An error occurred when verifying security for the message

Question

User-1952516322 posted

Hi all,

I have a WCF service and it is http not https, it is added in <customBinding>... now the team update the service and the new link is https, 

once I changed the endpoint address to https, I got error "The provided URI schema 'https' is invalid; expected 'http'. Parameter name:via"

services app WebConfig: 

<system.serviceModel>
      <serviceHostingEnvironment multipleSiteBindingsEnabled="true" aspNetCompatibilityEnabled="false" />
      <bindings>
         <customBinding>
            <binding name="CustomBinding_Service" closeTimeout="00:10:00" openTimeout="00:10:00" receiveTimeout="00:10:00" sendTimeout="00:10:00">
               <textMessageEncoding maxReadPoolSize="64" maxWritePoolSize="16" messageVersion="Default" writeEncoding="utf-8">
                  <readerQuotas maxDepth="32" maxStringContentLength="2147483647" maxArrayLength="16384" maxBytesPerRead="4096" maxNameTableCharCount="16384" />
               </textMessageEncoding>
               <httpTransport manualAddressing="false" maxBufferPoolSize="2147483647" maxReceivedMessageSize="2147483647" allowCookies="false" authenticationScheme="Anonymous" bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard" keepAliveEnabled="true" maxBufferSize="2147483647" proxyAuthenticationScheme="Anonymous" realm="" transferMode="Buffered" unsafeConnectionNtlmAuthentication="false" useDefaultWebProxy="true" />
            </binding>
         </customBinding>
      </bindings>
      <client>
         <endpoint address="https://xxxService.svc" binding="customBinding" bindingConfiguration="CustomBinding_Service" contract="OrgServiceReference.IOrgService" name="CustomBinding_Service">
            <identity>
               <userPrincipalName value="admin@ab.local" />
            </identity>
         </endpoint>
      </client>
   </system.serviceModel>

  Thanks.

Answer 1

User475983607 posted

You have to use a transport that support HTTPS on both the WCF service and all the clients that connect to the service.  See the WCF docs.

https://www.google.com/search?q=wcf+https

Answer 2

User1535942433 posted

Hi Khalid Salameh,

Accroding to your description,as far as I think, you could try to add <security mode="transport"> to the binding on the web service.

Just like this:

<binding name="CustomBinding_Service" closeTimeout="00:10:00" openTimeout="00:10:00" receiveTimeout="00:10:00" sendTimeout="00:10:00">
               <security mode="Transport" />
               <textMessageEncoding maxReadPoolSize="64" maxWritePoolSize="16" messageVersion="Default" writeEncoding="utf-8">
                  <readerQuotas maxDepth="32" maxStringContentLength="2147483647" maxArrayLength="16384" maxBytesPerRead="4096" maxNameTableCharCount="16384" />
               </textMessageEncoding>
               <httpTransport manualAddressing="false" maxBufferPoolSize="2147483647" maxReceivedMessageSize="2147483647" allowCookies="false" authenticationScheme="Anonymous" bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard" keepAliveEnabled="true" maxBufferSize="2147483647" proxyAuthenticationScheme="Anonymous" realm="" transferMode="Buffered" unsafeConnectionNtlmAuthentication="false" useDefaultWebProxy="true" />
            </binding>

Best regards,

Yijing Sun   

Answer 3

User-1952516322 posted

Thanks yij sun & mgebhard

Actually I changed the service binding from customBinding to wsHttpBiniding, now the error for verifying security gone, there is an error says: 

The remote server returned an error: (415) Cannot process the message because the content type 'text/xml;charset=utf-8' was not the expected type 'application/soap+xml;charset=utf-8;

WebConfig of web Project [ Css - Views - Controller ]

<system.serviceModel>
    <bindings>
      <wsHttpBinding>
        <binding>
          <readerQuotas maxDepth="32" maxStringContentLength="2147483647" maxArrayLength="2147483647" maxBytesPerRead="2147483647" maxNameTableCharCount="2147483647"/>
        </binding>
        <binding name="WSHttpBinding_IDashboardServiceWrapper" closeTimeout="00:05:00" openTimeout="00:05:00" receiveTimeout="00:10:00" sendTimeout="00:05:00" bypassProxyOnLocal="false" transactionFlow="false" hostNameComparisonMode="StrongWildcard" maxBufferPoolSize="2147483647" maxReceivedMessageSize="2147483647" messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true" allowCookies="false">
          <readerQuotas maxDepth="32" maxStringContentLength="2147483647" maxArrayLength="16384" maxBytesPerRead="4096" maxNameTableCharCount="16384"/>
          <reliableSession ordered="true" inactivityTimeout="00:10:00" enabled="false"/>
          <security mode="Message">
            <transport clientCredentialType="Windows" proxyCredentialType="None" realm=""/>
            <message clientCredentialType="Windows" negotiateServiceCredential="true" algorithmSuite="Default"/>
          </security>
        </binding>
      </wsHttpBinding>
    </bindings>
    <client>
      
