none
Windows Authentication for Wcf Service Application - fails with cryptic 500 error RRS feed

  • Question

  • Originally I posted this on the iis.net forum, but they felt this forum was a better place for it.

    To make a minimal reproduction of this problem, I setup a VM with Windows Server 2016 installed on it, and IIS version 10.0.14393.0. Then I compiled the simplest WCF Service Application I could make with Visual Studio 2017:

    using System;
    
    namespace WcfService1
    {
    	public class Service1 : IService1
    	{
    		public string GetData(int value)
    		{
    			return string.Format("You entered: {0}", value);
    		}
    	}
    }

    which has this Web.config currently:

    <?xml version="1.0" encoding="UTF-8"?>
    <configuration>
    
      <appSettings>
        <add key="aspnet:UseTaskFriendlySynchronizationContext" value="true" />
      </appSettings>
      <system.web>
        <compilation debug="true" targetFramework="4.6.2" />
        <httpRuntime targetFramework="4.6.2" />
            <identity impersonate="false" />
            <authentication mode="Windows" />
      </system.web>
      <system.serviceModel>
        <behaviors>
          <serviceBehaviors>
            <behavior>
              <!-- To avoid disclosing metadata information, set the values below to false before deployment -->
              <serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />
              <!-- To receive exception details in faults for debugging purposes, set the value below to true.  Set to false before deployment to avoid disclosing exception information -->
              <serviceDebug includeExceptionDetailInFaults="true" />
            </behavior>
          </serviceBehaviors>
        </behaviors>
        <protocolMapping>
            <add binding="basicHttpsBinding" scheme="https" />
        </protocolMapping>    
        <serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" />
      </system.serviceModel>
      <system.webServer>
        <modules runAllManagedModulesForAllRequests="true" />
        <!--
            To browse web app root directory during debugging, set the value below to true.
            Set to false before deployment to avoid disclosing web app folder information.
          -->
        <directoryBrowse enabled="true" />
            <handlers>
                <remove name="svc-ISAPI-2.0" />
                <remove name="svc-ISAPI-2.0-64" />
            </handlers>
      </system.webServer>
    
    </configuration>

    I added it as an application to the Default Web Site in IIS.

    Then I made the simplest client application I could for that service:

    using System;
    
    namespace ConsoleApp1
    {
    	class Program
    	{
    		static void Main(string[] args)
    		{
    			var s = new ServiceReference1.Service1Client();
    			Console.WriteLine("GetData(789) output: " + s.GetData(789));
    		}
    	}
    }

    and it has this App.config:

    <?xml version="1.0" encoding="utf-8"?>
    <configuration>
        <startup> 
            <supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.5.2"/>
        </startup>
        <system.serviceModel>
            <bindings>
                <basicHttpBinding>
    							<binding name="BasicHttpBinding_IService1">
    								<security mode="TransportCredentialOnly">
    									<transport clientCredentialType="Windows" proxyCredentialType="None" realm=""/>
    									<message clientCredentialType="UserName" algorithmSuite="Default"/>
    								</security>
    							</binding>
                </basicHttpBinding>
            </bindings>
            <client>
                <endpoint address="http://10.228.16.19/WcfService1/Service1.svc" binding="basicHttpBinding" bindingConfiguration="BasicHttpBinding_IService1" contract="ServiceReference1.IService1" name="BasicHttpBinding_IService1"/>
            </client>
        </system.serviceModel>
    </configuration>

    Note: I added that security node in configuration/system.serviceModel/bindings/basicHttpBinding/binding.

    I have installed the Windows Authentication role, and it along with Anonymous Authentication is enabled at the Server level, the Default Web Site level, and the WcfService1 level. When I run the client, it SUCCEEDS, the request is made and a response is received. However, if I then make one change - disable Anonymous Authentication in inetmgr for the WcfService1 application (so that Windows Authentication is the only authentication enabled) and run the client, I see (using Wireshark) that anonymous authentication is attempted, then NTLMSSP_NEGOTIATE, then NTLMSSP_CHALLENGE. The server finally responds with an HTTP 500 error.

    This causes the client to throw an exception like so:

    Unhandled Exception: System.ServiceModel.ServiceActivationException: The requested service, 'http://10.228.16.19/WcfService1/Service1.svc' could not be activated. See the server's diagnostic trace logs for more information.
    
    Server stack trace:
       at System.ServiceModel.Channels.HttpChannelUtilities.ValidateRequestReplyResponse(HttpWebRequest request, HttpWebResponse response, HttpChannelFactory`1 factory, WebException responseException, ChannelBinding channelBinding)
       at System.ServiceModel.Channels.HttpChannelFactory`1.HttpRequestChannel.HttpChannelRequest.WaitForReply(TimeSpan timeout)
       at System.ServiceModel.Channels.RequestChannel.Request(Message message, TimeSpan timeout)
       at System.ServiceModel.Dispatcher.RequestChannelBinder.Request(Message message, TimeSpan timeout)
       at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)
       at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)
       at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)
    
    Exception rethrown at [0]:
       at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)
       at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
       at ConsoleApp1.ServiceReference1.IService1.GetData(Int32 value)
       at ConsoleApp1.ServiceReference1.Service1Client.GetData(Int32 value) in C:\Users\someUser\Documents\Visual Studio Projects\WcfClient1\ConsoleApp1\Connected Services\ServiceReference1\Reference.cs:line 122
       at ConsoleApp1.Program.Main(String[] args) in C:\Users\someUser\Documents\Visual Studio Projects\WcfClient1\ConsoleApp1\Program.cs:line 10
    Press any key to continue . . .

