I have looked at several posts on SO which are showing how to add multiple endpoints for same service, but non of them is actually using HTTPS, which is why I am asking this question.
What I have
I have a web service,
https://portal.gov.com/us/216/_vti_bin/external/gov.svc
What I want
I want to call this web services using two different configurations, and bindings with different ENDPOINTS but SAME URL ?. (Sorry maybe I am confused with concept of EndPoints)
Here is what my web.config looks like,
<?xml version="1.0" encoding="utf-8" standalone="yes" ?>
<configuration>
<system.serviceModel>
<behaviors>
<serviceBehaviors>
<behavior name="Gov_ServiceBehavior">
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />
</behavior>
</serviceBehaviors>
<endpointBehaviors>
<behavior name="restBehavior">
<webHttp defaultBodyStyle="Wrapped" defaultOutgoingResponseFormat="Json" automaticFormatSelectionEnabled="true" />
</behavior>
</endpointBehaviors>
</behaviors>
<bindings>
<webHttpBinding>
<binding name="Gov_webHttpBinding">
<security mode="Transport">
<transport clientCredentialType="InheritedFromHost" />
</security>
</binding>
</webHttpBinding>
<!--<basicHttpBinding>
<binding name="Gov_BasicHttpBinding">
<security mode="Transport">
<transport clientCredentialType="InheritedFromHost" />
</security>
</binding>
</basicHttpBinding>-->
</bindings>
<services>
<service name="Portal.WebServices.External.Gov" behaviorConfiguration="Gov_ServiceBehavior">
<endpoint address="" binding="webHttpBinding" behaviorConfiguration="restBehavior" contract="Portal.WebServices.External.IGov" bindingConfiguration="Gov_webHttpBinding"/>
<endpoint address="mex" binding="mexHttpsBinding" contract="IMetadataExchange"/>
<!--<endpoint address="basic" binding="basicHttpBinding" contract="Portal.WebServices.External.IGov" bindingConfiguration="Gov_BasicHttpBinding"/>-->
</service>
</services>
</system.serviceModel>
</configuration>
WHERE IS THE PAIN
IT only works until I keep basicHttpBinding commented out and it's endpoint, as soon as I include it, I get silent error.
According to this - https://msdn.microsoft.com/en-us/library/ms751515(v=vs.110).aspx
It should work, but it doesn't maybe because I am using HTTPS and adding BINDINGS tag to my web.Config
What you are trying to achieve is impossible. You can't apply two different bindings with exactly the same Endpoint. If you try to read again your reference here it is clear that the sample has two different endpoints :
First address is http://localhost/servicemodelsamples/service.svc and the second
is http://localhost/servicemodelsamples/service.svc/secure. These two endpoints are different to each other but share with same contract.
The second endpoint is just relative to the base address http://localhost/servicemodelsamples/service.svc.
I hope this make your mind clear about binding and endpoint.
Related
I am trying to add a reference to a WCF service from my C# Desktop app.
I can add the service reference OK but as soon as I try to open the form within this desktop app I get this error:
NB. I have a UserControl that instantiates a reference to my WCF service and the control in in my GUI Form Class.
Could not find default endpoint element that references contract '' in
the ServiceModel client configuration section. This might be because
no configuration file was found for your application, or because no
endpoint element matching this contract could be found in the client
element.
This is in my app.config file:
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="BasicHttpBinding_IMotionUpdater" messageEncoding="Mtom" />
</basicHttpBinding>
</bindings>
<client>
<endpoint address="http://a url/MotionUpdater.svc/MotionUpdater.svc"
binding="basicHttpBinding" bindingConfiguration="BasicHttpBinding_IMotionUpdater"
contract="wsCloudFeeder.IMotionUpdater" name="BasicHttpBinding_IMotionUpdater" />
</client>
</system.serviceModel>
</configuration>
And this is in my web.config file:
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="basicHttpBindingEndPoint" maxReceivedMessageSize="10485760" messageEncoding="Mtom" closeTimeout="00:00:10" openTimeout="00:00:10" >
<readerQuotas maxArrayLength="32768"/>
</binding>
</basicHttpBinding>
</bindings>
<services>
<service name="MotionUpdater" behaviorConfiguration="ThrottledBehavior">
<endpoint address="MotionUpdater.svc" binding="basicHttpBinding" bindingConfiguration="basicHttpBindingEndPoint" contract="IMotionUpdater"></endpoint>
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="ThrottledBehavior">
<serviceTimeouts transactionTimeout="1"/>
<serviceThrottling maxConcurrentCalls="64" maxConcurrentInstances="1" maxConcurrentSessions="50"
></serviceThrottling>/>
<serviceMetadata httpGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="false" />
</behavior>
</serviceBehaviors>
</behaviors>
<serviceHostingEnvironment multipleSiteBindingsEnabled="true" />
</system.serviceModel>
If I invoke this reference from a browser window it displays all OK.
