I received an updated WSDL for a service I'm consuming which has below Policy added
<wsp:Policy wssutil:Id="UsernameToken">
<ns0:SupportingTokens xmlns:ns0="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512">
<wsp:Policy>
<ns0:UsernameToken ns0:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512/IncludeToken/AlwaysToRecipient">
<wsp:Policy>
<ns0:WssUsernameToken10 />
</wsp:Policy>
</ns0:UsernameToken>
</wsp:Policy>
</ns0:SupportingTokens>
</wsp:Policy>
I have updated my reference by right clicking the Service Reference --> Configure Service option inside Visual Studio. This generated a customBinding replacing my previous basicHttpBinding
<customBinding>
<binding name="myBindingName">
<!-- WsdlImporter encountered unrecognized policy assertions in ServiceDescription 'http://ouaf.oracle.com/webservices/cm/CM-CustConnAcctDetailExtract': -->
<!-- <wsdl:binding name='CM-CustConnAcctDetailExtractSoapBinding'> -->
<!-- <ns0:SupportingTokens xmlns:ns0="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512">..</ns0:SupportingTokens> -->
<textMessageEncoding messageVersion="Soap11" />
<httpTransport />
</binding>
</customBinding>
Do I need to use this customBinding only? Or is there any option in basicBinding that makes it work?
If I use my basicBinding with TransportWithMessageCredential, I get below error:
The provided URI is Invalid; HTTPS is expected
I ran this using SoapUI. In addition to UserName and Passwrod, I had to supply WSS-PasswordType as PasswordText. Without supplying this parameter, I get an error in SoapUI
Error on verifying message against security policy Error code:1000
I'm not sure how to supply WSS-PasswordType in my basicHttpBinding.
My basicHttpBinding is as below
protected BasicHttpBinding GetBinding()
{
return new BasicHttpBinding()
{
Name = "BasicHttpBinding",
ReceiveTimeout = new TimeSpan(0, 0, 2, 0),
SendTimeout = new TimeSpan(0, 0, 2, 0),
Security =
{
Mode = BasicHttpSecurityMode.TransportCredentialOnly,
Transport =
{
ClientCredentialType = HttpClientCredentialType.Basic,
ProxyCredentialType = HttpProxyCredentialType.None,
Realm = ""
},
Message =
{
ClientCredentialType = BasicHttpMessageCredentialType.UserName,
AlgorithmSuite = SecurityAlgorithmSuite.Default
}
},
MaxBufferSize = Int32.MaxValue,
MaxReceivedMessageSize = Int32.MaxValue,
ReaderQuotas = new XmlDictionaryReaderQuotas()
{
MaxBytesPerRead = 8192
}
};
}
I'm able to work this through by changing my binding to Custom Binding
protected CustomBinding GetCustomBinding()
{
var customBinding = new CustomBinding() { Name = "CustomBinding" };
customBinding.Elements.Add(new TextMessageEncodingBindingElement() { MessageVersion = MessageVersion.Soap11 });
var securityBindingElement = SecurityBindingElement.CreateUserNameOverTransportBindingElement();
securityBindingElement.AllowInsecureTransport = true;
securityBindingElement.EnableUnsecuredResponse = true;
securityBindingElement.IncludeTimestamp = false;
customBinding.Elements.Add(securityBindingElement);
customBinding.Elements.Add(new HttpTransportBindingElement());
return customBinding;
}
Related
I am calling a WCF web service programmatically by generating class files through SvcUtil.exe.
All working fine but when I try to send an image (literally a file with size more than 200KB), I get this error.
I know I need to increase maxReceivedMessageSize and maxBufferPoolSize to the maximum to send large files to the WCF service. Hence, the XML version of doing this will be like below:
<binding name="SampleBinding" allowCookies="true" messageEncoding="Mtom" maxReceivedMessageSize="20000000" maxBufferSize="20000000" maxBufferPoolSize="20000000">
<readerQuotas maxDepth="32" maxArrayLength="200000000" maxStringContentLength="200000000"/>
<security mode="None">
<transport proxyCredentialType="Basic"/>
</security>
</binding>
In this app, since I am using class files generated by SvcUtil, I need to call my WCF service method programmatically.
