I'm fairly new to WCF but I have a WCF Service hosted in IIS that has several queries to our SQL Server. I am consuming the WCF service with a WPF application. What I'm trying to do is allow windows authentication to pass from the WPF Client, To The WCF Service, To The SQL Server so that the SQL Queries are executed as the clients user. I've been trying to configure the website and host in various ways with no luck so far.
On my WCF Service website, I have Anonymous Authentication=true(for MEX), ASP.NET Impersonation=true and Windows Authentication=true.
In my WCF Service Web.config:
<configuration>
<system.web>
<customErrors mode="Off"/>
<authentication mode="Windows"/>
<compilation debug="true" targetFramework="4.0">
<assemblies>
<add assembly="System.Data.Entity, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
</assemblies>
</compilation>
</system.web>
<system.serviceModel>
<bindings>
<wsHttpBinding>
<binding maxReceivedMessageSize="5000000" name="WindowsSecurity">
<readerQuotas maxDepth="200"/>
<security mode="Transport">
<transport clientCredentialType="Windows" />
</security>
</binding>
</wsHttpBinding>
</bindings>
<services>
<service name="ADATrackingService" behaviorConfiguration="ServiceBehavior">
<endpoint address="" binding="wsHttpBinding" bindingConfiguration="WindowsSecurity"
name="wsHttpEndpoint" contract="IADATrackingService" />
<endpoint address="mex" binding="mexHttpsBinding" name="MexHttpsBindingEndpoint"
contract="IMetadataExchange" />
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="ServiceBehavior">
<serviceMetadata httpGetEnabled="false" httpsGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
<serviceAuthorization impersonateCallerForAllOperations="true" />
</behavior>
</serviceBehaviors>
</behaviors>
<serviceHostingEnvironment multipleSiteBindingsEnabled="true" />
</system.serviceModel>
<system.webServer>
<modules runAllManagedModulesForAllRequests="true" />
</system.webServer>
<connectionStrings>
<add name="ADATrackingEntities" connectionString="metadata=res://*/EntityModel.ADATrackingModel.csdl|res://*/EntityModel.ADATrackingModel.ssdl|res://*/EntityModel.ADATrackingModel.msl;provider=System.Data.SqlClient;provider connection string="data source=MYSERVER;initial catalog=ADATracking;integrated security=True;multipleactiveresultsets=True;App=EntityFramework"" providerName="System.Data.EntityClient" />
</connectionStrings>
</configuration>
Then in my WPF client App.Config I have:
<configuration>
<system.serviceModel>
<behaviors>
<endpointBehaviors>
<behavior name="WindowsAuthentication">
<clientCredentials>
<windows allowedImpersonationLevel="Delegation"/>
</clientCredentials>
</behavior>
</endpointBehaviors>
</behaviors>
<bindings>
<wsHttpBinding>
<binding name="wsHttpEndpoint" closeTimeout="00:01:00" openTimeout="00:01:00"
receiveTimeout="00:10:00" sendTimeout="00:01:00" bypassProxyOnLocal="false"
transactionFlow="false" hostNameComparisonMode="StrongWildcard"
maxBufferPoolSize="524288" maxReceivedMessageSize="5000000"
messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true"
allowCookies="false">
<readerQuotas maxDepth="200" maxStringContentLength="8192" maxArrayLength="16384"
maxBytesPerRead="4096" maxNameTableCharCount="16384" />
<reliableSession ordered="true" inactivityTimeout="00:10:00"
enabled="false" />
<security mode="Transport">
<transport clientCredentialType="Windows" proxyCredentialType="None"
realm="" />
<message clientCredentialType="Windows" negotiateServiceCredential="true" />
</security>
</binding>
</wsHttpBinding>
</bindings>
<client>
<endpoint address="https://MyService.svc"
binding="wsHttpBinding" behaviorConfiguration="WindowsAuthentication" bindingConfiguration="wsHttpEndpoint"
contract="ADATrackingService.IADATrackingService" name="wsHttpEndpoint">
<identity>
<servicePrincipalName value="host/MyServer.com" />
</identity>
</endpoint>
</client>
</system.serviceModel>
</configuration>
My service calls are just returning simple queries from SQL using the metadata for allowing impersonation. Every time I run the client and call something from my service i'm just getting an error opening the data connection for "NT Authority/ANONYMOUS LOGIN" even with AnonymousAuthentication=false set in IIS??? Any help would be greatly appreciated. Thanks!