    Hey, that error message says "See the server's diagnostic trace logs", so let's look at one them from C:\inetpub\logs\FailedReqLogFiles\W3SVC1:

    34.	NOTIFY_MODULE_START	ModuleName="WindowsAuthenticationModule", Notification="AUTHENTICATE_REQUEST", fIsPostNotification="false"	20:03:38.214
    35.	AUTH_START	AuthTypeSupported="NT"	20:03:38.214
    36.	AUTH_REQUEST_AUTH_TYPE	RequestAuthType="NT"	20:03:38.214
    37.	AUTH_SUCCEEDED	AuthType="NT", NTLMUsed="true", RemoteUserName="someDomain\someUser", AuthUserName="someDomain\someUser", TokenImpersonationLevel="ImpersonationIdentify"	20:03:38.214
    38.	USER_SET	AuthType="Negotiate", UserName="someDomain\someUser", SupportsIsInRole="false"	20:03:38.214
    39.	AUTH_END		20:03:38.214
    40.	NOTIFY_MODULE_END	ModuleName="WindowsAuthenticationModule", Notification="AUTHENTICATE_REQUEST", fIsPostNotificationEvent="false", NotificationStatus="NOTIFICATION_CONTINUE"	20:03:38.214
    41.	NOTIFY_MODULE_START	ModuleName="WindowsAuthentication", Notification="AUTHENTICATE_REQUEST", fIsPostNotification="false"	20:03:38.214
    42.	AspNetStart	Data1="POST", Data2="/WcfService1/Service1.svc", Data3=""	20:03:38.214
    43.	AspNetAppDomainEnter	Data1="/LM/W3SVC/1/ROOT/WcfService1-2-131608658180117232"	20:03:38.214
    44.	AspNetStartHandler	Data1="System.Web.HttpApplication", Data2="Start"	20:03:38.214
    45.	AspNetPipelineEnter	Data1="System.Web.Security.WindowsAuthenticationModule"	20:03:38.214
    46.	AspNetPipelineLeave	Data1="System.Web.Security.WindowsAuthenticationModule"	20:03:38.214
    47.	NOTIFY_MODULE_END	ModuleName="WindowsAuthentication", Notification="AUTHENTICATE_REQUEST", fIsPostNotificationEvent="false", NotificationStatus="NOTIFICATION_CONTINUE"	20:03:38.214
    48.	NOTIFY_MODULE_START	ModuleName="ScriptModule-4.0", Notification="AUTHENTICATE_REQUEST", fIsPostNotification="false"	20:03:38.214
    49.	AspNetPipelineEnter	Data1="System.Web.Handlers.ScriptModule"	20:03:38.214
    50.	AspNetPipelineLeave	Data1="System.Web.Handlers.ScriptModule"	20:03:38.214
    51.	NOTIFY_MODULE_END	ModuleName="ScriptModule-4.0", Notification="AUTHENTICATE_REQUEST", fIsPostNotificationEvent="false", NotificationStatus="NOTIFICATION_CONTINUE"	20:03:38.214
    52.	NOTIFY_MODULE_START	ModuleName="AnonymousAuthenticationModule", Notification="AUTHENTICATE_REQUEST", fIsPostNotification="false"	20:03:38.214
    53.	NOTIFY_MODULE_END	ModuleName="AnonymousAuthenticationModule", Notification="AUTHENTICATE_REQUEST", fIsPostNotificationEvent="false", NotificationStatus="NOTIFICATION_CONTINUE"	20:03:38.214
    54.	NOTIFY_MODULE_START	ModuleName="IsapiFilterModule", Notification="AUTHENTICATE_REQUEST", fIsPostNotification="true"	20:03:38.214
    55.	FILTER_AUTH_COMPLETE_START		20:03:38.214
    56.	FILTER_AUTH_COMPLETE_END		20:03:38.214
    57.	NOTIFY_MODULE_END	ModuleName="IsapiFilterModule", Notification="AUTHENTICATE_REQUEST", fIsPostNotificationEvent="true", NotificationStatus="NOTIFICATION_CONTINUE"	20:03:38.214
    58.	NOTIFY_MODULE_START	ModuleName="DefaultAuthentication", Notification="AUTHENTICATE_REQUEST", fIsPostNotification="true"	20:03:38.214
    59.	AspNetPipelineEnter	Data1="System.Web.Security.DefaultAuthenticationModule"	20:03:38.214
    60.	AspNetPipelineLeave	Data1="System.Web.Security.DefaultAuthenticationModule"	20:03:38.214
    61.	NOTIFY_MODULE_END	ModuleName="DefaultAuthentication", Notification="AUTHENTICATE_REQUEST", fIsPostNotificationEvent="true", NotificationStatus="NOTIFICATION_CONTINUE"	20:03:38.214
    62.	NOTIFY_MODULE_START	ModuleName="ServiceModel-4.0", Notification="AUTHENTICATE_REQUEST", fIsPostNotification="true"	20:03:38.214
    63.	AspNetPipelineEnter	Data1="System.ServiceModel.Activation.ServiceHttpModule"	20:03:38.214
    64.	AspNetPipelineLeave	Data1="System.ServiceModel.Activation.ServiceHttpModule"	20:03:38.214
    65.	NOTIFY_MODULE_END	ModuleName="ServiceModel-4.0", Notification="AUTHENTICATE_REQUEST", fIsPostNotificationEvent="true", NotificationStatus="NOTIFICATION_CONTINUE"	20:03:38.214
    66.	NOTIFY_MODULE_START	ModuleName="UrlAuthorizationModule", Notification="AUTHORIZE_REQUEST", fIsPostNotification="false"	20:03:38.214
    67.	NOTIFY_MODULE_END	ModuleName="UrlAuthorizationModule", Notification="AUTHORIZE_REQUEST", fIsPostNotificationEvent="false", NotificationStatus="NOTIFICATION_CONTINUE"	20:03:38.214
    68.	NOTIFY_MODULE_START	ModuleName="UrlAuthorization", Notification="AUTHORIZE_REQUEST", fIsPostNotification="false"	20:03:38.214
    69.	AspNetPipelineEnter	Data1="System.Web.Security.UrlAuthorizationModule"	20:03:38.214