So I did,
var binding = new BasicHttpBinding();
binding.MaxReceivedMessageSize = binding.MaxBufferPoolSize = long.MaxValue;
binding.AllowCookies = true;
binding.ReaderQuotas = new System.Xml.XmlDictionaryReaderQuotas();
binding.ReaderQuotas.MaxArrayLength = binding.ReaderQuotas.MaxBytesPerRead = int.MaxValue;
binding.ReaderQuotas.MaxStringContentLength = binding.ReaderQuotas.MaxNameTableCharCount = int.MaxValue;
binding.ReaderQuotas.MaxDepth = int.MaxValue;
webAPI = new WebAPIClient(binding, new EndpointAddress(soapUrl));
The XML version works really well but the C# version failed with below stack trace:
There was an error on processing web request: Status code
413(RequestEntityTooLarge): Request Entity Too Large
EDIT
I have been approached to use custom binding. Below is my custom binding code:
CustomBinding binding = new CustomBinding()
{
Name = "SampleBinding",
ReceiveTimeout = new TimeSpan(0, 0, 10, 0, 0),
SendTimeout = new TimeSpan(0, 0, 10, 0, 0),
};
var element1 = new TextMessageEncodingBindingElement()
{
ReaderQuotas = new System.Xml.XmlDictionaryReaderQuotas()
{
MaxDepth = 2147483647,
MaxStringContentLength = 2147483647,
MaxArrayLength = 2147483647,
MaxBytesPerRead = 2147483647,
MaxNameTableCharCount = 2147483647
}
};
var element2 = new HttpTransportBindingElement()
{
ManualAddressing = false,
MaxReceivedMessageSize = 2147483647,
AllowCookies = false,
AuthenticationScheme = System.Net.AuthenticationSchemes.None,
BypassProxyOnLocal = false,
MaxBufferSize = 2147483647,
ProxyAuthenticationScheme = System.Net.AuthenticationSchemes.None,
TransferMode = TransferMode.Buffered,
UseDefaultWebProxy = true
};
var element3 = new TextMessageEncodingBindingElement(MessageVersion.Soap12WSAddressing10, System.Text.Encoding.UTF8);
binding.Elements.Add(element1);
binding.Elements.Add(element2);
binding.Elements.Add(element3);
webAPI = new WebAPIClient(binding, new EndpointAddress(soapUrl));
There was an error on processing web request: Status code
415(UnsupportedMediaType): Cannot process the message because the
content type 'application/soap+xml; charset=utf-8' was not the
expected type 'text/xml; charset=utf-8'.
I don't know what's wrong. May you help me?
I just found an answer and posting the same here for future users who might have the same issue as me:
My client call
webAPI = new WebAPIClient(new BasicHttpBinding(), new EndpointAddress(_urlString);
Server Configuration for the WCF Service
<endpoint address="url/WebAPI.svc" binding="basicHttpBinding" contract="MyContract.IWebAPI" />
<bindings>
<basicHttpBinding>
<binding maxBufferPoolSize="2147483647" maxBufferSize="2147483647" maxReceivedMessageSize="2147483647" messageEncoding="Text">
<readerQuotas maxDepth="2000000" maxStringContentLength="2147483647" maxArrayLength="2147483647" maxBytesPerRead="2147483647" maxNameTableCharCount="2147483647" />
</binding>
</basicHttpBinding>
</bindings>
As you can see I did not mention any name for the binding configuration here and it just worked like a charm.
Answer inspired from this SO answer
I try rewrite WCF custom binding from app.config to code.