[OperationBehavior(Impersonation = ImpersonationOption.Required)]
public List<IndividualDisability> GetIndividualDisabilities()
{
WindowsIdentity callerWindowsIdentity = ServiceSecurityContext.Current.WindowsIdentity;
if (callerWindowsIdentity == null)
{
throw new InvalidOperationException
("The caller cannot be mapped to a Windows identity.");
}
using (callerWindowsIdentity.Impersonate())
{
using (var context = new ADATrackingEntities())
{
return context.IndividualDisabilities.OfType<IndividualDisability>().Include("ADACode").Include("Individual").Include("Disability").ToList();
}
}
}
Well, after browsing around some more today. I've finally got it working! The issue was that in active directory, I needed to allow Delegation to the SQL Server box. There is a setting in AD that you have to set on the web server box to allow it to delegate to the SQl Service on your SQl Server box on port 1433. I also had to make sure I was setup for kerebos authentication on the webserver. This blog post explained my situation exactly and helped me get it working from start to finish:
ASP.Net Impersonation
In IIS, have you explicitly removed Anonymous authentication? Do the following:
Open the IIS Manager.
Navigate to your WCF service application.
In the Features View, Under IIS, click Authentication.
Remove any authentication scheme except Windows Authentication. (Anonymous is enabled by default.)
To help ensure that your WPF application is not interfering in any way, first test with wcftestclient.
Open a Developers Command Window (Start Menu>Programs>Microsoft Visual Studio 2010>Visual Studio Tools>Visual Studio Command Prompt (2010))
wcftestclient https://url.to/myservice.svc
Related
I created a WCF Service hosted on IIS. With HTTP binding everything ist working fine. But when I switch to TCP binding it doesn't work any more. I tried every hint I found on the web, but no success.
Already done:
installed Windows-Feature "WCF-Non-Http-Activation"
activated Windows Service Net.Tcp-Listener Adapter
In WcfTestClient the service can't be added. But maybe this tool doesn't support TCP(?) so I also tested in Visual Studio by trying to add a service reference.
Error Message when trying to add the service in VS:
An error occurred while attempting to find services at 'net.tcp://hostname:19099/Namespace/Company.Service.svc/mex'. No IPEndpoints were found for host hostname. Details: Metadata contains a reference that cannot be resolved: 'net.tcp://hostname:19099/Namespace/Company.Service.svc/mex'.
This is my current web.config (anonymized) - what am I doing wrong?
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<system.web>
<compilation targetFramework="4.8"/>
<httpRuntime targetFramework="4.8"/>
<customErrors mode="Off"/>
</system.web>
<system.serviceModel>
<behaviors>
<serviceBehaviors>
<behavior name="ServiceBehavior">
<serviceMetadata />
<serviceDebug includeExceptionDetailInFaults="true"/>
</behavior>
</serviceBehaviors>
</behaviors>
<services>
<service name="Company.Namespace.Service" behaviorConfiguration="ServiceBehavior">
<endpoint name="ServiceEndpoint" address="" binding="netTcpBinding"
bindingConfiguration="ServiceNetTcpBinding" contract="Company.Namespace.IService"/>
<endpoint address="mex" binding="mexTcpBinding" contract="IMetadataExchange"/>
<host>
<baseAddresses>
<add baseAddress="net.tcp://hostname:19099/Namespace/Company.Service/"/>
</baseAddresses>
</host>
</service>
</services>
<bindings>
<basicHttpBinding>
<binding name="ServiceBasicHttpBinding" sendTimeout="00:01:00" receiveTimeout="00:01:00" openTimeout="00:01:00" closeTimeout="00:01:00"/>
</basicHttpBinding>
<netTcpBinding>
<binding name="ServiceNetTcpBinding" sendTimeout="00:01:00" receiveTimeout="00:01:00" openTimeout="00:01:00" closeTimeout="00:01:00"
transferMode="Buffered" transactionFlow="false" hostNameComparisonMode="StrongWildcard" listenBacklog="10" maxBufferPoolSize="524288"
maxBufferSize="65536" maxConnections="10" maxReceivedMessageSize="65536" portSharingEnabled="false" transactionProtocol="OleTransactions">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384" maxBytesPerRead="4096" maxNameTableCharCount="16384"/>
<reliableSession ordered="true" inactivityTimeout="00:10:00" enabled="false"/>
<security mode="Transport">
<message clientCredentialType="None"/>
<transport clientCredentialType="Windows" protectionLevel="EncryptAndSign"/>
</security>
</binding>
</netTcpBinding>
<wsHttpBinding>
<binding name="ServiceWsHttpBinding" sendTimeout="01:00:30" receiveTimeout="01:00:30"/>
</wsHttpBinding>
</bindings>
<protocolMapping>
<add binding="basicHttpsBinding" scheme="https"/>
</protocolMapping>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true"/>
</system.serviceModel>
<system.webServer>
<modules runAllManagedModulesForAllRequests="true"/>
<directoryBrowse enabled="true"/>
</system.webServer>
</configuration>
When you say that you cancel the maximum number of connections and it works, does that mean that the maximum number of connections limits your network?