    70.	AspNetPipelineLeave	Data1="System.Web.Security.UrlAuthorizationModule"	20:03:38.214
    71.	NOTIFY_MODULE_END	ModuleName="UrlAuthorization", Notification="AUTHORIZE_REQUEST", fIsPostNotificationEvent="false", NotificationStatus="NOTIFICATION_CONTINUE"	20:03:38.214
    72.	NOTIFY_MODULE_START	ModuleName="FileAuthorization", Notification="AUTHORIZE_REQUEST", fIsPostNotification="false"	20:03:38.214
    73.	AspNetPipelineEnter	Data1="System.Web.Security.FileAuthorizationModule"	20:03:38.214
    74.	AspNetPipelineLeave	Data1="System.Web.Security.FileAuthorizationModule"	20:03:38.214
    75.	NOTIFY_MODULE_END	ModuleName="FileAuthorization", Notification="AUTHORIZE_REQUEST", fIsPostNotificationEvent="false", NotificationStatus="NOTIFICATION_CONTINUE"	20:03:38.214
    76.	NOTIFY_MODULE_START	ModuleName="HttpCacheModule", Notification="RESOLVE_REQUEST_CACHE", fIsPostNotification="false"	20:03:38.214
    77.	OUTPUT_CACHE_LOOKUP_START		20:03:38.214
    78.	OUTPUT_CACHE_LOOKUP_END	Result="NOT_FOUND"	20:03:38.214
    79.	NOTIFY_MODULE_END	ModuleName="HttpCacheModule", Notification="RESOLVE_REQUEST_CACHE", fIsPostNotificationEvent="false", NotificationStatus="NOTIFICATION_CONTINUE"	20:03:38.214
    80.	NOTIFY_MODULE_START	ModuleName="OutputCache", Notification="RESOLVE_REQUEST_CACHE", fIsPostNotification="false"	20:03:38.214
    81.	AspNetPipelineEnter	Data1="System.Web.Caching.OutputCacheModule"	20:03:38.214
    82.	AspNetPipelineLeave	Data1="System.Web.Caching.OutputCacheModule"	20:03:38.214
    83.	NOTIFY_MODULE_END	ModuleName="OutputCache", Notification="RESOLVE_REQUEST_CACHE", fIsPostNotificationEvent="false", NotificationStatus="NOTIFICATION_CONTINUE"	20:03:38.214
    84.	NOTIFY_MODULE_START	ModuleName="UrlRoutingModule-4.0", Notification="RESOLVE_REQUEST_CACHE", fIsPostNotification="true"	20:03:38.214
    85.	AspNetPipelineEnter	Data1="System.Web.Routing.UrlRoutingModule"	20:03:38.214
    86.	AspNetPipelineLeave	Data1="System.Web.Routing.UrlRoutingModule"	20:03:38.214
    87.	NOTIFY_MODULE_END	ModuleName="UrlRoutingModule-4.0", Notification="RESOLVE_REQUEST_CACHE", fIsPostNotificationEvent="true", NotificationStatus="NOTIFICATION_CONTINUE"	20:03:38.214
    88.	NOTIFY_MODULE_START	ModuleName="StaticCompressionModule", Notification="MAP_REQUEST_HANDLER", fIsPostNotification="false"	20:03:38.214
    89.	NOTIFY_MODULE_END	ModuleName="StaticCompressionModule", Notification="MAP_REQUEST_HANDLER", fIsPostNotificationEvent="false", NotificationStatus="NOTIFICATION_CONTINUE"	20:03:38.214
    90.	NOTIFY_MODULE_START	ModuleName="ManagedPipelineHandler", Notification="MAP_REQUEST_HANDLER", fIsPostNotification="false"	20:03:38.214
    91.	AspNetMapHandlerEnter		20:03:38.214
    92.	AspNetMapHandlerLeave		20:03:38.214
    93.	NOTIFY_MODULE_END	ModuleName="ManagedPipelineHandler", Notification="MAP_REQUEST_HANDLER", fIsPostNotificationEvent="false", NotificationStatus="NOTIFICATION_CONTINUE"	20:03:38.214
    94.	NOTIFY_MODULE_START	ModuleName="Session", Notification="REQUEST_ACQUIRE_STATE", fIsPostNotification="false"	20:03:38.214
    95.	AspNetPipelineEnter	Data1="System.Web.SessionState.SessionStateModule"	20:03:38.214
    96.	AspNetSessionDataBegin		20:03:38.214
    97.	AspNetSessionDataEnd		20:03:38.214
    98.	AspNetPipelineLeave	Data1="System.Web.SessionState.SessionStateModule"	20:03:38.214
    99.	NOTIFY_MODULE_END	ModuleName="Session", Notification="REQUEST_ACQUIRE_STATE", fIsPostNotificationEvent="false", NotificationStatus="NOTIFICATION_CONTINUE"	20:03:38.214
    100.	NOTIFY_MODULE_START	ModuleName="Profile", Notification="REQUEST_ACQUIRE_STATE", fIsPostNotification="false"	20:03:38.214
    101.	AspNetPipelineEnter	Data1="System.Web.Profile.ProfileModule"	20:03:38.214
    102.	AspNetPipelineLeave	Data1="System.Web.Profile.ProfileModule"	20:03:38.214
    103.	NOTIFY_MODULE_END	ModuleName="Profile", Notification="REQUEST_ACQUIRE_STATE", fIsPostNotificationEvent="false", NotificationStatus="NOTIFICATION_CONTINUE"	20:03:38.214
    104.	NOTIFY_MODULE_START	ModuleName="ScriptModule-4.0", Notification="REQUEST_ACQUIRE_STATE", fIsPostNotification="true"	20:03:38.214
    105.	AspNetPipelineEnter	Data1="System.Web.Handlers.ScriptModule"	20:03:38.214
    106.	AspNetPipelineLeave	Data1="System.Web.Handlers.ScriptModule"	20:03:38.214
    107.	NOTIFY_MODULE_END	ModuleName="ScriptModule-4.0", Notification="REQUEST_ACQUIRE_STATE", fIsPostNotificationEvent="true", NotificationStatus="NOTIFICATION_CONTINUE"	20:03:38.214