It is only where I have a variable in my form class I get the error:
UserControl.Class:
private static wsCloudFeeder.MotionUpdaterClient wsFeeder = new wsCloudFeeder.MotionUpdaterClient();
Server Class:
[ServiceContract]
public interface IMotionUpdater
{
[OperationContract]
void UploadMotion(byte[] jpegStream, string alias, Int16 camIndex);
}
The extra weird thing is that when I run my application it all works no problem.
Also, I have tried just doing this in my control Class but still cannot open up my GUI form..
private static wsCloudFeeder.MotionUpdaterClient wsFeeder = null;
Thanks...
New Error:
I've got a WebService with ASP.NET sites and WCF services in the same web.config. Until now, I was able to use the ASP.NET impersionation in the WCF services by setting
<system.web>
<compilation targetFramework="4.0" debug="false"/>
<!-- switch custom errors of-->
<identity impersonate="true"/>
<customErrors mode="Off"/>
</system.web>
However, now (for other reasons-> Cookieless Session state for the ASP.NET part) I have to set the
aspNetCompatibilityEnabled="true"
option to false. With this I loose the ASP.NET impersionation for the WCF services.
One of my WCF services needs impersionation for IO operations on the server...
I would like to know how to get the same impersionation I had before by directly defining it on the WCF service configuration.
What I have tried (unsucessfully) is to set
[OperationBehavior(Impersonation = ImpersonationOption.Required)]
on the implementation of the methods in the WCF service and then specifying
<endpoint address="" binding="wsHttpBinding" contract="IService">
<identity>
<servicePrincipalName value="HOST/YourMachineName" />
<dns value="" />
</identity>
</endpoint>
in the web.config (obviously with the correct values for my service), as described in http://msdn.microsoft.com/en-us/library/ff650591.aspx.
However, the WCF service can not be called anymore after this... It tells me that the WsHttpBinding does not offer an identity for the contract.
Am I missing something important?
Edit: Translation of the error message:
: The contract operation '{0}' requires Windows identity for automatic impersonation. A Windows identity that represents the caller is not provided by binding ('{1}','{2}') for contract ('{3}','{4}'.
(The original error message was german...)
Try adding someting similar to this
<system.serviceModel>
<behaviors>
<endpointBehaviors>
<behavior name="DelegationBehaviour">
<clientCredentials>
<windows allowNtlm="false" allowedImpersonationLevel="Delegation"></windows>
</clientCredentials>
<dataContractSerializer maxItemsInObjectGraph="4194304"></dataContractSerializer>
</behavior>
</endpointBehaviors>
</behaviors>
<bindings>
<basicHttpBinding>
<binding name="BasicHttpBinding_SampleWebService" >
<readerQuotas maxArrayLength="16384" maxBytesPerRead="4096" maxDepth="32" maxNameTableCharCount="16384" maxStringContentLength="8192"></readerQuotas>
<security mode="TransportCredentialOnly">
<message algorithmSuite="Default" clientCredentialType="UserName"></message>
<transport clientCredentialType="Windows" proxyCredentialType="None" realm=""></transport>
</security>
</binding>
</basicHttpBinding>
</bindings>
<client>
<endpoint address="http://server/WebServices/Service/Service.svc" behaviorConfiguration="DelegationBehaviour" binding="basicHttpBinding" bindingConfiguration="BasicHttpBinding_SampleWebService" contract="SampleWS" name="BasicHttpBinding_SampleEndpoint"></endpoint>
</client>
</system.serviceModel>
This is the server side code
<system.serviceModel>
<services>