As far as I know, IIS 5/6 does not support non-HTTP services. IIS7 supports Net TCP, but you must install WAS first. Refer to the following steps:
Control Panel -- Programs and Features -- Turn Windows features on or off and install WAS.
Check whether non-HTTP support is enabled for WCF. Select the same interface in .NET Framework.
Add the Net TCP binding to the site and enable the Net TCP protocol.
Further details can also be found in this docs.
Please do NOT delete this message as a duplicate!!
I am writing a WCF service that allows for XML files to be uploaded so that they can be imported into the database. However I am receiving the above error when I upload a file above the 64k default.
I have read through all the questions already posted on here about this problem and implemented them but still am facing the same issue.
I have increased all the binding values in my config file (for both the client and server) to accept the maximum size of 2GB.
<binding name="BasicHttpBinding_BailiffServices"
maxBufferSize="2147483647"
maxBufferPoolSize="2147483647"
maxReceivedMessageSize="2147483647">
<readerQuotas maxDepth="2147483647"
maxStringContentLength="2147483647"
maxArrayLength="2147483647"
maxBytesPerRead="2147483647"
maxNameTableCharCount="2147483647" />
<security mode="None" />
Here are the WCF services that use this binding.
<services>
<service name="ClientService.ClientService">
<endpoint address="http://subversion/BusinessTier.Services.ClientService.svc"
binding="basicHttpBinding" bindingConfiguration="BasicHttpBinding_BailiffServices"
name="BasicHttpBinding_IClient" contract="ClientService.IClient" />
</service>
<service name="DebtorService.DebtorService">
<endpoint address="http://subversion/BusinessTier.Services.DebtorService.svc"
binding="basicHttpBinding" bindingConfiguration="BasicHttpBinding_BailiffServices"
name="BasicHttpBinding_IDebtor" contract="DebtorService.IDebtor" />
</service>
</services>
I have also added settings to the config to ensure that IIS is also able to handle large files.
<system.webServer>
<modules runAllManagedModulesForAllRequests="true"/>
<security>
<requestFiltering allowDoubleEscaping="true">
<requestLimits maxAllowedContentLength="2147483647"/>
<fileExtensions allowUnlisted="true"/>
<verbs allowUnlisted="true"/>
</requestFiltering>
</security>
</system.webServer>
As far as I can see I have amended all the necessary settings to allow my WCF service to accept large files, but none of them have so far worked.
Any suggestions would be greatly appreciated.
I found solution to avoid error like 'The remote server returned an unexpected response: (413) Request Entity Too Large.'
When using basicHttpBinding in WCF Service Configuration You just need to increase the maximum message length in the Web.config.following way you can update you server web.config and client app.config file for sending large byte array via wcf.
Include following bindings and behaviors parameters in Web.config
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding maxReceivedMessageSize="2147483647" sendTimeout="00:10:00" receiveTimeout="00:10:00">
<readerQuotas maxStringContentLength="2147483647" maxArrayLength="2147483647" maxBytesPerRead="2147483647"/>
</binding>
</basicHttpBinding>
</bindings>
<behaviors>
<serviceBehaviors>
<behavior>
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true"/>
<serviceDebug includeExceptionDetailInFaults="true"/>
</behavior>
</serviceBehaviors>
</behaviors>
<protocolMapping>
<add binding="basicHttpsBinding" scheme="https" />
</protocolMapping>
<serviceHostingEnvironment aspNetCompatibilityEnabled="false">
<serviceActivations>
<add factory ="WebService.NInjectServiceHostFactory" relativeAddress="TestServic.svc" service="WebService.Services.ServiceManager"/>
</serviceActivations>
</serviceHostingEnvironment>
I have also added binding configuration in client app.config file.
