locked
WCF service - security problem RRS feed

  • Question

  • Hi!
    I’m trying to use an WCF webservice (I’m using VB.NET). When I look at the config file I have got when I added the service to Service References the binding type is custom binding and the security authentication mode is UserNameOverTransport, and I think I have to use https transport.

    When I look at my auto generated App.config file the binding type is custom binding and the security authentication mode is UserNameOverTransport. But when I try to call the service I get the error:
    The 'CustomBinding'.'http://tempuri.org/' binding for the 'web service' contract is configured with an authentication mode that requires transport level integrity and confidentiality. However the transport cannot provide integrity and confidentiality.

    Can somebody please help me with this?

    Thanks!


    Additional information:

    My config file looks like this:

    [HTML]<bindings>
    <customBinding>
    <binding name="MyBinding="00:30:00" openTimeout="00:30:00" receiveTimeout="00:30:00" sendTimeout="00:30:00">
    <security authenticationMode="UserNameOverTransport" >
    <secureConversationBootstrap />
    </security> ............
    [/HTML]

    An this generat the soap request envelope and header:

    [CODE]<s:Envelope xmlns:a="http://schemas.xmlsoap.org/ws/2004/08/addressing" xmlns:s="http://schemas.xmlsoap.org/soap/envelope/">
    <s:Header>
    <a:Action s:mustUnderstand="1">Create</a:Action>
    <a:MessageID>urn:uuid:ad67977b-5a8f-42c2-a7b6-e228ef7f3e82</a:MessageID>
    <a:ReplyTo>
    <a:Address>http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous</a:Address>
    </a:ReplyTo>
    </s:Header>
    [/CODE]

    But I need:

    [HTML]<s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:a="http://schemas.xmlsoap.org/ws/2004/08/addressing" xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"> 
        <s:Header> 
            <a:Action s:mustUnderstand="1">Create</a:Action> 
            <a:MessageID>urn:uuid:7e0cca04-57bd-4481-864c-6ea8039d2ea0</a:MessageID> 
            <a:ReplyTo> 
                <a:Address>http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous</a:Address> 
            </a:ReplyTo> 
            <a:To s:mustUnderstand="1">https://webservice.exacttarget.com/Service.asmx</a:To> 
            <o:Security s:mustUnderstand="1" xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"> 
                <o:UsernameToken u:Id="uuid-b82c6428-caa1-49fc-986b-dc613c990c49-1"> 
                    <o:Username> 
                        <!-- Removed--> 
                    </o:Username> 
                    <o:Password> 
                        <!-- Removed--> 
                    </o:Password> 
                </o:UsernameToken> 
            </o:Security> 
        </s:Header>

    [/HTML]

    The sections I want are the username and password.

    I hope this helps to clarify my problem.

    Thursday, July 14, 2011 11:08 AM

Answers

  • Hello, UserNameOverTransport means you're using transport security, which requires SSL. So you must use https instead of http.

    Make sure you use <httpsTransport/>


    Lante, shanaolanxing This posting is provided "AS IS" with no warranties, and confers no rights.
    Windows Azure Technical Forum Support Team Blog

    • Proposed as answer by Thomas Smets Friday, July 15, 2011 8:57 AM
    • Marked as answer by Yi-Lun Luo Wednesday, July 20, 2011 9:42 AM
    Friday, July 15, 2011 2:24 AM

All replies

  • Hello, UserNameOverTransport means you're using transport security, which requires SSL. So you must use https instead of http.

    Make sure you use <httpsTransport/>


    Lante, shanaolanxing This posting is provided "AS IS" with no warranties, and confers no rights.
    Windows Azure Technical Forum Support Team Blog

    • Proposed as answer by Thomas Smets Friday, July 15, 2011 8:57 AM
    • Marked as answer by Yi-Lun Luo Wednesday, July 20, 2011 9:42 AM
    Friday, July 15, 2011 2:24 AM
  • Thank you, that's what I needed to do.
    Friday, July 15, 2011 8:41 AM