WCF BasicHttpBinding with TransportWithMessageCredential (UserName) failure (iOS and Android) RRS feed

  • Question

  • User10808 posted

    We have a service deployed over HTTPS that can be connected to via BasicHttpBinding. A console application can successfully connect to the service:

    ServicePointManager.ServerCertificateValidationCallback = delegate { return true; };
    var credentials = new ClientCredentials();
    credentials.UserName.UserName = username;
    credentials.UserName.Password = password;
    var service = new SecureServiceClient(
            new BasicHttpBinding(BasicHttpSecurityMode.TransportWithMessageCredential),
            new EndpointAddress("https://some_address.com/service.svc"));
    var defaultCredentials = service.Endpoint.Behaviors.Find<ClientCredentials>();
    return service;

    Using the same code in our Xamarin application causes unexpected behavior:

    • Android: System.TypeLoadException: Could not load type 'System.ServiceModel.HttpTransportSecurity' from assembly 'System.ServiceModel, Version=, Culture=neutral, PublicKeyToken=31bf3856ad364e35'.

    • iOS: System.ServiceModel.FaultException: An error occurred when verifying security for the message.

    • iOS: Further investigation of error messages on the server showed this - MessageSecurityException: Security processor was unable to find a security header in the message. This might be because the message is an unsecured fault or because there is a binding mismatch between the communicating parties. This can occur if the service is configured for security and the client is not using security.

    Can anyone provide any ideas on a fix? (We are using the most recent version of Xamarin for both iOS and Android)

    Monday, July 29, 2013 8:53 PM

All replies

  • User10808 posted

    I also sent an email to Xamarin support. Here is their response:

    Thanks for writing! Unfortunately, at present the "in preview" WCF support in Xamarin does not include TransportWithMessageCredential bindings, although Transport bindings do work (https://bugzilla.xamarin.com/showbug.cgi?id=562#c1). One possible work-around would be to manually construct the SOAP request using an HttpWebRequest (https://bugzilla.xamarin.com/showbug.cgi?id=8020#c5).

    Just to mention it, there's a feature request for TransportWithMessageCredential support on Uservoice that you can vote for, if you like, but that's probably not very helpful for your immediate problem: http://xamarin.uservoice.com/forums/144858-xamarin-suggestions/suggestions/2837262-more-advanced-complete-support-for-wcf

    Tuesday, July 30, 2013 3:21 PM
  • User24228 posted

    why can´t I used "SecureServiceClient" in my Xamarin proyect!! which library I have to use??

    Tuesday, October 1, 2013 2:45 PM
  • User10808 posted

    SecureServiceClient is actually generated proxy code from our service reference - our web service is called SecureService ... So if our service was named MySpecialService, then our client would be generated as MySpecialServiceClient. It all depends on the naming within your web service and how your environment generates the proxy code to access your web service.

    Tuesday, October 1, 2013 2:49 PM
  • User250210 posted

    Can it really be true that even now, September 2016, the BasicHttpSecurityMode.TransportWithMessageCredential is STILL not supported??

    Friday, September 16, 2016 12:21 PM
  • User222595 posted

    I just went through all the proposed work-arounds detailed in (https://bugzilla.xamarin.com/show_bug.cgi?id=8020#c5) but I wasn't able to get any of them to work on Android.

    • client.ClientCredentials.UserName (FAIL)
    • TransportWithMessageCredential (FAIL https://bugzilla.xamarin.com/show_bug.cgi?id=562#c1)
    • IClientMessageInspector and IEndpointBehavior (FAIL ApplyClientBehavior never invoked )

    It isn't practical for me to write custom SOAP messages because of the large number of complex data operations being conducted over WCF.

    Anybody that has success with this - please post an update...

    Tuesday, December 27, 2016 2:36 AM