    108.	NOTIFY_MODULE_START	ModuleName="ManagedPipelineHandler", Notification="EXECUTE_REQUEST_HANDLER", fIsPostNotification="false"	20:03:38.214
    109.	GENERAL_READ_ENTITY_START		20:03:38.214
    110.	GENERAL_READ_ENTITY_END	BytesReceived="159", ErrorCode="The operation completed successfully.
     (0x0)"	20:03:38.214
    111.	GENERAL_REQUEST_ENTITY	Buffer="<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/"><s:Body><GetData xmlns="http://tempuri.org/"><value>789</value></GetData></s:Body></s:Envelope>"	20:03:38.214
    112.	NOTIFY_MODULE_COMPLETION	ModuleName="ManagedPipelineHandler", Notification="EXECUTE_REQUEST_HANDLER", fIsPostNotificationEvent="false", CompletionBytes="159", ErrorCode="The operation completed successfully.
     (0x0)"	20:03:38.214
    113.	AspNetPipelineEnter	Data1="System.Web.ImplicitAsyncPreloadModule"	20:03:38.214
    114.	AspNetPipelineLeave	Data1="System.Web.ImplicitAsyncPreloadModule"	20:03:38.214
    115.	AspNetHttpHandlerEnter		20:03:38.214
    116.	GENERAL_SET_RESPONSE_HEADER	HeaderName="Cache-Control", HeaderValue="private", Replace="true"	20:03:38.245
    117.	GENERAL_SET_RESPONSE_HEADER	HeaderName="X-AspNet-Version", HeaderValue="4.0.30319", Replace="true"	20:03:38.245
    118.	AspNetHttpHandlerLeave		20:03:38.245
    119.	MODULE_SET_RESPONSE_ERROR_STATUS
    Warning	ModuleName="ManagedPipelineHandler", Notification="EXECUTE_REQUEST_HANDLER", HttpStatus="500", HttpReason="System.ServiceModel.ServiceActivationException", HttpSubStatus="0", ErrorCode="The operation completed successfully.
     (0x0)", ConfigExceptionInfo=""	20:03:38.245
    120.	NOTIFY_MODULE_COMPLETION	ModuleName="ManagedPipelineHandler", Notification="EXECUTE_REQUEST_HANDLER", fIsPostNotificationEvent="false", CompletionBytes="0", ErrorCode="The operation completed successfully.
     (0x0)"	20:03:38.245
    121.	NOTIFY_MODULE_END	ModuleName="ManagedPipelineHandler", Notification="EXECUTE_REQUEST_HANDLER", fIsPostNotificationEvent="false", NotificationStatus="NOTIFICATION_CONTINUE"	20:03:38.245
    122.	NOTIFY_MODULE_START	ModuleName="Session", Notification="RELEASE_REQUEST_STATE", fIsPostNotification="false"	20:03:38.245
    123.	AspNetPipelineEnter	Data1="System.Web.SessionState.SessionStateModule"	20:03:38.245
    124.	AspNetPipelineLeave	Data1="System.Web.SessionState.SessionStateModule"	20:03:38.245
    125.	NOTIFY_MODULE_END	ModuleName="Session", Notification="RELEASE_REQUEST_STATE", fIsPostNotificationEvent="false", NotificationStatus="NOTIFICATION_CONTINUE"	20:03:38.245
    126.	NOTIFY_MODULE_START	ModuleName="AspNetFilterModule", Notification="UPDATE_REQUEST_CACHE", fIsPostNotification="false"	20:03:38.245
    127.	NOTIFY_MODULE_END	ModuleName="AspNetFilterModule", Notification="UPDATE_REQUEST_CACHE", fIsPostNotificationEvent="false", NotificationStatus="NOTIFICATION_CONTINUE"	20:03:38.245
    128.	NOTIFY_MODULE_START	ModuleName="HttpCacheModule", Notification="UPDATE_REQUEST_CACHE", fIsPostNotification="false"	20:03:38.245
    129.	OUTPUT_CACHE_UPDATE_START	CachePolicy="NO_CACHE", TimeToLive="0"	20:03:38.245
    130.	OUTPUT_CACHE_UPDATE_END	Result="VERB_NOT_GET"	20:03:38.245
    131.	NOTIFY_MODULE_END	ModuleName="HttpCacheModule", Notification="UPDATE_REQUEST_CACHE", fIsPostNotificationEvent="false", NotificationStatus="NOTIFICATION_CONTINUE"	20:03:38.245
    132.	NOTIFY_MODULE_START	ModuleName="OutputCache", Notification="UPDATE_REQUEST_CACHE", fIsPostNotification="false"	20:03:38.245
    133.	AspNetPipelineEnter	Data1="System.Web.Caching.OutputCacheModule"	20:03:38.245
    134.	AspNetPipelineLeave	Data1="System.Web.Caching.OutputCacheModule"	20:03:38.245
    135.	NOTIFY_MODULE_END	ModuleName="OutputCache", Notification="UPDATE_REQUEST_CACHE", fIsPostNotificationEvent="false", NotificationStatus="NOTIFICATION_CONTINUE"	20:03:38.245
    136.	NOTIFY_MODULE_START	ModuleName="CustomLoggingModule", Notification="LOG_REQUEST", fIsPostNotification="false"	20:03:38.245
    137.	NOTIFY_MODULE_END	ModuleName="CustomLoggingModule", Notification="LOG_REQUEST", fIsPostNotificationEvent="false", NotificationStatus="NOTIFICATION_CONTINUE"	20:03:38.245
    138.	NOTIFY_MODULE_START	ModuleName="Profile", Notification="END_REQUEST", fIsPostNotification="false"	20:03:38.245
    139.	AspNetPipelineEnter	Data1="System.Web.Profile.ProfileModule"	20:03:38.245
    140.	AspNetPipelineLeave	Data1="System.Web.Profile.ProfileModule"	20:03:38.245
    141.	NOTIFY_MODULE_END	ModuleName="Profile", Notification="END_REQUEST", fIsPostNotificationEvent="false", NotificationStatus="NOTIFICATION_CONTINUE"	20:03:38.245
