locked
Question about wcf schema service RRS feed

  • Question

  • Guys,

    I am exposing my schemas as wcf service and the application pool runs under the same account that runs the biztalk isolated host. To browse to the service I have to enable Anonymous authentication else it throws errors. Can someone here point to how security flows through when a schema is exposed as a webservice? How does the identity under which the application pool runs is used and how the security settings in the web.config file are used? I am using BT 2010, SQL 2008, IIS 7.5 and Windows server 2008 R2. Appreciate your help.

    Monday, January 10, 2011 6:38 PM

Answers

  • Hi,

    If you run the wizard to have your schema's exposed as WCF Service using the BizTalk WCF Service Publishing Wizard you will get to WCF Service Location. Here in the Location text box, you can type the Web directory name where the WCF services are generated. You can accept the default location (http://localhost/<BizTalk Assembly Name >), type a location for the WCF services in the Location text box, or click Browse and select a Web directory. Select any of the following options:

    • Overwrite existing project. This option is only available if the Web directory already exists. You will be able to publish to the same location only if you select this option. Otherwise, you must enter a different project location.
    • Allow anonymous access to WCF service. This option adds anonymous access to the created virtual directory. By default, the virtual directory inherits the access privileges from its parent virtual directory or the Web site (if it is a top-level virtual directory).

    If you have set this (checked) then you know why it can happen. If not then you can also check Transport properties of your adapter. Security mode is set to None as default and you must allow anonymous access to the virtual directory that hosts this receive location. You can change this setting to for instance Windows and then you have to enable Integrated Windows authentication for the virtual directory that hosts this receive location. For reference see How to Configure WCF Services Published with the BizTalk WCF Service Publishing Wizard . You either have checked it in the Wizard the anonymous access or you have not configured the transport properties to your requirements.

    HTH

    Regards,

    Steef-Jan Wiggers
    MVP & MCTS BizTalk Server
    http://soa-thoughts.blogspot.com/
    If this answers your question please mark it accordingly

     


    BizTalk
    Monday, January 10, 2011 6:55 PM
    Moderator