<service behaviorConfiguration="CustomBehavior" name="CustomWebService">
<endpoint address="" behaviorConfiguration="" binding="basicHttpBinding" bindingConfiguration="basicHttpBinding_Service" contract="WebService"/>
</service>
</services>
<bindings>
<basicHttpBinding>
<binding name="basicHttpBinding_Service" maxReceivedMessageSize="4194304" receiveTimeout="00:30:00">
<security mode="TransportCredentialOnly">
<transport clientCredentialType="Windows"/>
<message clientCredentialType="UserName"/>
</security>
</binding>
</basicHttpBinding>
</bindings>
<behaviors>
<serviceBehaviors>
<behavior name="CustomBehavior">
<dataContractSerializer maxItemsInObjectGraph="4194304" ignoreExtensionDataObject="True"/>
<serviceMetadata httpGetEnabled="True"/>
<serviceDebug httpHelpPageEnabled="true" includeExceptionDetailInFaults="true"/>
<serviceAuthorization impersonateCallerForAllOperations="true"/>
</behavior>
</serviceBehaviors>
</behaviors>
</system.serviceModel>
As well as having these over our WebMethods
<WebMethod(), OperationContract(), OperationBehavior(Impersonation:=ImpersonationOption.Required)> _
Works for us
Well, in the end I just made the binding use Windows authentication:
<security mode="TransportWithMessageCredential">
<message negotiateServiceCredential="false" clientCredentialType="Windows" algorithmSuite="Default"/>
<transport clientCredentialType="None" proxyCredentialType="None" realm="" />
</security>
and passed a specific Windows user/pwd combination in the client:
channelFactory.Credentials.Windows.ClientCredential = new NetworkCredential(#"", "", "");
channelFactory.Credentials.Windows.AllowedImpersonationLevel = System.Security.Principal.TokenImpersonationLevel.Impersonation;
Additionally I had to specifically use the newly impersonated user in the code of the web service:
using (var imp = ServiceSecurityContext.Current.WindowsIdentity.Impersonate())
{
// do IO here
}
Well, the actual (underlying) question still remains:
How is it possible to emulate the ASP.NET functionality correctly...
For the moment I'm ok with the solution, however I've got the feeling that I've missed an important point about the ASP.NET impersonation.
Thanks a lot to Iain, although it wasn't exactly the correct answer, it at least got me on the right track!
I am struggeling with a problem with WCF Service configuration.
I have following config:
<behaviors>
<serviceBehaviors>
<behavior name="SampleWebBehavior">
<serviceDebug includeExceptionDetailInFaults="true"/>
</behavior>
<behavior name="MyServiceTypeBehaviors">
<serviceMetadata httpGetEnabled="false" httpsGetEnabled="false" />
<serviceDebug includeExceptionDetailInFaults="true"/>
</behavior>
</serviceBehaviors>
</behaviors>
<protocolMapping>
<add binding="basicHttpsBinding" scheme="https"/>
</protocolMapping>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="false"/>
It works perfectly, I can try the methods with WcfTestClient.exe and get correct responses. But I need the binding to be webHttpBinding, so I can see the results in browser and create JSON requests and responses.
But when I change the binding to webHttpBinding, it throws an error:
The message with Action '' cannot be processed at the receiver, due to a ContractFilter mismatch at the EndpointDispatcher. This may be because of either a contract mismatch (mismatched Actions between sender and receiver) or a binding/security mismatch between the sender and the receiver. Check that sender and receiver have the same contract and the same binding (including security requirements, e.g. Message, Transport, None).
Thaks for any help.