    142.	NOTIFY_MODULE_START	ModuleName="ScriptModule-4.0", Notification="END_REQUEST", fIsPostNotification="false"	20:03:38.245
    143.	AspNetPipelineEnter	Data1="System.Web.Handlers.ScriptModule"	20:03:38.245
    144.	AspNetPipelineLeave	Data1="System.Web.Handlers.ScriptModule"	20:03:38.245
    145.	AspNetEndHandler		20:03:38.245
    146.	NOTIFY_MODULE_END	ModuleName="ScriptModule-4.0", Notification="END_REQUEST", fIsPostNotificationEvent="false", NotificationStatus="NOTIFICATION_CONTINUE"	20:03:38.245
    147.	NOTIFY_MODULE_START	ModuleName="WebSocketModule", Notification="END_REQUEST", fIsPostNotification="true"	20:03:38.245
    148.	NOTIFY_MODULE_END	ModuleName="WebSocketModule", Notification="END_REQUEST", fIsPostNotificationEvent="true", NotificationStatus="NOTIFICATION_CONTINUE"	20:03:38.245
    149.	NOTIFY_MODULE_START	ModuleName="ApplicationInitializationModule", Notification="SEND_RESPONSE", fIsPostNotification="false"	20:03:38.245
    150.	NOTIFY_MODULE_END	ModuleName="ApplicationInitializationModule", Notification="SEND_RESPONSE", fIsPostNotificationEvent="false", NotificationStatus="NOTIFICATION_CONTINUE"	20:03:38.245
    151.	NOTIFY_MODULE_START	ModuleName="WebSocketModule", Notification="SEND_RESPONSE", fIsPostNotification="false"	20:03:38.245
    152.	NOTIFY_MODULE_END	ModuleName="WebSocketModule", Notification="SEND_RESPONSE", fIsPostNotificationEvent="false", NotificationStatus="NOTIFICATION_CONTINUE"	20:03:38.245
    153.	NOTIFY_MODULE_START	ModuleName="WindowsAuthenticationModule", Notification="SEND_RESPONSE", fIsPostNotification="false"	20:03:38.245
    154.	GENERAL_SET_RESPONSE_HEADER	HeaderName="Persistent-Auth", HeaderValue="true", Replace="false"	20:03:38.245
    155.	NOTIFY_MODULE_END	ModuleName="WindowsAuthenticationModule", Notification="SEND_RESPONSE", fIsPostNotificationEvent="false", NotificationStatus="NOTIFICATION_CONTINUE"	20:03:38.245
    156.	NOTIFY_MODULE_START	ModuleName="ProtocolSupportModule", Notification="SEND_RESPONSE", fIsPostNotification="false"	20:03:38.245
    157.	GENERAL_SET_RESPONSE_HEADER	HeaderName="X-Powered-By", HeaderValue="ASP.NET", Replace="false"	20:03:38.245
    158.	NOTIFY_MODULE_END	ModuleName="ProtocolSupportModule", Notification="SEND_RESPONSE", fIsPostNotificationEvent="false", NotificationStatus="NOTIFICATION_CONTINUE"	20:03:38.245
    159.	NOTIFY_MODULE_START	ModuleName="IsapiFilterModule", Notification="SEND_RESPONSE", fIsPostNotification="false"	20:03:38.245
    160.	NOTIFY_MODULE_END	ModuleName="IsapiFilterModule", Notification="SEND_RESPONSE", fIsPostNotificationEvent="false", NotificationStatus="NOTIFICATION_CONTINUE"	20:03:38.245
    161.	NOTIFY_MODULE_START	ModuleName="HttpCacheModule", Notification="SEND_RESPONSE", fIsPostNotification="false"	20:03:38.245
    162.	NOTIFY_MODULE_END	ModuleName="HttpCacheModule", Notification="SEND_RESPONSE", fIsPostNotificationEvent="false", NotificationStatus="NOTIFICATION_CONTINUE"	20:03:38.245
    163.	NOTIFY_MODULE_START	ModuleName="HttpLoggingModule", Notification="SEND_RESPONSE", fIsPostNotification="false"	20:03:38.245
    164.	NOTIFY_MODULE_END	ModuleName="HttpLoggingModule", Notification="SEND_RESPONSE", fIsPostNotificationEvent="false", NotificationStatus="NOTIFICATION_CONTINUE"	20:03:38.245
    165.	NOTIFY_MODULE_START	ModuleName="IsapiModule", Notification="SEND_RESPONSE", fIsPostNotification="false"	20:03:38.245
    166.	NOTIFY_MODULE_END	ModuleName="IsapiModule", Notification="SEND_RESPONSE", fIsPostNotificationEvent="false", NotificationStatus="NOTIFICATION_CONTINUE"	20:03:38.245
    167.	NOTIFY_MODULE_START	ModuleName="CustomErrorModule", Notification="SEND_RESPONSE", fIsPostNotification="false"	20:03:38.245
    168.	GENERAL_NOT_SEND_CUSTOM_ERROR	Reason="SETSTATUS_TRYSKIP"	20:03:38.245
    169.	NOTIFY_MODULE_END	ModuleName="CustomErrorModule", Notification="SEND_RESPONSE", fIsPostNotificationEvent="false", NotificationStatus="NOTIFICATION_CONTINUE"	20:03:38.245
    170.	HTTPSYS_CACHEABLE	HttpsysCacheable="false", Reason="VERB_NOT_GET", CachePolicy="NO_CACHE", TimeToLive="0"	20:03:38.245
    171.	GENERAL_FLUSH_RESPONSE_START		20:03:38.245
    172.	GENERAL_RESPONSE_HEADERS	Headers="Cache-Control: private
    Server: Microsoft-IIS/10.0
    X-AspNet-Version: 4.0.30319
    Persistent-Auth: true
    X-Powered-By: ASP.NET
    "	20:03:38.245
    173.	GENERAL_FLUSH_RESPONSE_END	BytesSent="246", ErrorCode="The operation completed successfully.
     (0x0)"	20:03:38.245
    174.	GENERAL_REQUEST_END	BytesSent="246", BytesReceived="1103", HttpStatus="500", HttpSubStatus="0"	20:03:38.245

