ansaurus

Question

WCF Security error with VS 2008 Unit Test

Answer 1

+1 A:

The default authentication is windows (or NTLM) so you'll need to specify that you don't want authentication in your config file.

<system.serviceModel>
  <bindings>
    <wsHttpBinding>
      <binding name="myBinding">
        <security mode="None" />
      </binding>
  </bindings>
</system.serviceModel>

also add this attribute to the endpoint

bindingConfiguration="myBinding"

The binding element specifies modifications of the standard behavior of the wsHttpBinding.

Then the "bindingConfiguration="myBinding" attribute on the endpoint says that that endpoint should use the modifications we specified.

Karg 2008-10-17 22:02:36

Did not work. I received the same error message.

Michael Kniskern 2008-10-17 22:11:45

Updated to security mode None

Karg 2008-10-17 22:24:04

Still does not work....I even added the bindingName attribute to the service node.

Michael Kniskern 2008-10-17 22:29:49

k, tried with message security on and credentials none.Also lowered my certainty that the solution will work

Karg 2008-10-17 22:38:35

Also added the bindingConfiguration attribute to add to the endpoint element

Karg 2008-10-17 22:41:45

When I tried to update the service reference, I got the following message: "The servrice certificate is not provided. Specify a service certificate in ServiceCredentials"

Michael Kniskern 2008-10-17 22:47:32

I removed the bindingConfiguration attribute and I did not received that error from the previous comment

Michael Kniskern 2008-10-17 22:48:35

k, try setting the security back to none and include the bindingConfiguration in the endpoint element

Karg 2008-10-17 22:50:14

should I set bingingConfiguration to "MyBinding"?

Michael Kniskern 2008-10-17 22:51:05

yes, (well, to "myBinding"). That can be changed to something more appropriate as long as it matches in both places

Karg 2008-10-17 22:52:48

I am still getting the same error. I have updated the source code to match your input

Michael Kniskern 2008-10-17 22:58:28

also made it a community wiki

Michael Kniskern 2008-10-17 22:59:12

I gave you an up vote for helping trouble shooting this issue....:)

Michael Kniskern 2008-10-23 20:03:47

Answer 2

+1 A:

When you have securityMode="None" in your binding, you should turn off integrated authentication.

jezell 2008-10-18 01:05:49

I tried that and received the following error when I tried to update the service reference in the test project: Metadata contains a reference that cannot be resolved ''. The HTTP request is unauthorized with client authentication scheme 'Anonymous'. The authenication header received from the ser

Michael Kniskern 2008-10-18 01:18:02

Cont....server was ''. The remote server returned an error: (401) Unauthorized.

Michael Kniskern 2008-10-18 01:18:43

Can you browse to the WSDL? If you disable integrated authentication and enable anonymous authentication and have SecurityMode="None" on both the client and the server, it should work.

jezell 2008-10-18 20:59:06

yes, I can browse to the WSDL in IE 7.

Michael Kniskern 2008-10-20 20:40:11

Check out the local security policy on the machine and make sure that anonymous users aren't locked out from network access. Most likely, the issue is in the AD group policy or local security policy for the machine.

jezell 2008-10-20 21:40:41

I also ran this service in a web application and console application and received the same "The remote server returned an error: (401) Unauthorized" for both tests.

Michael Kniskern 2008-10-22 18:20:49

I gave you an up vote for helping trouble shoot this issue....:)

Michael Kniskern 2008-10-23 20:04:31

Answer 3

+2 A:

After finally pulling out my hair over this issue....(wait I have no hair!)

I had to change the following IIS and WCF service configurations to get past the "Negotiate,NTLM" exception.

IIS Configurations:

-- Unchecked "Anonymous Access" checkbox and check the "Integrated Windows authentication" checkbox in the directory security setting for the WCF Service virtual directory.

WCF Services:

-- implemented basicHttpBinding and configured the basicSettingBinding security setting to "TransportCredentialsOnly" mode and TransportClientCredentialType to "Windows"

Here is my updated wcf service configuration:

<system.serviceModel>
    <bindings>
        <basicHttpBinding>
            <binding name="windowsBasicHttpBinding">
                <security mode="TransportCredentialOnly">
                    <transport clientCredentialType="Windows" />
                </security>
            </binding>
       </basicHttpBinding>
    </bindings>
    <services>
        <service    
      behaviorConfiguration="CityOfMesa.ApprovalRouting.WCFService.RoutingServiceBehavior"
           name="CityOfMesa.ApprovalRouting.WCFService.RoutingService"
        >
            <endpoint 
                binding="basicHttpBinding" bindingConfiguration="windowsBasicHttpBinding"
                name="basicEndPoint"    
                contract="CityOfMesa.ApprovalRouting.WCFService.IRoutingService" 
            />
        </service>
    </services>
    <behaviors>
        <serviceBehaviors>
            <behavior 
                name="CityOfMesa.ApprovalRouting.WCFService.RoutingServiceBehavior"
            >
                <serviceMetadata httpGetEnabled="true" />
                <serviceDebug includeExceptionDetailInFaults="true" />
           </behavior>
        </serviceBehaviors>
    </behaviors>
</system.serviceModel>

Michael Kniskern 2008-10-23 20:02:37

Answer 4

A:

As a side note.....There was a GPO setting "NTLM Authentication Level" that was controls authenication that was causing the unit test to generate the "Negotiate,NTLM" exception.

Michael Kniskern 2008-10-23 20:09:39

ansaurus

tags:

views:

answers:

WCF Security error with VS 2008 Unit Test

related questions