To pull this off you need to do a few things in your config
1) add another endpoint to your service, you can see below I have both basicHttp and webHttp
<system.serviceModel>
<services>
<service name="<serivceclass>" behaviorConfiguration="DefaultBehavior">
<endpoint binding="basicHttpBinding" contract="<serviceinterface>" bindingConfiguration="soapBinding"/>
<endpoint address="json" binding="webHttpBinding" behaviorConfiguration="jsonBehavior" contract="<serviceinterface>" bindingConfiguration="jsonBinding"/>
<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange"/>
</service>
</system.serviceModel>
2) add your binding config (again you'll see both web and basichttp)
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="soapBinding" maxBufferPoolSize="9000000" maxBufferSize="9000000" maxReceivedMessageSize="9000000">
<readerQuotas maxArrayLength="9000000" maxBytesPerRead="9000000" maxDepth="9000000" maxNameTableCharCount="9000000" maxStringContentLength="9000000"/>
<security mode="None">
<transport clientCredentialType="None"/>
</security>
</binding>
</basicHttpBinding>
<webHttpBinding>
<binding name="jsonBinding">
<security mode="None">
<transport clientCredentialType="None"/>
</security>
</binding>
</webHttpBinding>
</bindings>
</system.serviceModel>
3) Setup your behaviors - notice the names and how they correlate tot the endpoints listed in step 1
<system.serviceModel>
<behaviors>
<endpointBehaviors>
<behavior name="jsonBehavior">
<webHttp defaultOutgoingResponseFormat="Json" />
</behavior>
</endpointBehaviors>
<serviceBehaviors>
<behavior name="DefaultBehavior">
<serviceMetadata httpGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
<dataContractSerializer maxItemsInObjectGraph="9000000" />
</behavior>
</serviceBehaviors>
</behaviors>
</system.serviceModel>
While some of the stuff I enable and config are optional this allows you to access the service both ways, one way using web and json stuff and another using the tooling built into visual studio when you are not working in javascript,etc.
Note1: the endpoint when you are using the json part will be for example http://myhost.com/myservice.svc/json/MyMethodName, You can change this by modifying the "address" attribute on the appropriate endpoint line for your service (see how basic address is empty and the webHttp is 'json')
one possibility of the source of this error is: When you changed the configuration you made the change on the server or the client but not on both. The configuration on the server and client must match.
I have a Wcf Service project. system.serviceModel tag in my web.config is :
<system.serviceModel>
<bindings>
<netTcpBinding>
<binding name="RCISPNetTcpBinding" openTimeout="00:10:00" sendTimeout="00:10:00">
<security mode="Transport">
<transport clientCredentialType="Windows" protectionLevel="EncryptAndSign">
</transport>
<message clientCredentialType="Windows"/>
</security>
</binding>
</netTcpBinding>
</bindings>
<services>
<service behaviorConfiguration="RCISP.WcfServiceBehaviour" name="RCISP.WcfService.PersonWcfService">
<endpoint address="PersonServices" binding="netTcpBinding" bindingConfiguration="RCISPNetTcpBinding"
contract="RCISP.Common.ServiceContract.IPersonService" >
<identity>
<dns value="localhost" />
</identity>
</endpoint>
<host>
<baseAddresses>
<add baseAddress="net.tcp://localhost:40003/"/>
</baseAddresses>
</host>
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="RCISP.WcfServiceBehaviour">
<serviceMetadata httpGetEnabled="false" />
<serviceDebug includeExceptionDetailInFaults="false" />
<serviceAuthorization principalPermissionMode="UseWindowsGroups" />
</behavior>
</serviceBehaviors>
</behaviors>
</system.serviceModel>
I have a runtime error when I want create self-hosting for service.
public class ServiceFactory : ServiceHostFactory
{
protected override ServiceHost CreateServiceHost(Type serviceType, Uri[] baseAddresses)
{
if (!IsInitialised) InitialiseService();
return base.CreateServiceHost(serviceType, baseAddresses);
}
}
Message of Exception is :
Could not find a base address that matches scheme net.tcp for the endpoint with binding NetTcpBinding. Registered base address schemes are [http].
Why?
You said you were self hosting the service (within your own process) but based on the code above I think you're trying to host it inside of a web application. If so Visual Studio's web server can not host a net.tcp end point. You'll need to set the project up to run under IIS. Please follow the instructions here .
If you are truly self hosting than you can leave the configuration exactly how you have it and spin up the service using the following code:
var host = new ServiceHost(typeof(Service1));
host.Open();
You need to add a protocol mapping to your configuration file to tell it what the "net.tcp" protocol is. Right after your <bindings> section add this:
<protocolMapping>
<add scheme="net.tcp" binding="netTcpbinding"/>
</protocolMapping>
I am using VSTS 2008 + C# + .Net 3.0. I am using self-hosted WCF. When executing the following statement (host.Open()), there is the following binding not found error. I have posted my whole app.config file, any ideas what is wrong?
