I am trying to access my WCF service on a server from my client console application for testing. I am getting the following error:
The caller was not authenticated by the service
I am using wsHttpBinding
. I'm not sure what kind of authentication the service is expecting?
<behaviors>
<serviceBehaviors>
<behavior name="MyTrakerService.MyTrakerServiceBehavior">
<!-- To avoid disclosing metadata information, set the value below to false and remove the metadata endpoint above before deployment -->
<serviceMetadata httpGetEnabled="true"/>
<!-- To receive exception details in faults for debugging purposes, set the value below to true. Set to false before deployment to avoid disclosing exception information -->
<serviceDebug includeExceptionDetailInFaults="false"/>
</behavior>
</serviceBehaviors>
</behaviors>
Update
It works if I change my binding to <endpoint "basicHttpBinding" ... />
(from wsHttpBinding)
on the IIS 7.0 hosted, windows 2008 server
This question is related to
.net
wcf
security
wcf-binding
This can be caused if the client is in a different domain than the server.
I encountered this when testing one of my applications from my PC(client) to my (cloud) testing server and the simplest solution i could think of was setting up a vpn.
Why can't you just remove the security setting altogether for wsHttpBinding ("none" instead of "message" or "transport")?
I also had the same problem in wsHtppBinding
. And I just had to add security
mode pointing to none
, that solved my problem and no need to switch to basicHttpBinding
. Check Here and check how to disable WCF security. Check the below config change for reference:
<wsHttpBinding>
<binding name="soapBinding">
<security mode="None">
<transport clientCredentialType="None" />
<message establishSecurityContext="false" />
</security>
</binding>
</wsHttpBinding>
set anonymous access in your virtual directory
write following credentials to your service
ADTService.ServiceClient adtService = new ADTService.ServiceClient();
adtService.ClientCredentials.Windows.ClientCredential.UserName="windowsuseraccountname";
adtService.ClientCredentials.Windows.ClientCredential.Password="windowsuseraccountpassword";
adtService.ClientCredentials.Windows.ClientCredential.Domain="windowspcname";
after that you call your webservice methods.
I got it.
If you want to use wshttpbinding, u need to add windows credentials as below.
svc.ClientCredentials.Windows.ClientCredential.UserName = "abc";
svc.ClientCredentials.Windows.ClientCredential.Password = "xxx";
thanks
If you use basicHttpBinding, configure the endpoint security to "None" and transport clientCredintialType to "None."
<bindings>
<basicHttpBinding>
<binding name="MyBasicHttpBinding">
<security mode="None">
<transport clientCredentialType="None" />
</security>
</binding>
</basicHttpBinding>
</bindings>
<services>
<service behaviorConfiguration="MyServiceBehavior" name="MyService">
<endpoint
binding="basicHttpBinding"
bindingConfiguration="MyBasicHttpBinding"
name="basicEndPoint"
contract="IMyService"
/>
</service>
Also, make sure the directory Authentication Methods in IIS to Enable Anonymous access
Have you tried using basicHttpBinding instead of wsHttpBinding? If do not need any authentication and the Ws-* implementations are not required, you'd probably be better off with plain old basicHttpBinding. WsHttpBinding implements WS-Security for message security and authentication.
This can be caused if the client is in a different domain than the server.
I encountered this when testing one of my applications from my PC(client) to my (cloud) testing server and the simplest solution i could think of was setting up a vpn.
I got it.
If you want to use wshttpbinding, u need to add windows credentials as below.
svc.ClientCredentials.Windows.ClientCredential.UserName = "abc";
svc.ClientCredentials.Windows.ClientCredential.Password = "xxx";
thanks
If you're using a self hosted site like me, the way to avoid this problem (as described above) is to stipulate on both the host and client side that the wsHttpBinding security mode = NONE.
When creating the binding, both on the client and the host, you can use this code:
Dim binding as System.ServiceModel.WSHttpBinding
binding= New System.ServiceModel.WSHttpBinding(System.ServiceModel.SecurityMode.None)
or
System.ServiceModel.WSHttpBinding binding
binding = new System.ServiceModel.WSHttpBinding(System.ServiceModel.SecurityMode.None);
if needed to specify domain(which authecticates username and password that client uses) in webconfig you can put this in system.serviceModel services service section:
<identity>
<servicePrincipalName value="example.com" />
</identity>
and in client specify domain and username and password:
client.ClientCredentials.Windows.ClientCredential.Domain = "example.com";
client.ClientCredentials.Windows.ClientCredential.UserName = "UserName ";
client.ClientCredentials.Windows.ClientCredential.Password = "Password";
If you use basicHttpBinding, configure the endpoint security to "None" and transport clientCredintialType to "None."
<bindings>
<basicHttpBinding>
<binding name="MyBasicHttpBinding">
<security mode="None">
<transport clientCredentialType="None" />
</security>
</binding>
</basicHttpBinding>
</bindings>
<services>
<service behaviorConfiguration="MyServiceBehavior" name="MyService">
<endpoint
binding="basicHttpBinding"
bindingConfiguration="MyBasicHttpBinding"
name="basicEndPoint"
contract="IMyService"
/>
</service>
Also, make sure the directory Authentication Methods in IIS to Enable Anonymous access
I also had the same problem in wsHtppBinding
. And I just had to add security
mode pointing to none
, that solved my problem and no need to switch to basicHttpBinding
. Check Here and check how to disable WCF security. Check the below config change for reference:
<wsHttpBinding>
<binding name="soapBinding">
<security mode="None">
<transport clientCredentialType="None" />
<message establishSecurityContext="false" />
</security>
</binding>
</wsHttpBinding>
If you're using a self hosted site like me, the way to avoid this problem (as described above) is to stipulate on both the host and client side that the wsHttpBinding security mode = NONE.
When creating the binding, both on the client and the host, you can use this code:
Dim binding as System.ServiceModel.WSHttpBinding
binding= New System.ServiceModel.WSHttpBinding(System.ServiceModel.SecurityMode.None)
or
System.ServiceModel.WSHttpBinding binding
binding = new System.ServiceModel.WSHttpBinding(System.ServiceModel.SecurityMode.None);
Have you tried using basicHttpBinding instead of wsHttpBinding? If do not need any authentication and the Ws-* implementations are not required, you'd probably be better off with plain old basicHttpBinding. WsHttpBinding implements WS-Security for message security and authentication.
Why can't you just remove the security setting altogether for wsHttpBinding ("none" instead of "message" or "transport")?
If you use basicHttpBinding, configure the endpoint security to "None" and transport clientCredintialType to "None."
<bindings>
<basicHttpBinding>
<binding name="MyBasicHttpBinding">
<security mode="None">
<transport clientCredentialType="None" />
</security>
</binding>
</basicHttpBinding>
</bindings>
<services>
<service behaviorConfiguration="MyServiceBehavior" name="MyService">
<endpoint
binding="basicHttpBinding"
bindingConfiguration="MyBasicHttpBinding"
name="basicEndPoint"
contract="IMyService"
/>
</service>
Also, make sure the directory Authentication Methods in IIS to Enable Anonymous access
if needed to specify domain(which authecticates username and password that client uses) in webconfig you can put this in system.serviceModel services service section:
<identity>
<servicePrincipalName value="example.com" />
</identity>
and in client specify domain and username and password:
client.ClientCredentials.Windows.ClientCredential.Domain = "example.com";
client.ClientCredentials.Windows.ClientCredential.UserName = "UserName ";
client.ClientCredentials.Windows.ClientCredential.Password = "Password";
Source: Stackoverflow.com