App.config
<customBinding>
<binding name="cb">
<security defaultAlgorithmSuite="Default"
authenticationMode="IssuedTokenOverTransport"
requireDerivedKeys="true"
includeTimestamp="true"
messageSecurityVersion="WSSecurity11WSTrust13WSSecureConversation13WSSecurityPolicy12BasicSecurityProfile10">
<issuedTokenParameters keyType="BearerKey"
tokenType="http://docs.oasis-open.org/ws/oasis-wss-saml-token-profile-1.1#SAMLV2.0">
<additionalRequestParameters>
<trust:SecondaryParameters xmlns:trust="http://docs.oasis-open.org/ws-sx/ws-trust/200512">
<trust:TokenType xmlns:trust="http://docs.oasis-open.org/ws-sx/ws-trust/200512">http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0</trust:TokenType>
<trust:KeyType xmlns:trust="http://docs.oasis-open.org/ws-sx/ws-trust/200512">http://docs.oasis-open.org/ws-sx/ws-trust/200512/Bearer</trust:KeyType>
</trust:SecondaryParameters>
</additionalRequestParameters>
<issuer address="xxx" />
</issuedTokenParameters>
<localClientSettings detectReplays="false" />
<localServiceSettings detectReplays="false" />
</security>
<textMessageEncoding messageVersion="Soap12" />
<httpsTransport />
</binding>
</customBinding>
Code:
var binding = new CustomBinding();
var issuedTokenParameters = new IssuedSecurityTokenParameters();
issuedTokenParameters.KeyType = SecurityKeyType.BearerKey;
issuedTokenParameters.TokenType = "http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0";
XNamespace trust = "http://docs.oasis-open.org/ws-sx/ws-trust/200512";
var secondaryParameters = new XElement(trust + "SecondaryParameters",
new XElement(trust + "TokenType") { Value = "http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0" },
new XElement(trust + "KeyType") { Value = "http://docs.oasis-open.org/ws-sx/ws-trust/200512/Bearer" });
issuedTokenParameters.AdditionalRequestParameters.Add(secondaryParameters.ToXmlElement());
issuedTokenParameters.IssuerAddress = new EndpointAddress("XXX");
var securityElement = SecurityBindingElement.CreateIssuedTokenOverTransportBindingElement(issuedTokenParameters);
securityElement.DefaultAlgorithmSuite = SecurityAlgorithmSuite.Default;
securityElement.IncludeTimestamp = true;
securityElement.MessageSecurityVersion = MessageSecurityVersion.WSSecurity11WSTrust13WSSecureConversation13WSSecurityPolicy12BasicSecurityProfile10;
securityElement.LocalClientSettings.DetectReplays = false;
securityElement.LocalServiceSettings.DetectReplays = false;
binding.Elements.Add(securityElement);
binding.Elements.Add(new TextMessageEncodingBindingElement());
binding.Elements.Add(new HttpsTransportBindingElement());
return binding;
Code binding is not good because when I call service I get error:
System.ServiceModel.FaultException: The message with Action '' cannot be processed at the receiver, due to a ContractFilter m
ismatch at the EndpointDispatcher. This may be because of either a contract mismatch (mismatched Actions between sender and r
eceiver) or a binding/security mismatch between the sender and the receiver. Check that sender and receiver have the same co
ntract and the same binding (including security requirements, e.g. Message, Transport, None).
Any advice? I can not find what is wrong or missing in code binding.
I have a WCF service that uses username authentication, I have a console app that consumes the service and attempts to access a protected method. I run the code and Fiddler says in the auth tab:
No Proxy-Authorization Header is present.
No Authorization Header is present.
Here is my accessing code:
BasicHttpBinding binding = new BasicHttpBinding();
binding.Security.Message.ClientCredentialType = BasicHttpMessageCredentialType.UserName;
binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Basic;
binding.Security.Transport.ProxyCredentialType = HttpProxyCredentialType.Basic;
binding.Security.Mode = BasicHttpSecurityMode.Transport;
binding.Security.Message.AlgorithmSuite = System.ServiceModel.Security.SecurityAlgorithmSuite.Default;
binding.Security.Transport.Realm = "MyRealm";
ServiceReference1.MobileAPIClient serviceProxy = new ServiceReference1.MobileAPIClient(binding, new EndpointAddress("https://xx.xx.xx.xx/InventoryServices.MobileApi.svc"));
serviceProxy.ClientCredentials.UserName.UserName = "test";
serviceProxy.ClientCredentials.UserName.Password = "test123";
serviceProxy.ChannelFactory.Credentials.UserName.UserName = "test";
serviceProxy.ChannelFactory.Credentials.UserName.Password = "test123";
try
{
serviceProxy.Test();
}
catch (Exception ex)
{
var ex2 = ex;
}
Why are the credentials not being attached to the header?
There is handshaking mode in wcf. So client and service exchange with credentials before first request and then they use only session token.
To disable this mode you should set in web.config
<security mode="TransportWithMessageCredential">
<message clientCredentialType="UserName" negotiateServiceCredential="false" establishSecurityContext="false"/>
</security>
I am using the WCF Web Api 4.0 framework and am running into the maxReceivedMessageSize has exceeded 65,000 error.
I've updated my webconfig to look like this but because I am uisng the WCF Web Api I think this isn't even used anymore as I am no longer using a webHttpEndpoint?
<standardEndpoints>
<webHttpEndpoint>
<!--
Configure the WCF REST service base address via the global.asax.cs file and the default endpoint
via the attributes on the <standardEndpoint> element below
-->
<standardEndpoint name=""
helpEnabled="true"
automaticFormatSelectionEnabled="true"
maxReceivedMessageSize="4194304" />
</webHttpEndpoint>
Where do I specify MaxReceivedMessageSize in the new WCF Web Api?