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="BasicHttpBinding_IServiceManager" maxBufferSize="2147483647" maxBufferPoolSize="2147483647" maxReceivedMessageSize="2147483647">
<security mode="None"/>
<readerQuotas maxDepth="2147483647" maxStringContentLength="2147483647" maxArrayLength="2147483647" maxBytesPerRead="2147483647" maxNameTableCharCount="2147483647"/>
</binding>
</basicHttpBinding>
</bindings>
<client>
<endpoint address="http://localhost:49359/ServiceManager.svc"
binding="basicHttpBinding" bindingConfiguration="BasicHttpBinding_IPackageManager"
contract="PackageManager.IPackageManager" name="BasicHttpBinding_IPackageManager" />
</client>
</system.serviceModel>
this will also handle timeout error as well.
I've eventually managed to get this working after several hours of head scratching. I removed the binding name "BasicHttpBinding_BailiffServices" from both the <binding /> element and the <endpoint /> elements. I stumbled across this solution on the MSDN site. Hope this helps someone else.
I'm having trouble with a Client-Server Application I'm developing.
I've created a Windows Form Application for the Client Part and a WCF Application for the Server part.
I'm using Visual Studio 2010. The application works just fine locally but I need to separate them. I want to run the Server application in a remote PC connected to the same LAN as the Client App.
Every time I debug my Server application, it runs at "http:/ /localhost:port" but I need it to run at "http:/ /192.168.1.xxx:port". So that I can import the services to my Client App using that address: "http:/ /192.168.1.xxx:port/Service1.svc".
I have another question. How can I export my Server Application to run it wherever I want? i.e. How to run my server app without debugging it on Visual Studio 2010?.
These are my configuration files for my services:
Client Side (app.config):
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="BasicHttpBinding_IValidacionesService" closeTimeout="00:01:00"
openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00"
allowCookies="false" bypassProxyOnLocalhostNameComparisonMode="StrongWildcard"
maxBufferSize="65536" maxBufferPoolSize="524288" maxReceivedMessageSize="65536"
messageEncoding="Text" textEncoding="utf-8" transferMode="Buffered"
useDefaultWebProxy="true">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
maxBytesPerRead="4096" maxNameTableCharCount="16384" />
<security mode="None">
<transport clientCredentialType="None" proxyCredentialType="None"
realm="" />
<message clientCredentialType="UserName" algorithmSuite="Default" />
</security>
</binding>
<binding name="BasicHttpBinding_IEncuestaCRUDService" closeTimeout="00:01:00"
openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00"
allowCookies="false" bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard"
maxBufferSize="6553600" maxBufferPoolSize="52428800" maxReceivedMessageSize="6553600"
messageEncoding="Text" textEncoding="utf-8" transferMode="Buffered"
useDefaultWebProxy="true">
<readerQuotas maxDepth="3200" maxStringContentLength="819200" maxArrayLength="1638400"
maxBytesPerRead="409600" maxNameTableCharCount="1638400" />
<security mode="None">
<transport clientCredentialType="None" proxyCredentialType="None"
realm="" />
<message clientCredentialType="UserName" algorithmSuite="Default" />
</security>
</binding>
</basicHttpBinding>
</bindings>
<client>
<endpoint address="http:/ /localhost:2504/ValidacionesService.svc"
binding="basicHttpBinding" bindingConfiguration="BasicHttpBinding_IValidacionesService"
contract="ServiceValidacionesReference.IValidacionesService"
name="BasicHttpBinding_IValidacionesService" />
<endpoint address="http:/ /localhost:2504/EncuestaCRUDService.svc"
binding="basicHttpBinding" bindingConfiguration="BasicHttpBinding_IEncuestaCRUDService"
contract="ServiceEncuestaReference.IEncuestaCRUDService" name="BasicHttpBinding_IEncuestaCRUDService" />
</client>
</system.serviceModel>
Server Side (web.config):
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<system.web>
<compilation debug="true" targetFramework="4.0">
