locked
"The caller was not authenticated by the service" wsHttpBinding RRS feed

  • Question

  • Hi,

    I am trying to understand what is the cause of the issue i am facing. When i test my service and client on my local machine, it works fine. But when i deploy my service to a different web server, i get the following error: "The caller was not authenticated by the service".

    I also observed that when i change my binding to basicHttpBinding, i do not face the error. But I would like to know what i am missing here when i am using wsHttpBinding. Any thoughts are greatly appreciated.
    Friday, October 2, 2009 10:03 PM

Answers

  • Hi,

    Which identity did you use to impersonate? Client or some trusted acount else

    If you were trying to impersonate your client account, it's meaningless here since you set your security mode to none and if you hosted your service in iis, the only posible way to let your client conmmunicate with your service is through anonymous authentication. In this case the client credentials will not be able to diliver to your service. Therefore impersonation wouldn't exist here.

    So here you need to make sure you service process has the rights to manipulate local windows service, this is depending your service application pool's identity on whether it has the right to do the opertion on the local windows service.

    If you hosted your wcf in iis, then you can change the "application pool identity" through "advanced setting" to local system or local service.

    Thanks
    Binze


    Please remember to mark the replies as answers if they help and unmark them if they provide no help.
    Welcome to the All-In-One Code Framework! If you have any feedback, please tell us.
    • Marked as answer by Bin-ze Zhao Friday, October 9, 2009 4:19 AM
    Wednesday, October 7, 2009 8:18 AM

All replies

  • Are you using windows authentication? Check this thread .
    Fabio Cozzolino Blogs: http://dotnetside.org/blogs/fabio http://weblogs.asp.net/fabio
    Friday, October 2, 2009 10:19 PM
  • Hi Fabio,

    Thank you for replying back. You asked a very good question. The cient and the service reside on different networks. The server on which the service resides can be accessed with only one login credentials by all the users. Do i have to incorporate this info in my config file for the service to recognize the client?

    Hope i am being clear.

    Thanks
    Friday, October 2, 2009 10:45 PM
  • Hi sirkal,
    what is your authentication method? Are you using Username/Certificate/Windows credentials? The unique login credentials is a windows account or a simple login with username and password stored in your custom database? In different networks the use of windows credentials is not recommended.
    Check this how-to:

    http://msdn.microsoft.com/en-us/library/cc949025.aspx
    http://msdn.microsoft.com/en-us/library/cc949010.aspx

    Otherwise, please post your config sections.

    HTH
    Fabio

    Fabio Cozzolino Blogs: http://dotnetside.org/blogs/fabio http://weblogs.asp.net/fabio
    Saturday, October 3, 2009 6:38 PM
  • Hi Fabio,

    Thank you for replying back. After few readings and expermenting, i was able to communicate with my service using wsHttpBinding and setting the security mode to none and also i used identity impersenation using the windows authentication credentials. But my problems do not stop here, my service has 3 operations, one Starts a Window Service and the other stops the Window Service and the last one is a test serivce which returns a string "Hello World".  I am aboe to communicate with my test service operation but when i try to execute start and stop operations then i get "Cannot open <windowservicename> service on computer '.'."  So is there a way i can pass certain credentials like "LocalSystem" or "Network Services" to the service to control the window service.

    thank you for your help in advance.
    Sunday, October 4, 2009 7:37 AM
  • Hi,

    Which identity did you use to impersonate? Client or some trusted acount else

    If you were trying to impersonate your client account, it's meaningless here since you set your security mode to none and if you hosted your service in iis, the only posible way to let your client conmmunicate with your service is through anonymous authentication. In this case the client credentials will not be able to diliver to your service. Therefore impersonation wouldn't exist here.

    So here you need to make sure you service process has the rights to manipulate local windows service, this is depending your service application pool's identity on whether it has the right to do the opertion on the local windows service.

    If you hosted your wcf in iis, then you can change the "application pool identity" through "advanced setting" to local system or local service.

    Thanks
    Binze


    Please remember to mark the replies as answers if they help and unmark them if they provide no help.
    Welcome to the All-In-One Code Framework! If you have any feedback, please tell us.
    • Marked as answer by Bin-ze Zhao Friday, October 9, 2009 4:19 AM
    Wednesday, October 7, 2009 8:18 AM
  • I really wish you read the question and not ask such stupid question Bin-ze Zhao whatever.

    Bin-ze Zhao where in the question did sirkal said he was using impersonation??????????


    steven frierdich

    Thursday, December 12, 2013 4:23 AM