none
WCF security mode set to none RRS feed

  • Question

  • Hi everyone, 

    I'm having a bit of trouble with the communication between server/client.

    It was working previously without changing the security modes and just using the default, now that I've added security mode = none I can access it from WCFTestClient from any computer but if I use my own client it fails to connect. 

    Just wondering if someone might be able to point out any errors in my config files

    I've read http://stackoverflow.com/questions/18622655/wcf-service-with-security-mode-none and a few other forums but I can't seem to get it working. 

    Any help would be greatly appreciated. 

    Thank-you. 

    EDIT: 

    Interestingly enough I can connect via the client that has the app.config REMOTELY only, cannot connect locally. WCFTestClient works for remote and local computers.  

    Service app.config

    <?xml version="1.0" encoding="utf-8"?>
    <configuration>
      <startup>
        <supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.5.2" />
      </startup>
      <appSettings>
        <add key="aspnet:UseTaskFriendlySynchronizationContext" value="true" />
        <add key="ClientSettingsProvider.ServiceUri" value="" />
      </appSettings>
      <system.serviceModel>
        
        <behaviors>
          <serviceBehaviors>
            <behavior name="debug">
              <serviceMetadata httpGetEnabled="false" httpsGetEnabled="false" />
              <serviceDebug includeExceptionDetailInFaults="true" />
            </behavior>
          </serviceBehaviors>
        </behaviors>
    	
        <services>
          <service name="Quafu_Service.QuafuCommsService" behaviorConfiguration="debug">
            <endpoint address="" binding="netTcpBinding" bindingConfiguration="netTcpBindingConfig" contract="QuafuWCFService.I_QuafuWCF">       
    
    	  <identity>
                <dns value="localhost" />
              </identity>
            </endpoint>
            <endpoint address="mex" binding="mexTcpBinding" bindingConfiguration="" contract="IMetadataExchange" />
            <host>
              <baseAddresses>
                <add baseAddress="net.tcp://bspwks004:8523/QuafuCommsService/" />
              </baseAddresses>
            </host>
          </service>
        </services>
    	
    	<bindings>
    		<netTcpBinding>
    			<binding name="netTcpBindingConfig" >
    				<security mode="None"> 
    					<transport clientCredentialType="None" />
    				</security>
    			</binding>
    		</netTcpBinding>
    	</bindings> 
      </system.serviceModel>
      
      <system.web>
    <membership defaultProvider="ClientAuthenticationMembershipProvider">
          <providers>
            <add name="ClientAuthenticationMembershipProvider" type="System.Web.ClientServices.Providers.ClientFormsAuthenticationMembershipProvider, System.Web.Extensions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" serviceUri="" />
          </providers>
        </membership>
        <roleManager defaultProvider="ClientRoleProvider" enabled="true">
          <providers>
            <add name="ClientRoleProvider" type="System.Web.ClientServices.Providers.ClientRoleProvider, System.Web.Extensions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" serviceUri="" cacheTimeout="86400" />
          </providers>
        </roleManager> 
      </system.web> 
      
    </configuration>

    Client app.config

    <?xml version="1.0" encoding="utf-8"?>
    <configuration>
      <startup>
        <supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.5.2" />
      </startup>
      <appSettings>
        <add key="aspnet:UseTaskFriendlySynchronizationContext" value="true" />
        <add key="ClientSettingsProvider.ServiceUri" value="" />
      </appSettings>
      
      <system.serviceModel>
    
        
        <client>
          <endpoint address="net.tcp://bspwks002:8523/QuafuCommsService/" binding="netTcpBinding" bindingConfiguration="NetTcpBinding_I_QuafuWCF" contract="QuafuWCFService.I_QuafuWCF" name="NetTcpBinding_I_QuafuWCF">
            <identity>
              <dns value="localhost" />
            </identity>
          </endpoint>
        </client>
    	
        <bindings>
          <netTcpBinding>
            <binding name="NetTcpBinding_I_QuafuWCF" sendTimeout="00:05:00">
    			<security mode="None">
                    <transport clientCredentialType="None" />		
    			</security>  
    		</binding> 
          </netTcpBinding>
        </bindings>
    	