<assemblies>
<add assembly="System.Data.Entity, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
</assemblies>
</compilation>
</system.web>
<system.serviceModel>
<behaviors>
<serviceBehaviors>
<behavior>
<!-- To avoid disclosing metadata information, set the value below to false and remove the metadata endpoint above before deployment -->
<serviceMetadata httpGetEnabled="true" />
<!-- To receive exception details in faults for debugging purposes, set the value below to true. Set to false before deployment to avoid disclosing exception information -->
<serviceDebug includeExceptionDetailInFaults="true" />
</behavior>
</serviceBehaviors>
</behaviors>
<serviceHostingEnvironment multipleSiteBindingsEnabled="true" />
</system.serviceModel>
<system.webServer>
<modules runAllManagedModulesForAllRequests="true" />
</system.webServer>
<connectionStrings>
<add name="CADBEntities" connectionString="metadata=res://*/ModeloCaDB.csdl|res://*/ModeloCaDB.ssdl|res://*/ModeloCaDB.msl;provider=System.Data.SqlClient;provider connection string="data source=OMSUser\SQLEXPRESS;initial catalog=CADB;integrated security=True;multipleactiveresultsets=True;App=EntityFramework"" providerName="System.Data.EntityClient" />
Thanks in advance.
You need to host the WCF service as an IIS site on the other computer.
VS has a a couple of ways you can publish the files needed to the other machine, though the easiest way is probably via a network share.
Here's a link to the basics of publishing a WCF service.
Your client is trying to communicate with an EndpointAddress set to localhost which means the current computer.
It must be configured to contact the IP address of the machine that the WCF Service is being hosted on.
Here is an example of how you would do this in the client configuration file.
<system.serviceModel>
<client>
<endpoint address="http://192.168.1.xxx:port/Service1.svc"
binding="basicHttpBinding" bindingConfiguration="BasicHttpBinding_IValidacionesService"
contract="IValidacionesService" name="BasicHttpBinding_IValidacionesService">
</endpoint>
</client>
</system.serviceModel>
I am getting the below error message in my WCF service. Below is my web,config. I have tried a few things and nothing has resolved the error. Any help is appreciated.
The contract 'IMetadataExchange' in client configuration does not
match the name in the service contract
<?xml version="1.0"?>
<configuration>
<connectionStrings/>
<system.web>
<compilation strict="false" explicit="true" targetFramework="4.0" debug="true"/>
</system.web>
<system.serviceModel>
<behaviors>
<serviceBehaviors>
<behavior name="">
<serviceMetadata httpGetEnabled="true"/>
<serviceDebug includeExceptionDetailInFaults="false"/>
</behavior>
</serviceBehaviors>
</behaviors>
<bindings>
<basicHttpBinding>
<binding name="SNCBinding" closeTimeout="00:10:00" openTimeout="00:10:00"
receiveTimeout="00:10:00" sendTimeout="00:10:00" maxBufferSize="2147483647"
maxReceivedMessageSize="2147483647" textEncoding="utf-8">
<readerQuotas maxDepth="2147483647" maxStringContentLength="2147483647"
maxArrayLength="2147483647" maxBytesPerRead="2147483647" maxNameTableCharCount="2147483647" />
<security mode="TransportCredentialOnly">
<transport clientCredentialType="Windows" proxyCredentialType="Windows" />
</security>
</binding>
</basicHttpBinding>
</bindings>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true"
multipleSiteBindingsEnabled="true" />
<services>
<service name="SNC.MaterialRequest.WCF.MaterialRequest">
<endpoint address="" binding="basicHttpBinding" bindingConfiguration="SNCBinding"
contract="SNC.MaterialRequest.WCF.MaterialRequest" />
</service>
</services>
</system.serviceModel>
</configuration>
Have you installed the .Net Services SDK by any chance?
See: http://azure.snagy.name/blog/?tag=imetadataexchange
It sounds like it adds a client endpoint for IMetaDataExchange in your machine.config. So you can either delete it out of your machine.config, or add
<client>
<remove contract=”IMetadataExchange” name=”sb” />
</client>
to every app.config/web.config from now on.
