I have searched and tried to apply the solution given on the other posts, but i cant solve my problem yet.
I have to use wsDualHttpBinding for duplex connection.
When I try to run my client on the same machine with the WCF server, it can run perfectly, but when i move the client to other machine on the same domain, it return an error "The caller was not authenticated by the service"
here is the app.config on my client
<wsDualHttpBinding>
<binding name="duplexendpoint" closeTimeout="00:01:00" openTimeout="00:01:00"
receiveTimeout="00:10:00" sendTimeout="00:01:00" bypassProxyOnLocal="false"
transactionFlow="false" hostNameComparisonMode="StrongWildcard"
maxBufferPoolSize="524288" maxReceivedMessageSize="65536"
messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
maxBytesPerRead="4096" maxNameTableCharCount="16384" />
<reliableSession ordered="true" inactivityTimeout="00:10:00" />
<security mode="Message">
<message clientCredentialType="Windows" negotiateServiceCredential="true" algorithmSuite="Default"/>
</security>
</binding>
</wsDualHttpBinding>
then i tried to give the credential via the code :
client.ClientCredentials.Windows.ClientCredential.UserName = "serverusername";
client.ClientCredentials.Windows.ClientCredential.Password = "serverpassword";
client.ClientCredentials.Windows.ClientCredential.Domain = "serverdomain";
and it give an error "Client is unable to finish the security negotiation within the configured timeout"
is there any way to solve my problem? thanks.
oke I have found the solution for my problem, i have to turn off the firewall from the client machine.
Related
I am doing some support on a pretty big project. My assignment is to change the session timeout to something longer then what it is now. Right now they are logged off after about 10 min or so. I have found a lot of different things that it could be and i need some help figuring out what they all do.
first of all i got this one:
<sessionState mode="InProc" timeout="240" cookieless="UseCookies" />
This is triggerd after 240 mins so it can't be this one.
Then i got this:
<binding name="WSHttpBinding_IFootprintService" closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:00:01" sendTimeout="00:01:00" bypassProxyOnLocal="false" transactionFlow="false" hostNameComparisonMode="StrongWildcard" maxBufferPoolSize="2147483647" maxReceivedMessageSize="2147483647" messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true" allowCookies="false">
<readerQuotas maxDepth="2147483647" maxStringContentLength="2147483647" maxArrayLength="2147483647" maxBytesPerRead="2147483647" maxNameTableCharCount="2147483647" />
<reliableSession ordered="true" inactivityTimeout="00:00:01" enabled="false" />
<security mode="Message">
<transport clientCredentialType="Windows" proxyCredentialType="None" realm="" />
<message clientCredentialType="Windows" negotiateServiceCredential="true" algorithmSuite="Default" />
</security>
</binding>
<binding name="AdministrationEndpoint" closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:00:01" sendTimeout="00:01:00" bypassProxyOnLocal="false" transactionFlow="false" hostNameComparisonMode="StrongWildcard" maxBufferPoolSize="2147483647" maxReceivedMessageSize="2147483647" messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true" allowCookies="false">
<readerQuotas maxDepth="2147483647" maxStringContentLength="2147483647" maxArrayLength="2147483647" maxBytesPerRead="2147483647" maxNameTableCharCount="2147483647" />
<reliableSession ordered="true" inactivityTimeout="00:00:01" enabled="false" />
<security mode="Message">
<transport clientCredentialType="Windows" proxyCredentialType="None" realm="" />
<message clientCredentialType="Windows" negotiateServiceCredential="true" algorithmSuite="Default" />
</security>
</binding>
<binding name="ProductionEndpoint" closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:00:01" sendTimeout="00:01:00" bypassProxyOnLocal="false" transactionFlow="false" hostNameComparisonMode="StrongWildcard" maxBufferPoolSize="2147483647" maxReceivedMessageSize="2147483647" messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true" allowCookies="false">
<readerQuotas maxDepth="2147483647" maxStringContentLength="2147483647" maxArrayLength="2147483647" maxBytesPerRead="2147483647" maxNameTableCharCount="2147483647" />
<reliableSession ordered="true" inactivityTimeout="00:00:01" enabled="false" />
<security mode="Message">
<transport clientCredentialType="Windows" proxyCredentialType="None" realm="" />
<message clientCredentialType="Windows" negotiateServiceCredential="true" algorithmSuite="Default" />
</security>
In that code there is a lot of different things that i could be. And i just can't figure out what the difference is between closeTimeout, openTimeout, receiveTimeout, sendTimeout, inactivitytimeout and sessionstate timeout?