      </system.serviceModel>
      <system.web>
      <membership defaultProvider="ClientAuthenticationMembershipProvider">
          <providers>
            <add name="ClientAuthenticationMembershipProvider" type="System.Web.ClientServices.Providers.ClientFormsAuthenticationMembershipProvider, System.Web.Extensions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" serviceUri="" />
          </providers>
        </membership>
        <roleManager defaultProvider="ClientRoleProvider" enabled="true">
          <providers>
            <add name="ClientRoleProvider" type="System.Web.ClientServices.Providers.ClientRoleProvider, System.Web.Extensions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" serviceUri="" cacheTimeout="86400" />
          </providers>
        </roleManager> 
      </system.web>
    </configuration>



    • Edited by BengBeng Tuesday, February 7, 2017 2:37 AM
    Tuesday, February 7, 2017 1:10 AM

All replies

  • Hi BengBeng,

    In my option, this issue is caused by <security mode="None"> at client side. If you generate client code from service reference, it would not generate security code in client side.

    Since you did not need security, I would suggest you remove it from client side.

    Best Regards,

    Edward


    MSDN Community Support
    Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.

    Tuesday, February 7, 2017 3:26 AM
  • Hi Edward, 

    Thank-you very much for the reply. 

    After removing it it seems like it defaults back to Windows authentication, as I am still able to connect to an older service on a different computer that has Windows authentication. But I am no longer able to connect to the new service that uses no security. 

    What's annoying is that for my settings WITH the <security mode="None"> on client side it had everything working EXCEPT connecting to a service that is local to the machine. (I could connect to the service remotely from a different machine). 

    Regards,

    Beng


    • Edited by BengBeng Tuesday, February 7, 2017 4:15 AM
    Tuesday, February 7, 2017 4:14 AM
  • Hi BengBeng,

    How did you host your service and add your service reference?

    I made a test with below steps and it works correctly with <security mode="None"> at client side.

    1. Create a WCF Service with your configuration

    2. Host it in IIS, and add net.tcp Protocols by Advanced settings->Enabled Protocols

    3. Add Service reference by “net.tcp://xx/WCFSecurityModeNone/WCFSecurityModeNone.svc/mex”

    //Auto Generated bindings
                <netTcpBinding>
                    <binding name="NetTcpBinding_IWCFSecurityModeNone">
                        <security mode="None" />
                    </binding>
                </netTcpBinding>

    If you made a test with above steps, will you reproduce this issue?

    After you change settings in service side, I would suggest you update your service reference at client side.

    Best Regards,

    Edward


    MSDN Community Support
    Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.

    Tuesday, February 7, 2017 5:23 AM
  • Hi Edward,

    My problem is identical to the one linked below, aside from the fact that I have disabled all security and am able to connect via WcfTestClient both remotely and locally. But using my own client I can only connect remotely but not locally. Is there a setting for me to edit that would cause the local connection to not work?

    https://social.msdn.microsoft.com/Forums/vstudio/en-US/9b00be2b-30dc-4e8f-b26f-89133906e9f3/wcf-server-and-client-security-issues?forum=wcf

    I'm not sure what you mean by service reference sorry, I'm very new to WCF and I am just editing someone else's code. 

    Regards,

    Beng



    • Edited by BengBeng Wednesday, February 8, 2017 12:19 AM
    Tuesday, February 7, 2017 10:35 PM
  • Just like to add that if I change the security mode to Transport everything works fine as long as I have the same usernames/pass on both machines. 
    Wednesday, February 8, 2017 12:43 AM
  • Hi BengBeng,

    >> I'm not sure what you mean by service reference sorry, I'm very new to WCF and I am just editing someone else's code.

    Do you mean you did not generated Client Service, and you just edit other’s Service code and client code?

    If so, I think you need to regenerate client code after you change service code. I suggest you refer the link below for adding service reference and use the service at client side.

    # Walkthrough: Creating a simple WCF Service in Windows Forms

    https://msdn.microsoft.com/en-us/library/bb386386.aspx

    Best Regards,

    Edward


    MSDN Community Support
    Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.

    Wednesday, February 8, 2017 2:06 AM
  • Sorry that still does not explain why it works remotely and can't connect locally for my own client but can connect remotely and locally with the WCFTestClient. 

    All I'm doing is editing the .config files for the client and service and restarting the service. 

    Thanks for your help anyway. 

    Wednesday, February 8, 2017 3:28 AM
  • Hi BengBeng,

    Have you followed above link to regenerate client code? Has it worked now? After changing Service code, you need to regenerate client code, I am not sure why it works for you remotely. It should not be. With WCFTestClient, it will generate client code automatically and it will use the new code every time.

    Best Regards,

    Edward


    MSDN Community Support
    Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.