EDIT: Note that this shouldn't affect your actual application, it's just a warning that you can ignore. It's mentioned here, also: http://blogs.msdn.com/b/wcftoolsteamblog/archive/2008/08/28/tips-for-wcf-tools-in-vs2008-sp1.aspx
Here is the issue :
contract="SNC.MaterialRequest.WCF.MaterialRequest"
It's not same as IMetadataExchange in error. So it's either wrong in server side config, or in client side config. Altough I would say in server side, since this should be interface.
I am using .Net 3.5 and attempting to configure a WCF service and am receiving the exception, The HTTP request is unauthorized with client authentication scheme 'Negotiate'. The authentication header received from the server was 'Negotiate,NTLM'. I have attached my server-side and client-side .config files below.
Just a couple of notes. The application and service are both using impersonation due to network access requirements. The web application resides on a different server than the WCF service. Both also have the following specified in their respective web.config files.
<authentication mode="Windows"/>
<identity impersonate="true" userName="userName" password="password"/>
Web Application (on server1)
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="BasicHttpBinding_IReports" closeTimeout="00:01:00"
openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00"
allowCookies="false" bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard"
maxBufferSize="65536" maxBufferPoolSize="524288" maxReceivedMessageSize="65536"
messageEncoding="Text" textEncoding="utf-8" transferMode="Buffered"
useDefaultWebProxy="false" proxyAddress="http://server2/Services/ReportService">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
maxBytesPerRead="4096" maxNameTableCharCount="16384" />
<security mode="TransportCredentialOnly">
<transport clientCredentialType="Windows" proxyCredentialType="None" realm="" />
<message clientCredentialType="UserName" algorithmSuite="Default" />
</security>
</binding>
</basicHttpBinding>
</bindings>
<client>
<endpoint name="BasicHttpBinding_IReports" address="http://server2/Services/ReportService/Reports.svc"
binding="basicHttpBinding" contract="WCFServiceRef.IReports" bindingConfiguration="BasicHttpBinding_IReports"
behaviorConfiguration="ClientBehavior"/>
</client>
<behaviors>
<endpointBehaviors>
<behavior name="ClientBehavior" >
<clientCredentials supportInteractive="true" >
<windows allowedImpersonationLevel="Impersonation" allowNtlm="true" />
</clientCredentials>
</behavior>
</endpointBehaviors>
</behaviors>
</system.serviceModel>
WCF Service (on server2)
<system.serviceModel>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true"/>
<bindings>
<basicHttpBinding>
<binding name="default" maxReceivedMessageSize="200000">
<readerQuotas maxStringContentLength="200000" maxArrayLength="200000"/>
<security mode="TransportCredentialOnly">
<transport clientCredentialType="Windows" proxyCredentialType="None" realm="" />
<message clientCredentialType="UserName" algorithmSuite="Default" />
</security>
</binding>
</basicHttpBinding>
</bindings>
<services>
<service behaviorConfiguration="ReportService.ReportsBehavior" name="ReportService.Reports">
<endpoint address="" binding="basicHttpBinding" contract="ReportService.IReports" bindingConfiguration="default">
<identity>
<dns value="localhost"/>
</identity>
</endpoint>
<endpoint name="mex" address="mex" binding="basicHttpBinding" contract="IMetadataExchange" bindingConfiguration="default"/>
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="ReportService.ReportsBehavior">
<serviceAuthorization impersonateCallerForAllOperations="false"/>
<serviceMetadata httpGetEnabled="true"/>
<serviceDebug includeExceptionDetailInFaults="false"/>
</behavior>
</serviceBehaviors>
</behaviors>
</system.serviceModel>
I thought that if I were to apply the allowNtlm="true" directive in the application that this would be fixed. It seems to me that the server is expecting Windows authentication but is not receiving it? Due to the application and service residing on different servers do I need to use the proxy values? I feel that I'm not understanding something basic but whether it's on the server-side IIS configuration or simply in my application I don't know.
Thanks for any help!
This sample from MSDN for basicHttpBinding with TransportCredentialOnly shows how to set it up. Your config is very similar except that it is also setting message level security. I'd try removing the message element from the config to see if that is the cause of the problem.
I don't believe the problem is passing the impersonation credentials themselves but the TransportCredentialOnly configuration. Also, make sure IIS is configured to support Windows authentication on the WCF server.