.js"></script>
<script language="javascript">
// set up the app
var app = angular.module('restTest', ['ngResource']);
// create a controller
app.controller('RestTestCtrl', function ($scope, $http, $resource) {
// initial greeting
$scope.greeting = "Not greeted yet";
// say hello, consuming the svc using $http
$scope.sayHelloHttp = function () {
var url = "http://localhost:7507/GreetingService.svc/sayHello/" + $scope.inName + "/";
$http.get(url).
success(function(data) {
$scope.greeting = data.Str;
});
}
// say hello, consuming the svc using $resource
$scope.sayHelloRest = function () {
var GreetingSvc = $resource("http://localhost:7507/GreetingService.svc/sayHello/:name");
GreetingSvc.get({ name: $scope.inName }, function(data) {
$scope.greeting = data.Str;
});
}
});
</script>
</head>
<body ng-controller="RestTestCtrl">
<!-- bind the value of this input to the scope -->
<input type="text" ng-model="inName"/>
<button ng-click="sayHelloHttp()">$http</button>
<button ng-click="sayHelloRest()">$resource</button>
<!-- bind the greeting property -->
<div>{{greeting}}</div>
</body>
</html>
I guess everything above can be expressed more advance but it should give you a basic and working example to get started.
I'm trying to send data to WCF service from an Android Application but somehow the service doesn't seems to be call through the android. I received a STATUSCODE value = 500 through adnroid in LOGCAT (which means the Internal Server Error) I go through the source code 100 times but didn't figure out the Bug. and almost checked all the posts related to my problem but still didn't get any solution.
HERE IS THS CODE
Android Code:
private class sendPostData extends AsyncTask<String, Void, String>
{
#Override
protected String doInBackground(String... params) {
// TODO Auto-generated method stub
HttpPost request = new HttpPost( LOGIN_SERVICE_URL + "/MyCar");
request.setHeader("Accept", "application/json");
request.setHeader("Content-type", "application/json");
JSONStringer getCarInfo;
try {
getCarInfo = new JSONStringer()
.object()
.key("myCar")
.object()
.key("Name").value(edt_carName.getText().toString())
.key("Make").value(edt_carMake.getText().toString())
.key("Model").value(edt_carModel.getText().toString())
.endObject()
.endObject();
StringEntity entity = new StringEntity(getCarInfo.toString());
request.setEntity(entity);
// Send request to WCF service
DefaultHttpClient httpClient = new DefaultHttpClient();
HttpResponse response = httpClient.execute(request);
Log.d("WebInvoke", "Saving : " + response.getStatusLine().getStatusCode());
}
catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
return null;
}
#Override
protected void onPostExecute(String result) {
txt_verif.setText("Success");
}
}
everything is working fine in android code except calling the WCF service. I Debug the code several times and received statuscode = 500
HERE is the WCF Service
Service.cs
public class Service1 : IService1
{
public void UpdateMyCar(myCar myCar) {
string strConnectionString = ConfigurationManager.ConnectionStrings["Database1"].ConnectionString;
SqlConnection conn = new SqlConnection(strConnectionString);
conn.Open();
using (SqlCommand cmd = new SqlCommand("Insert into TestingTable (Name,Make,Model) Values (#Name,#Make,#Model)", conn)) {
cmd.Parameters.AddWithValue("#Name", myCar.Name);
cmd.Parameters.AddWithValue("#Make", myCar.Make);
cmd.Parameters.AddWithValue("#Model", myCar.Model);
int queryResult = cmd.ExecuteNonQuery();
} conn.Close();
}
LogCat
WebInvoke Saving : 500
IService1.svc
[ServiceContract]
public interface IService1
{
[OperationContract]
[WebInvoke(
Method = "POST",
UriTemplate = "MyCar",
BodyStyle = WebMessageBodyStyle.WrappedRequest,
ResponseFormat = WebMessageFormat.Json,
RequestFormat = WebMessageFormat.Json)]
void UpdateMyCar(myCar myCar);
}
[DataContract]
public class myCar
{
[DataMember(Name="Name")]
public string Name
{
get;
set;
}
[DataMember(Name="Model")]
public string Model
{
get;
set;
}
[DataMember(Name="Make")]
public string Make
{
get;
set;
}
Web.Config
<?xml version="1.0"?>
<configuration>
<appSettings/>
<connectionStrings/>
<system.web>
<compilation debug="true" targetFramework="4.0">
</compilation>
<authentication mode="Windows"/>
<pages controlRenderingCompatibilityVersion="3.5" clientIDMode="AutoID"/></system.web>
<system.serviceModel>
<services>
<service name="CarSercive.Service1" behaviorConfiguration="CarSercive.Service1Behavior">
<!-- Service Endpoints -->
<endpoint address="" binding="webHttpBinding" contract="CarSercive.IService1">
<identity>
<dns value="localhost"/>
</identity>
</endpoint>
<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange"/>
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="CarSercive.Service1Behavior">
<serviceMetadata httpGetEnabled="true"/>
<serviceDebug includeExceptionDetailInFaults="false"/>
</behavior>
</serviceBehaviors>
</behaviors>
</system.serviceModel>
this service is also publish on IIS. and I also checked that service with google chrome extension SIMPLE REST CLIENT and received an internal server error
The problem is your host name doesn't match what you are using from the phone.