    Wednesday, February 8, 2017 4:16 AM
  • Yes I removed my old app.config and added a service reference and a new app.config appeared. THe new app.config looks nearly identical to my orginal. Testing it still yielded the same error 

    I even tried copying the client code generated from WCFTestClient but I still couldn't connect locally (could connect remotely). 

    This is the newly regenerated client code as well as the service code. NOTE: If I remove the </security> elements from both client and service and reconnect everything works fine (however that would be Windows authentication, which I don't want) 

    Client
    
    <?xml version="1.0" encoding="utf-8" ?>
    <configuration>
        <system.diagnostics>
            <sources>
                <!-- This section defines the logging configuration for My.Application.Log -->
                <source name="DefaultSource" switchName="DefaultSwitch">
                    <listeners>
                        <add name="FileLog"/>
                        <!-- Uncomment the below section to write to the Application Event Log -->
                        <!--<add name="EventLog"/>-->
                    </listeners>
                </source>
            </sources>
            <switches>
                <add name="DefaultSwitch" value="Information" />
            </switches>
            <sharedListeners>
                <add name="FileLog"
                     type="Microsoft.VisualBasic.Logging.FileLogTraceListener, Microsoft.VisualBasic, Version=8.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL"
                     initializeData="FileLogWriter"/>
                <!-- Uncomment the below section and replace APPLICATION_NAME with the name of your application to write to the Application Event Log -->
                <!--<add name="EventLog" type="System.Diagnostics.EventLogTraceListener" initializeData="APPLICATION_NAME"/> -->
            </sharedListeners>
        </system.diagnostics>
        <system.serviceModel>
            <bindings>
                <netTcpBinding>
                    <binding name="NetTcpBinding_I_QuafuWCF">
                        <security mode="None" />
                    </binding>
                </netTcpBinding>
            </bindings>
            <client>
                <endpoint address="net.tcp://bswks008:8523/QuafuCommsService/"
                    binding="netTcpBinding" bindingConfiguration="NetTcpBinding_I_QuafuWCF"
                    contract="QuafuWCFService.I_QuafuWCF" name="NetTcpBinding_I_QuafuWCF">
                    <identity>
                        <dns value="localhost" />
                    </identity>
                </endpoint>
            </client>
        </system.serviceModel>
    </configuration>

    Service
    
    <?xml version="1.0" encoding="utf-8"?>
    <configuration>
      <startup>
        <supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.5.2" />
      </startup>
      <system.serviceModel>
        
        <behaviors>
          <serviceBehaviors>
            <behavior name="debug">
              <serviceMetadata httpGetEnabled="false" />
              <serviceDebug includeExceptionDetailInFaults="true"/>
            </behavior>
          </serviceBehaviors>
        </behaviors>
        
        <services>
          <service name="Quafu_Service.QuafuCommsService" behaviorConfiguration="debug">
            <endpoint address="" binding="netTcpBinding" bindingConfiguration="NetTcpBinding_I_QuafuWCF" contract="QuafuWCFService.I_QuafuWCF">
              <identity>
                <dns value="localhost" />
              </identity>
            </endpoint>
            <endpoint address="mex" binding="mexTcpBinding" bindingConfiguration="" contract="IMetadataExchange" />
            <host>
              <baseAddresses>
                <add baseAddress="net.tcp://BSPWKS004:8523/QuafuCommsService/" />
              </baseAddresses>
            </host>
          </service>
        </services>
        
    	    <bindings>
          <netTcpBinding>
            <binding name="NetTcpBinding_I_QuafuWCF" sendTimeout="00:05:00">
    			 <security mode="None">
              </security>
            </binding>
          </netTcpBinding>
        </bindings>
    	
      </system.serviceModel>
    </configuration>



    • Edited by BengBeng Wednesday, February 8, 2017 8:31 PM
    Wednesday, February 8, 2017 8:24 PM
  • Hi BengBeng,

    I suggest you follow below steps to check whether this issue still exist.

    1. Create a console application which is used to host WCF Service

    2. Add WCF Service to this console application

    3. Modify the app.config with your above configuration of Service

    4. Run your application to host the WCF Service

    5. Create a new console application which will consume the WCF Service

    6. Add Service Reference by net.tcp address of above Service

    7. Run your client to call WCF Service

    If this issue still exists, I suggest you share us above two projects through OneDrive, and then we will make a test.

    Best Regards,

    Edward


    MSDN Community Support
    Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.

    Thursday, February 9, 2017 1:59 AM