    That entry #37 says "AUTH_SUCCEEDED", but then later on in entry #119 it says there's a Warning (on the html rendered version of the xml log). The ErrorCode for that entry is "The operation completed successfully (0x0)". That doesn't sound like an error to me, but at the end it decides to return an HttpStatus="500", so I guess there is a problem that I can't see.

    If anyone knows what I'm missing to make Windows Authentication work, that would be appreciated. Other acceptable answers might be how to remedy Windows-Authentication-induced-trichotillomania before I go bald.

    Friday, January 19, 2018 11:28 PM

Answers

  • I was able to find a solution. Using the exact same code/configuration as originally provided for the client application, the same code for the web service, but a different web.config for the service. The only thing that needed to change was the Web.config file.

    Here's the new web.config:

    <?xml version="1.0" encoding="UTF-8"?>
    <configuration>
    	<appSettings>
    		<add key="aspnet:UseTaskFriendlySynchronizationContext" value="true" />
    	</appSettings>
    	<system.web>
    		<compilation debug="true" targetFramework="4.6.2" />
    		<httpRuntime targetFramework="4.6.2" />
    		<identity impersonate="false" />
    		<authentication mode="Windows" />
    		<!-- add rules here about which domain users to allow
    		<authorization>
    				<allow users="SomeDomain\Some.User" />
    				<deny users="*"/>
    		</authorization>
    		-->
    	</system.web>
    	<system.serviceModel>
    		<behaviors>
    			<serviceBehaviors>
    				<behavior name="ServiceBehavior" >
    					<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />
    					<serviceDebug includeExceptionDetailInFaults="true" />
    				</behavior>
    			</serviceBehaviors>
    		</behaviors>
    		<protocolMapping>
    			<add scheme="http" binding="basicHttpBinding" bindingConfiguration="HttpBinding" />
    		</protocolMapping>
    		<serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" />
    		<bindings>
    			<basicHttpBinding>
    				<binding name="HttpBinding">
    					<security mode="TransportCredentialOnly">
    						<transport clientCredentialType="Windows" />
    					</security>
    				</binding>
    			</basicHttpBinding>
    		</bindings>
    	</system.serviceModel>
    	<system.webServer>
    		<modules runAllManagedModulesForAllRequests="true" />
    		<handlers>
    			<remove name="svc-ISAPI-2.0" />
    			<remove name="svc-ISAPI-2.0-64" />
    		</handlers>
    	</system.webServer>
    </configuration>
    

    The key change was to the configuration/system.serviceModel/protocolMapping/add node for http - in it I added a bindingConfiguration="HttpBinding" tag - which then corresponds to a node with that name in bindings/basicHttpBinding/binding - which indicates to use TransportCredentialsOnly and credential type of Windows. Originally, I had no bindings node provided. So that was my problem.

    • Marked as answer by Ansssss Friday, February 2, 2018 4:39 PM
    Friday, February 2, 2018 4:36 PM

All replies

  • Hi Ansssss,

    Based on your description, it seems you want to enable Windows Authentication, if so, you need to set it at WCF Service instead of changing app.config at client side.

    You could refer the link below for step by step.

    # How to: Use basicHttpBinding with Windows Authentication and TransportCredentialOnly in WCF from Windows Forms

    https://msdn.microsoft.com/en-us/library/ff648505.aspx

    Best Regards,

    Tao Zhou


    MSDN Community Support
    Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.

    Monday, January 22, 2018 2:17 AM
  • The 500 error means that the Web service through an exception that was unhandled, the Web server swallowed the exception and through the 500 error. You need to debug the service to find out what the exception being thrown is about.
    Tuesday, January 23, 2018 4:25 PM
  • The 500 error means that the Web service through an exception that was unhandled, the Web server swallowed the exception and through the 500 error. You need to debug the service to find out what the exception being thrown is about.

    You can get some very detailed trace information with System Diagnostics, by adding this section to your config file:

    <system.diagnostics>

        <sources>
          <source name="System.ServiceModel" switchValue="Information, ActivityTracing" propagateActivity="true">
            <listeners>
              <add name="traceListener" type="System.Diagnostics.XmlWriterTraceListener" initializeData="c:\temp\ServiceTraceLog.svclog"/>
            </listeners>
          </source>
        </sources>
      </system.diagnostics>

    Wednesday, January 24, 2018 5:56 PM
  • When you say "adding this section to your config file", do you mean to put the system.diagnostics node as a child of the root node (configuration) of the Web.config file? Or does it need to be a child of some other node?
    Friday, January 26, 2018 4:47 PM
  • Hi Anssss,

    For "system.diagnostics", you could add the node as a child of root node, and you could add it to the client and service configuration.

    Do you have any trouble to follow the link which is provided in my prevous reply?

    Best Regards,

    Tao Zhou


    MSDN Community Support
    Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.

    Monday, January 29, 2018 3:11 AM
  • Tao Zhou, I went to the link you previously provided (https://msdn.microsoft.com/en-us/library/ff648505.aspx). However, the tutorial there is flawed. The instructions cannot be completed.

    When doing Step 2, I see that there is no Service node in the Microsoft Service Configuration Editor's left pane (Configuration pane). There is a "Services" node, but no "Service" node. Even if I expand the Services node, there is not an Endpoints node under it:

    Monday, January 29, 2018 7:22 PM
  • Why don't you just keep it simple and use a try/catch on the service side and an the very least just log the error to a text file of use something like Log4Net.

