none
Hosting Dynamic Workflow Service in IIS 7.0 over SSL

    Question

  • Hi,

    I am having problem hosting WF services and here is the scenerio.

    I've created a re-hosted workflow designer using WF4.0 where user can create workflow services and save them to database. Now these services will then be picked by an asp.net MVC 3 application one by one from database (as xamlx strings) and hosted to IIS thus exposing the endpoints (e.g. http://localhost/Hostedworkflows/Addition). On clicking the endpoints, I'm able to view the metadata of the service. I've hosted mvc application to IIS with http:// protocol. So far so good.

    Now I want to host the same application over ssl so I created a duplicate copy of mvc application, modify web.config to support https://, create a self signed certificate in IIS 7 attach it with the application etc etc... and I am able to browse the listing of endpoints same as above (that means my application is hosted over ssl). 

    Now the problem arises...When I click on any of the end point inspite of showing me the metadata it gives me following error..

    "Service 'DynamicActivity' has zero application (non-infrastructure) endpoints. This might be because no configuration file was found for your application, or because no service element matching the service name could be found in the configuration file, or because no endpoints were defined in the service element."

    This is because when we create workflow service activity from db string, it runtime generate DynamicActivity. I use this DynamicActivity to expose the endpoint using WorkflowServiceHost. So I added the following entry in my web.config file service model block...

    "<services><service name="DynamicActivity" behaviorConfiguration="SecureHostedWorkflowService.SecureServiceBehavior">

    <endpoint address="" binding="wsHttpContextBinding" bindingConfiguration="DefaultConfig" contract="IDynamicActivity" />
    </service></services>"

    with the following behaviour configuration

    "<behaviors><serviceBehaviors>

            <behavior name="SecureHostedWorkflowService.SecureServiceBehavior">
              <serviceMetadata httpGetEnabled="false" httpsGetEnabled="true" />
              <serviceDebug includeExceptionDetailInFaults="true" />
            </behavior>
          </serviceBehaviors>
        </behaviors>"

    Since I do not have anything with the name "IDynamicActivity" this time I got the following error...

    "The contract name 'IDynamicActivity' could not be found in the list of contracts implemented by the service 'DynamicActivity'."

    I know this is a valid error but I can't generate/create IDynamicActivity file as all the services are coming from database so they are dynamic.

    My question is..

    1. Am I doing the right thing in config file?

    2. If no what is the thing I'm missing?

    3. Is there any way/workaround to host dynamic workflow services over ssl?

    Here is my web.config snippet..

    <system.serviceModel>
        <bindings>
          <wsHttpBinding>
            <binding name="WsBindingConfig">
              <security mode="Transport">
                <transport clientCredentialType="None" />
              </security>
            </binding>
          </wsHttpBinding>
          <wsHttpContextBinding>
            <binding name="DefaultConfig">
              <security mode="Transport">
                <transport clientCredentialType="None" />
              </security>
            </binding>
          </wsHttpContextBinding>
          
          <netTcpBinding>
            <binding name="BigTcp" closeTimeout="00:05:00" openTimeout="00:05:00" sendTimeout="00:05:00" maxBufferSize="1000000000" maxReceivedMessageSize="1000000000">
              <readerQuotas maxStringContentLength="2147483647" maxDepth="2147483647" maxArrayLength="2147483647" maxBytesPerRead="2147483647" maxNameTableCharCount="2147483647" />
            </binding>
          </netTcpBinding>
        </bindings>
        
        <services>
          <service name="DynamicActivity" behaviorConfiguration="SecureHostedWorkflowService.SecureServiceBehavior">
            <endpoint address="" binding="wsHttpContextBinding" bindingConfiguration="DefaultConfig" contract="IDynamicActivity" />
          </service>
        </services>
        
        <client>
          <!-- The default client endpoints -->
          <endpoint name="IHostedWorkflowDataService" address="net.tcp://localhost:6428/Tribold/PPM/Internal/HostedWorkflowDataService" binding="netTcpBinding" 
                    bindingConfiguration="BigTcp" contract="Tribold.PPM.Contracts.IHostedWorkflowDataService" />
          <endpoint name="ICommonDataFunctionsService" address="net.tcp://localhost:6428/Tribold/PPM/Internal/CommonDataFunctionsService" binding="netTcpBinding" 
                    bindingConfiguration="BigTcp" contract="Tribold.PPM.Contracts.ICommonDataFunctionsService"/>
          <endpoint address="mex" binding="mexHttpsBinding" contract="IMetadataExchange"/>
        </client>
        
        <behaviors>
          <serviceBehaviors>
            <behavior name="SecureHostedWorkflowService.SecureServiceBehavior">
              <serviceMetadata httpGetEnabled="false" httpsGetEnabled="true" />
              <serviceDebug includeExceptionDetailInFaults="true" />
            </behavior>
          </serviceBehaviors>
        </behaviors>
        <serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" />
      </system.serviceModel>


    NitinV

    Tuesday, May 08, 2012 11:59 AM

Answers

  • Remove IMetadataExchange point from config. Disable all authentication but only Windows Authentication in IIS and it should work now.

    NitinV

    • Marked as answer by nkvls Thursday, May 17, 2012 9:18 AM
    Thursday, May 17, 2012 9:18 AM

All replies

  • Hi,

    Since your application works without SSL, You can try override the default binding and services configuration to only enable https. To do this, adding the binding and service configuration sections without specify the "name" attribute.

    Wednesday, May 09, 2012 6:26 AM
  • I tried it and it was giving me this error: -

    "Service 'DynamicActivity' has zero application (non-infrastructure) endpoints. This might be because no configuration file was found for your application, or because no service element matching the service name could be found in the configuration file, or because no endpoints were defined in the service element."

    which I overcome by writing a <service> tag as described in my original post. The only problem is where to define IDynamicActivity because I don#t have control over service interface created by re-hosted workflow designer. So I slept last night and one idea came into my mind. Why not I set IDynamicActivity interface name in ServiceContract during the design of the workflow service in re-hosted designer!!

    I did that and hurray!! all worked well. I was able to run the workflow over ssl. 

    Thanks anyway for your reply.


    NitinV

    Wednesday, May 09, 2012 10:33 AM
  • Another question in continuation of this series. I can see my endpoints listing now. When I click end point it does not show me the wsdl. Rather it asks me username/pwd prompt. On 3 attempt I've got a blank page though my domain windows credentials are completely correct.

    The workflow service is hosted in IIS7.0 over ssl with Windows Authentication enabled and Anonymous Authentication disabled. When I add IMetadataExchange endpoint in service, 

    <services>
          <service name="DynamicActivity">
            <endpoint address="" binding="wsHttpBinding" bindingConfiguration="WsBindingConfig" contract="IDynamicActivity" />
            <endpoint address="mex" binding="mexHttpsBinding" contract="IMetadataExchange" />
          </service>
        </services>

    I got following error...

    "The contract name 'IMetadataExchange' could not be found in the list of contracts implemented by the service DynamicActivity. Add a ServiceMetadataBehavior to the configuration file or to the ServiceHost directly to enable support for this contract."

    Any help in this would be greatly appreciated


    NitinV

    Thursday, May 10, 2012 9:53 AM
  • Remove IMetadataExchange point from config. Disable all authentication but only Windows Authentication in IIS and it should work now.

    NitinV

    • Marked as answer by nkvls Thursday, May 17, 2012 9:18 AM
    Thursday, May 17, 2012 9:18 AM