none
Fiddler sent authentication header to IIS webserver but reqest.Headers[System.Net.HttpRequestHeader.Authorization] return blank( wcf restfull) RRS feed

  • Question

  • Dear All

    Recently I have developed a service using C# and wcf restful. the service work fine while i develop on my local machine and to use the  service, client need to provide authentication header. client Fiddler can request resource successful. when I start to deploy my service to the production server, I have use the same client Fiddler to request the service over the internet and the service always return bad request although I provide the correct credential. I have debug to see if my server get the credential or not. Finally I see   reqest.Headers[System.Net.HttpRequestHeader.Authorization] return blank.

    My question is why IIS does not get Authorization header? Does my server production miss configuration?

    Any suggestion is welcome.

    Thank

    Saturday, February 20, 2016 4:30 AM

All replies

  • Hello,

    Since your service works fine in your localhost, it means that your service code is correct. But it does not work in the production server, in my mind it seems that your production server have missed some settings or configuration, so please compare your locallocal IIS configuration with your production server.
    In addition, please try to search the IIS log and check if it has any helpful information about the issue.

    Best Regards,
    Amy Peng



    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click HERE to participate the survey.

    Monday, February 22, 2016 9:32 AM
    Moderator
  • Dear Amy Peng

    Thank for your comment.

    I have tested my service as below:

    - I test directly during development with visual studio. the service work fine.

    -I deploy it on my IIS local machine. the service work fine.

    -I deploy it to my server and I access from my machine (I use ip local). the service work fine. but when i access from public ip over internet it is bad request , the service receive Authorization header is blank.

    if the configuration on IIS on production server have missed something it should have problem while i access from my machine to my server.

    Example :

    From my machine I access to service via 192.168.xx.xx , the service work fine , server get header authorization Basic xxxxxxxx

    When I access from IP public  , it is bad request because server alwayse get header authorization blank.

    both of them is the same IIS production server. but the access point is just different.

    So I think IIS is fine. but I wonder if this problem exist from IP public?

    Regards

    Tuesday, February 23, 2016 6:23 AM
  • Hello,

    >>When I access from IP public, it is bad request because server alwayse get header authorization blank.

    It seems that it is problem that exists from the public IP. Please remove the authentication by setting the security mode as None to check if you can access the service via the pulic IP. Then please also check the firewall on your product server to make sure that it does not block the connection.
    In addition, please try to add a node useRequestHeadersForMetadataAddress on your configuration file and check if it works for you:

    <system.serviceModel>
      <behaviors>
        <serviceBehaviors>
          <behavior>
            <useRequestHeadersForMetadataAddress>
          </behavior>
        </serviceBehaviors>
      </behaviors>
    </system.serviceModel>
    

    Best regards,
    Amy Peng


    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click HERE to participate the survey.

    Wednesday, February 24, 2016 9:59 AM
    Moderator