You can turn off address filter to fix this temporarily:
[ServiceBehavior(AddressFilterMode=AddressFilterMode.Any)]
public class Service1 : IService1
{
....
}
But you should fix the hostname when you release to production
Create a domain in your machine with proper port number and make sure you are able to call the service using the Google's Rest client.If it works,then you won't find any issue if you call the same using your android phone.
Following article will help to setup virtual directory with proper port number.[http://www.hosting.com/support/iis7/create-new-sites-in-iis-7/]
Note you can't call localhost directly from your mobile.atleast try to call the service with ipaddress.[http://localhost/service/mycar] =>[http://DemoService/service/mycar]
The following code will help you to debug your code a little bit deep.
catch (Exception ex)
{
WebException webexception = (WebException)ex;
var responseresult = webexception.Response as HttpWebResponse;
//Code to debug Http Response
var responseStream = webexception.Response.GetResponseStream();
string fault_message = string.Empty;
int lastNum = 0;
do
{
lastNum = responseStream.ReadByte();
fault_message += (char)lastNum;
} while (lastNum != -1);
responseStream.Close();
}
Never mind, I have made several changes in web.config file and got the solution. <endpointBehaviors> tag was missing in my case and several other things. here is the updated code of web.config file.
[UPDATED web.config file]
<?xml version="1.0"?>
<configuration>
<appSettings/>
<connectionStrings>
<add name="DB" connectionString="Data Source=.\SQLEXPRESS;AttachDbFilename=C:\Users\Munyb\Documents\Visual Studio 2010\Projects\CarSercive\CarSercive\App_Data\Database1.mdf;Integrated Security=True;User Instance=True" providerName="System.Data.SqlClient"/>
</connectionStrings>
<system.web>
<compilation debug="true" targetFramework="4.0">
</compilation>
<authentication mode="Windows"/>
<pages controlRenderingCompatibilityVersion="3.5" clientIDMode="AutoID"/></system.web>
<system.serviceModel>
<services>
<service name="CarSercive.Service1" behaviorConfiguration="RESTfulServ">
<!-- Service Endpoints -->
<endpoint address="" binding="webHttpBinding" contract="CarSercive.IService1" behaviorConfiguration="web"></endpoint>
</service>
</services>
<behaviors>
<endpointBehaviors>
<behavior name="web">
<webHttp/>
</behavior>
</endpointBehaviors>
<serviceBehaviors>
<behavior name="RESTfulServ">
<serviceMetadata httpGetEnabled="true"/>
<serviceDebug includeExceptionDetailInFaults="false"/>
</behavior>
</serviceBehaviors>
</behaviors>
<serviceHostingEnvironment multipleSiteBindingsEnabled="true">
</serviceHostingEnvironment>
</system.serviceModel>
<system.webServer>
<modules runAllManagedModulesForAllRequests="true">
</modules>
</system.webServer>
</configuration>