Borrowing the response by #marc_s in this question
The most important is the sendTimeout, which says how long the client
will wait for a response from your WCF service. You can specify
hours:minutes:seconds in your settings - in my sample, I set the
timeout to 25 minutes.
The openTimeout as the name implies is the amount of time you're
willing to wait when you open the connection to your WCF service.
Similarly, the closeTimeout is the amount of time when you close the
connection (dispose the client proxy) that you'll wait before an
exception is thrown.
The receiveTimeout is a bit like a mirror for the sendTimeout - while
the sendTimeout is the amount of time you'll wait for a response from
the server, the receiveTimeout is the amount of time you'll give you
client to receive and process the response from the server.
In case you're send back and forth "normal" messages, both can be
pretty short - especially the receiveTimeout, since receiving a SOAP
message, decrypting, checking and deserializing it should take almost
no time. The story is different with streaming - in that case, you
might need more time on the client to actually complete the "download"
of the stream you get back from the server.
Hope it helps,
Hope this site helps you a bit http://msdn.microsoft.com/en-us/library/hh924831(v=vs.110).aspx
Quick summary about timeouts:
On the client side:
SendTimeout – used to initialize the OperationTimeout, which governs the whole process of sending a message, including receiving a reply message for a request/reply service operation. This timeout also applies when sending reply messages from a callback contract method.
OpenTimeout – used when opening channels when no explicit timeout value is specified
CloseTimeout – used when closing channels when no explicit timeout value is specified
ReceiveTimeout – is not used Client-side Timeouts
On the service side:
SendTimeout, OpentTimeout, CloseTimeout are the same as on the client
ReceiveTimeout – used by the Service Framework Layer to initialize the session-idle timeout which controls how long a session can be idle before timing out.
Also see this post about WCF session timeout WCF Session Timeout
We have a WCF service hosted in Windows service and a single non-threaded client accessing the service. The service is performing data access to a SQL Server 2008 database. Intermitently the following exception occurs on the client side:
System.TimeoutException: The request channel timed out while waiting for a reply after 00:01:00. Increase the timeout value passed to the call to Request or increase the SendTimeout value on the Binding. The time allotted to this operation may have been a portion of a longer timeout.
I am aware that this error can be a bit of a catch all for WCF problems but I am certain that the error is not occuring because the operation takes over a minute (I have trippled the timeout and it still occurs).
The problem has occurred on multiple endpoints and occurs on the call to the client proxy. I logged to a text file the various points the service reaches when the crash occurs and see that the return statement from the service is reached.
The client and service have been in use in some form for over two years and this problem appears to have occurred only recently and without any obivious changes in areas significant to the service (although both of these statements are danagerous to rely on when debugging a problem).
Any advice, thoughts or suggestions to investigate would be appreciated.
Here is the service binding:
<binding name="WSHttpBinding_IDataService" closeTimeout="00:01:00"
openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00"
bypassProxyOnLocal="false" transactionFlow="false" hostNameComparisonMode="StrongWildcard"
maxBufferPoolSize="2147483647" maxReceivedMessageSize="2147483647"
messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true"
allowCookies="false">
<readerQuotas maxDepth="2147483647" maxStringContentLength="2147483647" maxArrayLength="2147483647"
maxBytesPerRead="2147483647" maxNameTableCharCount="2147483647" />
<reliableSession ordered="true" inactivityTimeout="00:10:00"
enabled="false" />
<security mode="Message">
<transport clientCredentialType="Windows" proxyCredentialType="None"
realm="" />
<message clientCredentialType="Windows" negotiateServiceCredential="true"
algorithmSuite="Default" establishSecurityContext="true" />
</security>
</binding>
and here is the client binding:
<binding name="WSHttpBinding_IAssessmentDataAccessContract"
closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00"
bypassProxyOnLocal="false" transactionFlow="false"
hostNameComparisonMode="StrongWildcard"
maxBufferPoolSize="2147483647" maxReceivedMessageSize="2147483647"
messageEncoding="Text" textEncoding="utf-8"
useDefaultWebProxy="true" allowCookies="false">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384" maxBytesPerRead="4096" maxNameTableCharCount="16384"/>
<reliableSession ordered="true" inactivityTimeout="00:10:00" enabled="false"/>
<security mode="Message">
<transport clientCredentialType="Windows" proxyCredentialType="None" realm="">
<extendedProtectionPolicy policyEnforcement="Never"/>
</transport>
<message clientCredentialType="Windows" negotiateServiceCredential="true"
algorithmSuite="Default" establishSecurityContext="true"/>
</security>
</binding>
I had a similar issue with a service that connected to an Oracle database. The culprit took me some time to find, but the first step I would take would be to enable tracing on both the server and the client. Here is the MSDN doc on how to do that. Jump to the recomended settings for tracing in production environment
What it sounds like is that you have a value TYPE in the database that WCF does not know how to serialize, or it is not included in the KnownTypes attribute of your ServiceContract. When I ran into this issue, it was very similar, but I needed to dig through the traces to find that something was not being serialized (or deserialized) properly on the call. My problem was in returning a dataset instead of a specific value, it was harder to find exactly what data was the culprit.