I've also tried a CustomHttpOperationHandlerFactory to no avail:
public class CustomHttpOperationHandlerFactory: HttpOperationHandlerFactory
{
protected override System.Collections.ObjectModel.Collection<HttpOperationHandler> OnCreateRequestHandlers(System.ServiceModel.Description.ServiceEndpoint endpoint, HttpOperationDescription operation)
{
var binding = (HttpBinding)endpoint.Binding;
binding.MaxReceivedMessageSize = Int32.MaxValue;
return base.OnCreateRequestHandlers(endpoint, operation);
}
}
the maxReceivedMessageSize is a property you have to define on the binding you´re using. WCF in .Net 4 introduced the simplified configuration, so if you don´t configure anything, default values will be used.
The example below is valid for the wshttpBinding, you have the ammend it according to your used binding and register it in your web.config (assuming you´re using an IIS hosted service) in the servicemodel-binding section.
<wsHttpBinding>
<binding name="CalculatorBinding" maxBufferPoolSize="2000000" maxReceivedMessageSize="2000000000" >
<security mode="Transport" >
<transport clientCredentialType="Windows" />
</security>
<readerQuotas maxDepth="2000000" maxStringContentLength="2000000"
maxArrayLength="2000000"
maxBytesPerRead="2000000"
maxNameTableCharCount="2000000" />
</binding>
</wsHttpBinding>
HTH
Dominik
If you're trying to do this programatically (via using MapServiceRoute with HttpHostConfiguration.Create) the way you do it is like this:
IHttpHostConfigurationBuilder httpHostConfiguration = HttpHostConfiguration.Create(); //And add on whatever configuration details you would normally have
RouteTable.Routes.MapServiceRoute<MyService, NoMessageSizeLimitHostConfig>(serviceUri, httpHostConfiguration);
The NoMessageSizeLimitHostConfig is an extension of HttpConfigurableServiceHostFactory that looks something like:
public class NoMessageSizeLimitHostConfig : HttpConfigurableServiceHostFactory
{
protected override ServiceHost CreateServiceHost(Type serviceType, Uri[] baseAddresses)
{
var host = base.CreateServiceHost(serviceType, baseAddresses);
foreach (var endpoint in host.Description.Endpoints)
{
var binding = endpoint.Binding as HttpBinding;
if (binding != null)
{
binding.MaxReceivedMessageSize = Int32.MaxValue;
binding.MaxBufferPoolSize = Int32.MaxValue;
binding.MaxBufferSize = Int32.MaxValue;
binding.TransferMode = TransferMode.Streamed;
}
}
return host;
}
}
If you are hosting in IIS, you can set the values where ever you define the route (in my case, the global.asax). If you have TransferMode set to buffered (the default), you will also need to set MaxBufferSize to the same value as MaxReceivedMessageSize.
protected void Application_Start()
{
var config = new HttpConfiguration();
config.MaxReceivedMessageSize = int.MaxValue;
config.MaxBufferSize = int.MaxValue;
RouteTable.Routes.MapServiceRoute<MyService>("api", config);
}
This is how you can do it in code
var endpoint = ((HttpEndpoint)host.Description.Endpoints[0]); //Assuming one endpoint
endpoint.TransferMode = TransferMode.Streamed;
endpoint.MaxReceivedMessageSize = 1024 * 1024 * 10; // Allow files up to 10MB
If you create a your own custom host, derived from the standard one, there is a method that you can overload to configure the HttpEndpoint.
I have a Binding that is configured as such in my .clientconfig file.
<customBinding>
<binding name="CustomBinding_MyService">
<binaryMessageEncoding />
<httpTransport maxReceivedMessageSize="2147483647" maxBufferSize="2147483647" />
</binding>
</customBinding>
I need to build this same binding programmatically (its a long story, I just do). My question is, how do I do this in C#? Currently, I have
CustomBinding binding = new CustomBinding();
However, I'm not sure where to go from there. Thanks!
It'll look something like this:
var customBinding = new CustomBinding(
new BinaryMessageEncodingBindingElement(),
new HttpTransportBindingElement()
{
MaxReceivedMessageSize = 2147483647,
MaxBufferSize = 2147483647
}
);
var endpoint = new EndpointAddress("http://www.myservice.com/myservice.svc");
var myServiceClient = new MyServiceClient(customBinding, endpoint);
myServiceClient.SayHelloAsync(); // Or whatever
hopefully this helps: Runtime data binding