ServiceHost host = new ServiceHost(typeof(MyWCFService));
host.Open();
Error message,
The value of the property 'algorithmSuite' cannot be parsed. The error is: The value 'Aes128' is not a valid instance of type 'System.ServiceModel.Security.SecurityAlgorithmSuite'.
EDIT1: I have changed the algorithm suit option value to Default, but met with a new error when executing Open(), error message is, any ideas what is wrong,
Binding validation failed because the WSHttpBinding does not support reliable sessions over transport security (HTTPS). The channel factory or service host could not be opened. Use message security for secure reliable messaging over HTTP.
Full app.config,
<?xml version="1.0"?>
<configuration>
<system.serviceModel>
<bindings>
<wsHttpBinding>
<binding name="MyBinding"
closeTimeout="00:00:10"
openTimeout="00:00:20"
receiveTimeout="00:00:30"
sendTimeout="00:00:40"
bypassProxyOnLocal="false"
transactionFlow="false"
hostNameComparisonMode="WeakWildcard"
maxReceivedMessageSize="100000000"
messageEncoding="Mtom"
proxyAddress="http://foo/bar"
textEncoding="utf-16"
useDefaultWebProxy="false">
<reliableSession
enabled="false" />
<security mode="Transport">
<transport clientCredentialType="Digest"
proxyCredentialType="None"
realm="someRealm" />
<message clientCredentialType="Windows"
negotiateServiceCredential="false"
algorithmSuite="Default"/>
</security>
</binding>
</wsHttpBinding>
</bindings>
<services>
<service name="MyWCFService"
behaviorConfiguration="mexServiceBehavior">
<host>
<baseAddresses>
<add baseAddress="https://localhost:9090/MyService"/>
</baseAddresses>
</host>
<endpoint address="" binding="wsHttpBinding" bindingConfiguration="MyBinding" contract="IMyService"/>
<endpoint address="mex" binding="mexHttpsBinding" contract="IMetadataExchange" />
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="mexServiceBehavior">
<serviceMetadata httpsGetEnabled="True"/>
</behavior>
</serviceBehaviors>
</behaviors>
</system.serviceModel>
<startup><supportedRuntime version="v2.0.50727"/></startup></configuration>
thanks in advance,
George
You need to update your service behavior, too, if you change the MEX endpoint from http to https - you need to enable the httpsGetEnabled setting (not the httpGetEnabled):
<behaviors>
<serviceBehaviors>
<behavior name="mexServiceBehavior">
<serviceMetadata httpsGetEnabled="True"/>
</behavior>
</serviceBehaviors>
</behaviors>
UPDATE:
George, check out this MSDN link - there is no "Aes128" algorithm - you must pick one of the existing ones.
UPDATE 2:
Can you try this config - reduce to the max! :-)
<system.serviceModel>
<bindings>
<wsHttpBinding>
<binding name="MyBinding"
maxReceivedMessageSize="100000000"
messageEncoding="Mtom"
proxyAddress="http://foo/bar"
textEncoding="utf-16"
useDefaultWebProxy="false">
<reliableSession enabled="false" />
<security mode="None" />
</binding>
</wsHttpBinding>
</bindings>
<services>
<service name="MyWCFService"
behaviorConfiguration="mexServiceBehavior">
<host>
<baseAddresses>
<add baseAddress="https://localhost:9090/MyService"/>
</baseAddresses>
</host>
<endpoint address="" binding="wsHttpBinding" bindingConfiguration="MyBinding" contract="IMyService"/>
<endpoint address="mex" binding="mexHttpsBinding" contract="IMetadataExchange" />
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="mexServiceBehavior">
<serviceMetadata httpsGetEnabled="True"/>
</behavior>
</serviceBehaviors>
</behaviors>
</system.serviceModel>
Can you start up your service,and can you add service reference from Visual Studio?
UPDATE 3:
George, I'd recommend you have a look at those security-related links and get some feel for what you really need and want - and how to achieve it.
WCF Security Guide
WCF Security Fundamentals
Fundamentals of WCF Security
MSDN Webcast Series "WCF Top To Bottom"
esp. Episode 10 - Security Fundamentals
Marc
The error message is correct, you don't get reliable messages over WSHttp, you need to use a custom binding and protocol.