      
      <endpoint address="http://localhost/App/DashboardServiceWrapper.svc" binding="wsHttpBinding" bindingConfiguration="WSHttpBinding_IDashboardServiceWrapper" contract="DashboardWrapperReference.IDashboardServiceWrapper" name="WSHttpBinding_IDashboardServiceWrapper">
        <identity>
          <dns value="localhost"/>
        </identity>
      </endpoint>
    </client>
    <services>
      <service behaviorConfiguration="AppPr.DashboardServiceWrapperBehavior" name="AppPr.DashboardServiceWrapper">
        <endpoint address="" binding="wsHttpBinding" contract="AppPr.DashboardServiceWrapper">
          <identity>
            <dns value="localhost"/>
          </identity>
        </endpoint>
        <endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange"/>
      </service>
    </services>
    <behaviors>
      <serviceBehaviors>
        <behavior name="debug">
          <serviceDebug includeExceptionDetailInFaults="true"/>
        </behavior>
        <behavior name="AppPr.DashboardServiceWrapperBehavior">
          <serviceMetadata httpGetEnabled="true"/>
          <serviceDebug includeExceptionDetailInFaults="true"/>
        </behavior>
      </serviceBehaviors>
    </behaviors>
  </system.serviceModel>

App/WCF project webConfig

<bindings>
      <basicHttpBinding>
        <binding name="DashboardServiceHttpBiniding" closeTimeout="01:10:00" openTimeout="01:10:00" receiveTimeout="01:10:00" sendTimeout="01:10:00" allowCookies="false" bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard" maxBufferPoolSize="2147483647"
          maxBufferSize="2147483647" maxReceivedMessageSize="2147483647" textEncoding="utf-8" transferMode="Buffered" useDefaultWebProxy="true" messageEncoding="Text">
          <readerQuotas maxDepth="32" maxStringContentLength="2147483647"
            maxArrayLength="16384000" maxBytesPerRead="4096000" maxNameTableCharCount="16384000" />
          <security mode="Transport" />
        </binding>
      </basicHttpBinding>
      <wsHttpBinding>
        <binding>
          <readerQuotas maxDepth="32" maxStringContentLength="2147483647"
            maxArrayLength="2147483647" maxBytesPerRead="2147483647" maxNameTableCharCount="2147483647" />
        </binding>
        <binding name="AppPr.DashboardServiceWrapperBinding" closeTimeout="00:05:00"
          openTimeout="00:05:00" receiveTimeout="00:10:00" sendTimeout="00:05:00"
          bypassProxyOnLocal="false" transactionFlow="false" hostNameComparisonMode="StrongWildcard"
          maxBufferPoolSize="2147483647" maxReceivedMessageSize="2147483647"
          messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true"
          allowCookies="false">
          <readerQuotas maxDepth="32" maxStringContentLength="2147483647"
            maxArrayLength="16384" maxBytesPerRead="4096" maxNameTableCharCount="16384" />
          <reliableSession ordered="true" inactivityTimeout="00:10:00"
            enabled="false" />
          <security mode="Message">
            <transport clientCredentialType="Windows" proxyCredentialType="None"
              realm="" />
            <message clientCredentialType="Windows" negotiateServiceCredential="true"
              algorithmSuite="Default" />
          </security>
        </binding>
      </wsHttpBinding>
    </bindings>

Kindly note the service need username & password to pass, the below implementation: 

DashboardServiceClient client = new DashboardServiceClient("DashboardServiceHttpBiniding");

string username = "admin";
string password = "ABc";
client.ClientCredentials.Windows.ClientCredential = new NetworkCredential(username,password);

Answer 4

User1535942433 posted

Hi Khalid Salameh,

As far as I think, you could switch from wsHttpBinding to basicHttpBinding to fix this.

Do you need SOAP 1.1 or application/soap+xml; charset=utf-8? Because SOAP 1.1 specification says that the request must have text/xml as the media type. application/soap+xml is media type for SOAP 1.2. Forcing WCF to use SOAP 1.1 with application/soap+xml (= invalid SOAP) would require bigger changes than changing the binding. You will need some custom message encoder or perhaps transport channel. 

More details,you could refer to below article:

https://stackoverflow.com/questions/8087515/wcf-service-using-basichttpbinding-is-still-sending-content-type-text-xml

Best regards,

Yijing Sun

Answer 5

User-1952516322 posted

Thanks yij,

Actually I tried to remove the service reference and re add it again, the configuration has been updated automatically.

and the <security mode="transport"/> added.