    My example is using a response object to send the error over the WCF service boundary back to the client where it is checked, which is more generic, just send any exception back to the client. in a response object..

    It's kind of like what it happening in the link.

    https://msdn.microsoft.com/en-us/library/ee942778.aspx

    <copied>

    Rather than throw .NET exceptions, you can throw strongly typed SOAP faults. To do that, you first create classes that represent faults. The properties of these classes can store detailed information about the faults. You then add these classes to the service’s data contract. Finally, you use the FaultContractAttribute to identify which operations can throw which SOAP fault.

    <end>

    You have to know how to do proper error handling when working with services, regardless of how it is done. 

    namespace Entities
    {
        public class DTOResponse
        {
            public string Message { get; set; }
            public string StackTrace { get; set; }
            public string InnerException { get; set; }
        }
    }
    
    ---------------------------------------------------
    
    using System;
    using System.Collections.Generic;
    using System.Runtime.Serialization;
    
    namespace Entities
    {
       [DataContract] 
        public class DTOStudent
        {
            
            private DTOResponse dtor = new DTOResponse();
    
            [DataMember]
            public Int32 StudentID { get; set; }
    
            [DataMember]
            public string LastName { get; set; }
    
            [DataMember]
            public string FirstName { get; set; }
    
            [DataMember]
            public DateTime? EnrollmentDate { get; set; }
    
            [DataMember]
            public virtual ICollection<DTOEnrollandCourse> EnrollsandCourses { get; set; }
    
            [DataMember]
            public DTOResponse DtoResponse
            {
                get { return dtor; }
                set { dtor = value; }
            } 
        }
    }
    
    ---------------------------------------
    
    using System;
    using System.Collections.Generic;
    using System.Linq;
    using Entities;
    
    namespace ServiceLayer
    {
        public class ServiceA : IServiceA
        {
            public List<DTOStudent> GetStudents()
            {
                var dtos = new List<DTOStudent>();
    
                var client = new WCFServiceReference1.Service1Client();
    
                dtos = client.GetStudents().ToList();
                 
                if (dtos[0].DtoResponse.Message != null)
                {
                    throw new Exception(dtos[0].DtoResponse.Message + " " + dtos[0].DtoResponse.InnerException
                        + " " + dtos[0].DtoResponse.StackTrace);
                }
    
                return dtos;
            }
    
            public DTOStudent GetStudentById(Int32 id)
            {
                var client = new WCFServiceReference1.Service1Client();
    
               var dto = client.GetStudentById(id);
    
                if (dto.DtoResponse.Message != null)
                {
                    throw new Exception(dto.DtoResponse.Message + " " + dto.DtoResponse.InnerException
                        + " " + dto.DtoResponse.StackTrace);
                }
    
                return dto;
            }
            public void CreateStudent(DTOStudent dto)
            {
                var client = new WCFServiceReference1.Service1Client();
    
                var dtor = client.CreateStudent(dto);
    
                if (dtor != null)
                {
                    throw new Exception(dtor.DtoResponse.Message + " " + dtor.DtoResponse.InnerException
                        + " " + dtor.DtoResponse.StackTrace);
                }
            }
            public void UpdateStudent(DTOStudent dto)
            {
                var client = new WCFServiceReference1.Service1Client();
    
                var dtor = client.UpdateStudent(dto);
    
                if (dtor != null)
                {
                    throw new Exception(dtor.DtoResponse.Message + " " + dtor.DtoResponse.InnerException
                        + " " + dtor.DtoResponse.StackTrace);
                }
            }
            public void DeleteStudent(Int32 id)
            {
                var client = new WCFServiceReference1.Service1Client();
    
                var dtor = client.DeleteStudent(id);
    
                if (dtor != null)
                {
                    throw new Exception(dtor.DtoResponse.Message + " " + dtor.DtoResponse.InnerException
                        + " " + dtor.DtoResponse.StackTrace);
                }
            }
            public DTOEnrollment GetEnrollmentById(Int32 id)
            {
                var client = new WCFServiceReference1.Service1Client();
    
                return client.GetEnrollmentById(id);
            }
            public List<DTOEnrollment> GetEnrollments()
            {
                var dtos = new List<DTOEnrollment>();
    
                var client = new WCFServiceReference1.Service1Client();
    
                dtos = client.GetEnrollments().ToList();
    
                return dtos;
            }
            public void CreateEnrollment(DTOEnrollment dto)
            {
                var client = new WCFServiceReference1.Service1Client();
                client.CreateEnrollment(dto);
            }
            public void UpdateEnrollment(DTOEnrollment dto)
            {
                var client = new WCFServiceReference1.Service1Client();
                client.UpdateEnrollment(dto);
            }
            public void DeleteEnrollment(Int32 id)
            {
                var client = new WCFServiceReference1.Service1Client();
                client.DeleteEnrollment(id);
            }
        }
    }
    
    ---------------------------------------------------
    
    using System;
    using System.Collections.Generic;
    using Entities;
    using Repository;
    
    namespace WcfService
    {
        public class Service1 : IService1
        {
            private IStudentRepo _studentRepo;
            private IEnrollmentRepo _enrollmentRepo;
            private DTOStudent dto;
            public Service1(IStudentRepo studentRepo, IEnrollmentRepo enrollmentRepo)
            {
                _studentRepo = studentRepo;
                _enrollmentRepo = enrollmentRepo;
    
