views:

120

answers:

1

Hello Sir,

I am using an ASMX web service and creating a WCF Client for the service with customBinding. In the customBinding security section, I am using the authenticationMode as "KerberosOverTransport" and using HTTP as Transport medium. Please see the below code.

<customBinding>
    <binding name="Service1Soap" closeTimeout="00:01:00" openTimeout="00:01:00"
      receiveTimeout="00:10:00" sendTimeout="00:01:00">
      <security allowSerializedSigningTokenOnReply="true" authenticationMode="KerberosOverTransport"
        requireDerivedKeys="false" messageProtectionOrder="SignBeforeEncryptAndEncryptSignature"
        messageSecurityVersion="Default" requireSecurityContextCancellation="false">
        <secureConversationBootstrap />
      </security>
      <textMessageEncoding messageVersion="Soap11" />
      <httpTransport authenticationScheme="Ntlm" unsafeConnectionNtlmAuthentication="false" />
    </binding>
  </customBinding>
</bindings>
<client>
  <endpoint address="http://localhost:1612/TestService.asmx" binding="customBinding"
    bindingConfiguration="Service1Soap" contract="WCFProxy.Service1Soap"
    name="Service1Soap" />
</client>

When I create an instance of the Proxy class and call the Hello World method of the Web Service I get the following exception.

"The 'CustomBinding'.'http://tempuri.org/' binding for the 'Service1Soap'.'urn:Service1' contract is configured with an authentication mode that requires transport level integrity and confidentiality. However the transport cannot provide integrity and confidentiality."

==========================================================================================

at System.ServiceModel.Dispatcher.SecurityValidationBehavior.SoapOverSecureTransportRequirementsRule.ValidateSecurityBinding(SecurityBindingElement securityBindingElement, Binding binding, ContractDescription contract) at System.ServiceModel.Dispatcher.SecurityValidationBehavior.ValidateSecurityBinding(SecurityBindingElement sbe, Binding binding, ContractDescription contract) at System.ServiceModel.Dispatcher.SecurityValidationBehavior.ValidateBinding(Binding binding, ContractDescription contract, SecurityBindingElement& securityBindingElement) at System.ServiceModel.Dispatcher.SecurityValidationBehavior.System.ServiceModel.Description.IEndpointBehavior.Validate(ServiceEndpoint serviceEndpoint) at System.ServiceModel.Description.ServiceEndpoint.Validate(Boolean runOperationValidators, Boolean isForService) at System.ServiceModel.Channels.ServiceChannelFactory.BuildChannelFactory(ServiceEndpoint serviceEndpoint) at System.ServiceModel.ChannelFactory.CreateFactory() at System.ServiceModel.ChannelFactory.OnOpening() at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout) at System.ServiceModel.ClientBase1.System.ServiceModel.ICommunicationObject.Open(TimeSpan timeout) at System.ServiceModel.ClientBase1.Open() at WCFClient.Program.Main(String[] args) in D:\Rakesh\Test Projects\WebServiceCustomBinding\WCFClient\Program.cs:line 16 at System.AppDomain._nExecuteAssembly(Assembly assembly, String[] args) at System.AppDomain.ExecuteAssembly(String assemblyFile, Evidence assemblySecurity, String[] args) at Microsoft.VisualStudio.HostingProcess.HostProc.RunUsersAssembly() at System.Threading.ThreadHelper.ThreadStart_Context(Object state) at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state) at System.Threading.ThreadHelper.ThreadStart()

I am struck with no luck on googling this exception. It has been 2 days now with the R & D part. Please provide me some help on this Issue. I will be very pleased upon your help!

Regards, Rakesh.

A: 

Try to use BasicHttpBinding with following security instead:

<bindings>
  <basicHttpBinding>
    <binding name="Secured">
      <security mode="TransportCredentialOnly">
        <transport clientCredentialType="Windows" />
      </security>
    </binding>
  </basicHttpBinding>
</bindings>

Also you can check this article - there is a part about setting client.

Ladislav Mrnka
I have tried with basicHttpBinding prior to starting with customBinding. The reason I am using customBinding is that my application needs to be interoperable with Java Web Services which needs Kerberos Authentication for SSO implementation. More over the Java web service may be installed on any kind of platform other than Windows, so on that platform Windows clientCredentialType may not work. Thanks for your reply. Can you suggest me a solution for mentioned requirement?? Sorry for not giving these details before!
Rakesh Nagpal
Than you need that Java Web Service for testing. It would be awesome if you have WSDL of that service with security policies describing its configuration. At the moment you are trying to simulate the service with ASMX which is not the same as Java one.
Ladislav Mrnka
Yes, I understand. My actual requirement is to build a WCF client in C#.NET which would implement Kerberos Authentication for implementing SSO. This in turn would be consumed by a Java Windows application for Authenticating User and assigning a Kerberos Token. Currently the Java application is not yet ready so I am trying to make this client work with ASMX Web Service only. Later on when tested successfully with ASMX service, I will try to integrate this Client with the Java Application.
Rakesh Nagpal