If you do not have a custom error handler, WCF is prone to locking up on an exception and your client with get a "timeout".
when the crash occurs and see that the return statement from the service is reached.
That helps but doesn't mean the server side isn't causing/adding to the problem.
Is it possible your method returns a very large payload and it takes too long to download or exceeds the maximum size of the WCF bindings?
Now, the reason you might not have seen this until now is NOW you have 2 years worth of data so you may be returning more stuff than you did initally. Just a guess.
eg
public string GetStuff()
{
return //large payload
}
what do you bindings look like on both ends? Wwhat is the value of maxStringContentLength ?
I am using a third party wsdl to connect to a service. I have been provided a security certificate and a username / password.
I have:
Installed the certificate on my Windows 7 machine
Ensured it has the correct permissions
Have the correct location for the API stored in the web.config
The code fails each time. The error messages change, but they include:
Authentication failed because the remote party has closed the transport stream.
An existing connection was forcibly closed by the remote host
Could not create SSL/TLS secure channel
This is the code I am executing:
ServicePointManager.Expect100Continue = true;
ServicePointManager.SecurityProtocol = SecurityProtocolType.Ssl3 | SecurityProtocolType.Tls;
//Third party client
var client = new ConnectionPortClient();
//Including these two lines or not does not affect the outcome
//client.ClientCredentials.UserName.UserName = "username";
//client.ClientCredentials.UserName.Password = "password";
client.ClientCredentials.ClientCertificate.Certificate = new X509Certificate2(#"C:\..\cert.p12", "password", X509KeyStorageFlags.MachineKeySet);
var results = client.getResults("");
And here is the relevant part of the web.config:
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="assessmentBinding" closeTimeout="00:01:00" openTimeout="00:01:00"
receiveTimeout="00:10:00" sendTimeout="00:01:00" allowCookies="false"
bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard"
maxBufferSize="65536" maxBufferPoolSize="524288" maxReceivedMessageSize="65536"
messageEncoding="Text" textEncoding="utf-8" transferMode="Buffered"
useDefaultWebProxy="true">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
maxBytesPerRead="4096" maxNameTableCharCount="16384" />
<security mode="Transport">
<transport clientCredentialType="None" proxyCredentialType="None"
realm="" />
<message clientCredentialType="Certificate" algorithmSuite="Default" />
</security>
</binding>
</basicHttpBinding>
</bindings>
<client>
<endpoint address="https://endpoint/" binding="basicHttpBinding"
bindingConfiguration="assessmentBinding" contract="API.Assessment"
name="assessmentSOAP" />
</client>
</system.serviceModel>
Any thoughts on what's going on here?
you use Certificate message credential type but you are trying to set up UserName/Password for UserName message credential type - this is wrong. check the article about Message Security with a Certificate Client
I have a WCF service using wsHttpBinding with message encryption. I use the same service reference unless it has become faulted, in which case I create a new one. I'm running in to an issue where the session has timed out and the service has closed its end, but the client application still has the CommunicationState as Opened.
How can I tell in ClientBase if the connection has timed out? I want in my client application to create a new service proxy if the current one has timed out.
Below is my client-side binding:
<wsHttpBinding>
<binding name="wsHttpBindingWithAuthClient" closeTimeout="00:01:00"
openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00"
bypassProxyOnLocal="false" transactionFlow="false" hostNameComparisonMode="StrongWildcard"
maxBufferPoolSize="524288" maxReceivedMessageSize="20000000"
messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true"
allowCookies="false">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
maxBytesPerRead="4096" maxNameTableCharCount="16384" />
<reliableSession ordered="true" inactivityTimeout="00:10:00"
enabled="false" />
<security mode="Message">
<transport clientCredentialType="Windows" proxyCredentialType="None"
realm="" />
<message clientCredentialType="UserName" negotiateServiceCredential="true"
algorithmSuite="Default" />
</security>
</binding>
</wsHttpBinding>
Why don't you just wrap all of your service calls in a try/catch, and in the catch block of the specific exception type of server connection timeout, recreate the proxy.
try
{
serviceProxyGlobal.Method()
}
catch(WhateverServerTimeoutException ex)
{
serviceProxyGlobal = new ServiceProxy();
//retry maybe?
