Answered by:
WCF Security using custom username and password

-
I would like to implement SECURITY for my WCF service. I am planning to use custom username and password for validation.
<system.serviceModel>
<services>
<service name="WCFTestService.Service1" behaviorConfiguration="Service1.Service1Behavior">
<host>
<baseAddresses>
<add baseAddress="http://localhost:3785/Service1.svc"/>
</baseAddresses>
</host>
<endpoint address="username" binding="basicHttpBinding"
bindingConfiguration="https"
contract="WCFTestService.IService1"/>
<endpoint contract="IMetadataExchange" binding="mexHttpBinding" address="mex"/>
</service>
</services>
<bindings >
<basicHttpBinding>
<!-- configure BasicHttp binding with Transport security mode and
clientCredentialType as None-->
<binding name="https" >
<security mode="TransportWithMessageCredential">
<message clientCredentialType="UserName"/>
</security>
</binding>
</basicHttpBinding>
</bindings>
<behaviors>
<serviceBehaviors>
<behavior name="Service1.Service1Behavior">
<!-- To avoid disclosing metadata information, set the value below to false and remove the metadata endpoint above before deployment -->
<serviceMetadata httpGetEnabled="true"/>
<!-- To receive exception details in faults for debugging purposes, set the value below to true. Set to false before deployment to avoid disclosing exception information -->
<serviceDebug includeExceptionDetailInFaults="true" />
<serviceCredentials >
<userNameAuthentication
userNamePasswordValidationMode="Custom"
customUserNamePasswordValidatorType="WCFTestService.CustomValidator,WCFTestService"/>
</serviceCredentials>
</behavior>
</serviceBehaviors>
</behaviors>
But the problem is , when I try to run the service I am getting following error.
“Could not find a base address that matches scheme https for the endpoint with binding BasicHttpBinding. Registered base address schemes are [http]. “
I am stuck with this problem. Please help me.
Regards,
ranish
Question
Answers
-
Hi,
You need HTTPS to test this scenario. You cannot host this service on http because of the security you enabled.
For more information of creating SSL refer to this.
http://learn.iis.net/page.aspx/144/how-to-set-up-ssl-on-iis/
Thanks,
Welcome to MSDN Forums. Feel free to ask your questions and Please Note to Vote helpful topics and Mark answering posts. Sudhakar
All replies
-
Hi,
You need HTTPS to test this scenario. You cannot host this service on http because of the security you enabled.
For more information of creating SSL refer to this.
http://learn.iis.net/page.aspx/144/how-to-set-up-ssl-on-iis/
Thanks,
Welcome to MSDN Forums. Feel free to ask your questions and Please Note to Vote helpful topics and Mark answering posts. Sudhakar
-
I also faced the same problem and solved it by the following steps..
1.I have hosted the service to IIS and and created a self sighned certificate.
2.In the action pane,select bindings and added new site bindings with https and selected the SSL certificate.
3.Selected my Hosted WCF service and marked the 'require SSL' in the SSL settings..
So everything worked Fine..Thanks sudhakar..
Roshil K
-
Hello,
you use TransportWithMessageCredential as security. In this case the transport protocol "https" is used for encryption security.
Username and password are written in the soap header.
You can use TransportCredentialOnly for testing. It is very unsecure but you don't need https in testing environment.
Regards,
Timo -
-
Hello
I am new to WCF . I have implemeted a service . We had tested this in our local environment and on our local server , this seemed fine . Now i have moved this to our clients server . We got a certificate created by the clients CA . I have completed the certificate request on IIS . I created a new website for this implementation , which has 2 services .
I am using the below config , but when i browse the svc file on the service it gives me this error . i have tried various approaches suggested online but it doesnt help.
<?xml version="1.0"?>
<configuration>
<system.web>
<compilation targetFramework="4.0" />
</system.web>
<appSettings>
<add key="FileTransferPath" value="c:\FileServer\"/>
<add key="BackUpFileTransferPath" value="c:\BackedUpFiles\"/>
<!--<add key="DBPath" value="C:\ProjectsSVN\MovenPathalogy\AppName\ClientsGPSystem\AppName.accdb"/>-->
<add key="DBPath" value="C:\Program Files\ClientAppName\ClientAppNameServerSetup\AppName.accdb"/>
<add key="DBPathx86" value="C:\Program Files (x86)\ClientAppName\ClientAppNameServerSetup\AppName.accdb"/>
</appSettings>
<system.serviceModel>
<services>
<service name="FileTransfer.FileTransfer">
<endpoint address="" binding="basicHttpBinding" contract="FileTransfer.IFileTransfer">
<identity>
<dns value="localhost" />
</identity>
</endpoint>
<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" />
<host>
<baseAddresses>
<add baseAddress="https://messaging.Clientandpartners.com/AppNameFileTransfer/" />
</baseAddresses>
</host>
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior>
<!-- To avoid disclosing metadata information,
set the value below to false and remove the metadata endpoint above before deployment -->
<serviceMetadata httpGetEnabled="True"/>
<!-- To receive exception details in faults for debugging purposes,
set the value below to true. Set to false before deployment
to avoid disclosing exception information -->
<serviceDebug includeExceptionDetailInFaults="False" />
</behavior>
</serviceBehaviors>
</behaviors>
<bindings>
<basicHttpBinding>
<binding name="basicHttpBinding_IFileTransfer"
maxReceivedMessageSize="2147483647">
<readerQuotas
maxDepth="64"
maxStringContentLength="2147483647"
maxArrayLength="2147483647"
maxBytesPerRead="4096"
maxNameTableCharCount="16384"/>
<security mode="Transport">
<transport clientCredentialType="None"/>
</security>
</binding>
</basicHttpBinding>
</bindings>
</system.serviceModel>
<system.webServer>
<modules runAllManagedModulesForAllRequests="true"/>
</system.webServer>
<!--Turn on to log Trace-->
<!--<system.diagnostics>
<sources>
<source name="System.ServiceModel"
switchValue="Information, ActivityTracing"
propagateActivity="true">
<listeners>
<add name="traceListener"
type="System.Diagnostics.XmlWriterTraceListener"
initializeData= "c:\logs\FileTransferTraces.svclog"/>
</listeners>
</source>
</sources>
</system.diagnostics>-->
</configuration>
Please Advise