            }
            public DTOStudent GetStudentById(Int32 id)
            {
                try
                {
                    return _studentRepo.GetStudentById(id);
                }
                catch (Exception e)
                {
                    dto = new DTOStudent();
    
                    dto.DtoResponse.Message = e.Message;
                    if (e.InnerException != null) dto.DtoResponse.InnerException = e.InnerException.Message;
                    dto.DtoResponse.StackTrace = e.StackTrace;
    
                    return dto;
                }
            }
            public List<DTOStudent> GetStudents()
            {
                try
                {
                    return _studentRepo.GetStudents();
                }
                catch (Exception e)
                {
                    var dtos = new List<DTOStudent>();
                    dto = new DTOStudent();
    
                    dto.DtoResponse.Message = e.Message;
                    if (e.InnerException != null) dto.DtoResponse.InnerException = e.InnerException.Message;
                    dto.DtoResponse.StackTrace = e.StackTrace;
         
                    dtos.Add(dto);
                    return dtos;
                } 
            }
    
            public DTOStudent CreateStudent(DTOStudent dto)
            {
                try
                {
                    _studentRepo.CreateStudent(dto);
                    return null;
                }
                catch (Exception e)
                {
                    dto = new DTOStudent();
    
                    dto.DtoResponse.Message = e.Message;
                    if (e.InnerException != null) dto.DtoResponse.InnerException = e.InnerException.Message;
                    dto.DtoResponse.StackTrace = e.StackTrace;
    
                    return dto;
                }
            }
            public DTOStudent UpdateStudent(DTOStudent dto)
            {
                try
                {
                    _studentRepo.UpdateStudent(dto);
                    return null;
                }
                catch (Exception e)
                {
                    dto = new DTOStudent();
    
                    dto.DtoResponse.Message = e.Message;
                    if (e.InnerException != null) dto.DtoResponse.InnerException = e.InnerException.Message;
                    dto.DtoResponse.StackTrace = e.StackTrace;
    
                    return dto;
                }
            }
            public DTOStudent DeleteStudent(Int32 id)
            {
                try
                {
                    _studentRepo.DeleteStudent(id);
                    return null;
                }
                catch (Exception e)
                {
                    dto.DtoResponse.Message = e.Message;
                    if (e.InnerException != null) dto.DtoResponse.InnerException = e.InnerException.Message;
                    dto.DtoResponse.StackTrace = e.StackTrace;
    
                    return dto;
                }
            }
            public DTOEnrollment GetEnrollmentById(Int32 id)
            {
                return _enrollmentRepo.GetEnrollmentById(id);
            }
            public List<DTOEnrollment> GetEnrollments()
            {
                return _enrollmentRepo.GetEnrollments();
            }
            public void CreateEnrollment(DTOEnrollment dto)
            {
                _enrollmentRepo.CreateEnrollment(dto);
            }
            public void UpdateEnrollment(DTOEnrollment dto)
            {
                _enrollmentRepo.UpdateEnrollment(dto);
            }
            public void DeleteEnrollment(Int32 id)
            {
                _enrollmentRepo.DeleteEnrollment(id);
            }
        }
    }
    

    Monday, January 29, 2018 9:57 PM
  • DA924x, I tried to present a minimal working example, the least amount of source code possible to reproduce the error and still be understandable. So I don't see why switching to your code that is hundreds of lines longer than my original example would help. Regarding your suggestion of adding a try/catch block in the service code, that will not help. The exception is being thrown before the one line of code that is my service gets called.

    Friday, February 2, 2018 3:23 PM
  • I was able to find a solution. Using the exact same code/configuration as originally provided for the client application, the same code for the web service, but a different web.config for the service. The only thing that needed to change was the Web.config file.

    Here's the new web.config:

    <?xml version="1.0" encoding="UTF-8"?>
    <configuration>
    	<appSettings>
    		<add key="aspnet:UseTaskFriendlySynchronizationContext" value="true" />
    	</appSettings>
    	<system.web>
    		<compilation debug="true" targetFramework="4.6.2" />
    		<httpRuntime targetFramework="4.6.2" />
    		<identity impersonate="false" />
    		<authentication mode="Windows" />
    		<!-- add rules here about which domain users to allow
    		<authorization>
    				<allow users="SomeDomain\Some.User" />
    				<deny users="*"/>
    		</authorization>
    		-->
    	</system.web>
    	<system.serviceModel>
    		<behaviors>
    			<serviceBehaviors>
    				<behavior name="ServiceBehavior" >
    					<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />
    					<serviceDebug includeExceptionDetailInFaults="true" />
    				</behavior>
    			</serviceBehaviors>
    		</behaviors>
    		<protocolMapping>
    			<add scheme="http" binding="basicHttpBinding" bindingConfiguration="HttpBinding" />
    		</protocolMapping>
    		<serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" />
    		<bindings>
    			<basicHttpBinding>
    				<binding name="HttpBinding">
    					<security mode="TransportCredentialOnly">
    						<transport clientCredentialType="Windows" />
    					</security>
    				</binding>
    			</basicHttpBinding>
    		</bindings>
    	</system.serviceModel>
    	<system.webServer>
    		<modules runAllManagedModulesForAllRequests="true" />
    		<handlers>
    			<remove name="svc-ISAPI-2.0" />
    			<remove name="svc-ISAPI-2.0-64" />
    		</handlers>
    	</system.webServer>
    </configuration>
    

    The key change was to the configuration/system.serviceModel/protocolMapping/add node for http - in it I added a bindingConfiguration="HttpBinding" tag - which then corresponds to a node with that name in bindings/basicHttpBinding/binding - which indicates to use TransportCredentialsOnly and credential type of Windows. Originally, I had no bindings node provided. So that was my problem.

    • Marked as answer by Ansssss Friday, February 2, 2018 4:39 PM
    Friday, February 2, 2018 4:36 PM
  • DA924x, I tried to present a minimal working example, the least amount of source code possible to reproduce the error and still be understandable. So I don't see why switching to your code that is hundreds of lines longer than my original example would help. Regarding your suggestion of adding a try/catch block in the service code, that will not help. The exception is being thrown before the one line of code that is my service gets called.

    I can tell you that you had better consider it if throwing the exception over the WCF boundary back to the client where the client can catch the exception doing global exception handling on the client side.

    The simplicity is there.

    Friday, February 2, 2018 5:45 PM