locked
Need desperate help with a WCF security issue. RRS feed

  • Question

  • I am having problems with my partial trust WPF talk to my WCF running on HTTPS. Below are my configs and error message.

    Client App.Config

    Code Snippet

    <configuration>

    <system.serviceModel>

    <bindings>

    <wsHttpBinding>

    <binding name="CustomBinding_IMySvc1" closeTimeout="00:01:00"

    openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00"

    bypassProxyOnLocal="false" transactionFlow="false" hostNameComparisonMode="StrongWildcard"

    maxBufferPoolSize="2097152" maxReceivedMessageSize="2097152"

    messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true"

    allowCookies="false">

    <readerQuotas maxDepth="32" maxStringContentLength="2097152"

    maxArrayLength="2097152" maxBytesPerRead="2097152" maxNameTableCharCount="2097152" />

    <reliableSession ordered="true" inactivityTimeout="00:10:00"

    enabled="false" />

    <security mode="None">

    <transport clientCredentialType="None" proxyCredentialType="None"

    realm="" />

    <message clientCredentialType="None" negotiateServiceCredential="false"

    establishSecurityContext="false" />

    </security>

    <binding>

    </wsHttpBinding>

    </bindings>

    <client>

    <endpoint address="https://MySite.com/MySvc.svc"

    binding="wsHttpBinding" bindingConfiguration="CustomBinding_IMySvc1"

    contract="EditSource.IMySvc" name="CustomBinding_IMySvc1">

    <identity>

    <dns value="localhost" />

    </identity>

    </endpoint>

    </client>

    </system.serviceModel>

    </configuration>

     

     

    Server Configuration Snippet:

    Code Snippet

    <system.serviceModel>

    <services>

    <service name="DataSource.MySvc"

    behaviorConfiguration="DataSource.MySvcBehavior">

    <endpoint address="https://MySite.com/MySvc.svc"

    binding="customBinding"

    bindingConfiguration="IMySvcConf"

    contract="DataSource.IMySvc" >

    <identity>

    <dns value="localhost"/>

    </identity>

    </endpoint>

    </service>

    </services>

    <bindings>

    <customBinding>

    <binding name="IMySvcConf">

    <httpsTransport/>

    </binding>

    </customBinding>

    </bindings>

    <behaviors>

    <serviceBehaviors>

    <behavior name="DataSource.MySvcBehavior">

    <serviceMetadata httpGetEnabled="false"

    httpsGetEnabled="true" />

    <serviceDebug includeExceptionDetailInFaults="true"/>

    </behavior>

    </serviceBehaviors>

    </behaviors>

    </system.serviceModel>

     

     

    Error message

    Code Snippet

    System.Security.SecurityException: Request for the permission of type 'System.Net.WebPermission, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.
       at System.Security.CodeAccessSecurityEngine.Check(Object demand, StackCrawlMark& stackMark, Boolean isPermSet)
       at System.Security.CodeAccessPermission.Demand()
       at System.Net.HttpWebRequest.set_DefaultMaximumErrorResponseLength(Int32 value)
       at System.ServiceModel.Channels.HttpChannelFactory.OnOpen(TimeSpan timeout)
       at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)
       at System.ServiceModel.Channels.ServiceChannelFactory.TypedServiceChannelFactory`1.OnOpen(TimeSpan timeout)
       at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)
       at System.ServiceModel.ChannelFactory.OnOpen(TimeSpan timeout)
       at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)
       at System.ServiceModel.ClientBase`1.System.ServiceModel.ICommunicationObject.Open(TimeSpan timeout)
       at System.ServiceModel.ClientBase`1.Open()
       at WPF.Editor..ctor()
    The action that failed was:
    Demand
    The type of the first permission that failed was:
    System.Net.WebPermission
    The Zone of the assembly that failed was:
    MyComputer

     

     

    I am debugging with the command arguments of

    Code Snippet

    -debug "C:\MyProject\bin\Debug\MySvc.xbap" -debugSecurityZoneUrl  https://MySite.com/

     

     

    Tuesday, February 26, 2008 11:56 PM

Answers

  • Using .NET 3.5 for WCF and WPF.

     

    I ended up switching to webservices, and solved the problem.

     

    It looks like WPF(browser application) in partial trust to WCF will work over HTTP but not HTTPS.

     

    Switching to webservices, I can run the webservices over HTTPS, and solve the problem.

     

     

    Thursday, February 28, 2008 9:29 PM

All replies

  • Since posting this, I have gone back to using HTTP, since I cannot get this to work with HTTPS.

     

    In the mean time, I still need to get this to work under HTTPS if I am going to pass Client security requirements.

    Wednesday, February 27, 2008 11:30 PM
  • Hi Brian,

     

    Are you using WCF 3.5 ?. WCF did not support partial trust environment in previous versions, WSHttpBinding with transport security should be now supported under partial trust, take a look at this document for more information, http://msdn2.microsoft.com/en-us/library/bb412186.aspx

     

    Regards,

    Pablo.

    Thursday, February 28, 2008 12:42 PM
  • Using .NET 3.5 for WCF and WPF.

     

    I ended up switching to webservices, and solved the problem.

     

    It looks like WPF(browser application) in partial trust to WCF will work over HTTP but not HTTPS.

     

    Switching to webservices, I can run the webservices over HTTPS, and solve the problem.

     

     

    Thursday, February 28, 2008 9:29 PM