}
catch(Exception ex)
{
logException(ex);
}
Please consider accessing that shared web service reference using a simple getter, where you basically try to "ping" your web service just before returning reference to it (that "ping" method should be really simple, like Boolean Ping() { return true; }) If it throws exception (here you have to cater for all possible scenarios), simply handle it, suppress it (if it's an exception you can identify and which you expected) and create new shared connection.
Alternatively you can design a method pinging your web service each [web service timeout in minutes] / 2 minutes in a background thread.
Sorry answer found while typing
I am trying to connect to an external webservice that requires username/password authentication through a proxy. I am using Visual Studio Express 2008 to generate a service reference
I have connected to the same
webservice using a web reference.We
only had to set a larger timeout
because it takes a long time to
finish.
I have connected to another
webservice that does not require
username/password authentication
with a generated service reference
and some settings to get it through
the proxy.
So my thought would be to
take this reference, point it to the
correct webservice and add
authentication.
The config I am using without security:
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<system.net>
<defaultProxy useDefaultCredentials="true">
<proxy bypassonlocal="False" proxyaddress="http://***.***.****:80" />
</defaultProxy>
</system.net>
<system.serviceModel>
<bindings>
<customBinding>
<binding name="AreaWebServiceSoap12">
<textMessageEncoding maxReadPoolSize="64" maxWritePoolSize="16"
messageVersion="Soap12" writeEncoding="utf-8">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
maxBytesPerRead="4096" maxNameTableCharCount="16384" />
</textMessageEncoding>
<httpTransport manualAddressing="false" maxBufferPoolSize="524288"
maxReceivedMessageSize="65536" allowCookies="false" authenticationScheme="Anonymous"
bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard"
keepAliveEnabled="true" maxBufferSize="65536" proxyAuthenticationScheme="Anonymous"
realm="" transferMode="Buffered" unsafeConnectionNtlmAuthentication="false"
useDefaultWebProxy="true" />
</binding>
</customBinding>
</bindings>
<client>
<endpoint address="http://www.****.*****.****.com/samplewebservice/service.asmx"
binding="customBinding" bindingConfiguration="AreaWebServiceSoap12"
contract="ServiceReference1.ServiceSoap" name="ServiceSoap" />
</client>
</system.serviceModel>
</configuration>
I have added te following code to my call for authentication:
static void Main(string[] args)
{
ServiceSoapClient s = new ServiceSoapClient();
s.ClientCredentials.UserName.UserName = #"username";
s.ClientCredentials.UserName.Password = #"password";
Service.RawGpsData[] result = s.GetRawGpsData(0);
Console.WriteLine(String.Format("done:{0}",result.Length));
Console.ReadLine();
}
Just using this setup gives an error as expected:
The HTTP request is not authorized with client authentication scheme Anonymous. The authentication header from the server is received, is NTLM.
Now I get lost and start trying silly things because I am just starting to use WCF.
When I add the following section to the config
<security authenticationMode="UserNameOverTransport"></security>
I get the following error:
The binding CustomBinding.http: / / tempuri.org / for the contract AreaWebServiceSoap.AreaWebServices is configured with a verification mode for which a transport level with integrity and confidentiality is required. The transport can not provide integrity and confidentiality.
Sorry, while typing this question I stumbled upon the answer myself. I still think people might be interested in this and all comments and thoughts are still welcome. So I will leave the question here and make it community and post the answer myself.
Change the binding to :
<?xml version="1.0" encoding="utf-8" ?>
<customBinding>
<binding name="AreaWebServiceSoap12" closeTimeout="00:01:00" openTimeout="00:10:00"
receiveTimeout="00:20:00" sendTimeout="00:05:00">
<textMessageEncoding maxReadPoolSize="64" maxWritePoolSize="16"
messageVersion="Soap12" writeEncoding="utf-8">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
maxBytesPerRead="4096" maxNameTableCharCount="16384" />
</textMessageEncoding>
<httpTransport manualAddressing="false" maxBufferPoolSize="524288"
maxReceivedMessageSize="65536" allowCookies="false" authenticationScheme="Ntlm"
bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard"
keepAliveEnabled="true" maxBufferSize="65536" proxyAuthenticationScheme="Anonymous"
realm="" transferMode="Buffered" unsafeConnectionNtlmAuthentication="false"
useDefaultWebProxy="true" />
</binding>
</customBinding>
So set authenticationScheme="Ntlm"
And here is how you can connect without proxy:
http://blog.bodurov.com/Create-a-WCF-client-for-asmx-web-service-without-using-web-proxy