wcf-security

Which authentication mode of basichhtpbinding can be used to secure a WCF Service using Streaming?

Hi all, Details about my service: A file upload service Transfermode is set to stream Service is hosted in IIS 7. I need to provide secuirty to my service. I have tried with ntlm and windows secuirty.I was getting the following error when i am trying to secure my service "HTTP request streaming cannot be used in conjunction with H...

How to enable certificate authentication mode for basichttpbinding?

Hi all, I need to enable the security for my service using basichttpbinding with the authentication mode set to "Certificate" . So far i have used the default windows certificate for my service by mentioning it on IIS and made the url to "https" What are all the procedures/steps to enable the certificate authentication for basichttpbi...

WCF Message Security With Service Certificate Only

I'm new to WCF, and wanted to know if it is possible to do Message Security, where I use a x.509 certificate for the service only, and for client security do windows credentials, is this acceptable, does it work? Tried searching the web, but either no discuss on this approach exists, or I have put the wrong wording in my google search, ...

OASIS SW-Security with WCF

Hi everybody, I need to implement a SOAP WS client talking to a server which has some sort of OASIS WS-Security. Basically the security header should contain three items: 1. BinaryToken - holding the certificate 2. UsernameToken - username 3. Signature I've managed to put the Signature in the header, but no luck with the other two fie...

WCF How can I set clientCredentialType on custom binding

I'm using the excellent DuplexHttpBinding. I now want to extend it so that I can use transport security with message credentials. I have some normal BasicHttpBindings set up in this mode like so: <basicHttpBinding> <binding name="BasicHttpBinding_Custom"> <security mode="TransportWithMessageCredential"> <message client...

WCF Security and config help - base address for https not found

Hi All, I'm getting this error in my event log for a Windows hosted service. Service cannot be started. System.InvalidOperationException: Could not find a base address that matches scheme https for the endpoint with binding BasicHttpBinding. Registered base address schemes are [http]. This service has always worked unt...

WCF Web Service and Data Service using SAML

I have WinForms and ASP.Net applications that need to access WCF Web and Data services using a SAML token. I've been looking at Windows Identity Foundation (WIF) to enable the WCF service to use SAML tokens from an STS-IP. On the client, do I make a call to the STS and get a SAML token, then pass the token to the WCF service? if so, h...

How to save encrypted and signed messages in WCF for audit

We are building a highly sensitive system, you can think of it as a banking system, where you have a client with a certificate that calls a WCF service to send a transaction to the server. staying in the example of the banking system, that transaction can be a wire order or a debit. So for audit and in case of litigation by the client ...

WCF security between WinForms client and Shared Host webserver

Ok, I have developed this WinForms client, which interacts with a server (ASPX Application) by means of WCF calls. I would now like to deploy the server to my shared webhost, but I'm kinda new to WCF and especially the security possibilities behind it. The goal is to kind of secure the WCF service, so that not everybody that knows or f...

Identifying WCF Client ID

I have a WCF web service that exposes several business methods. I also have two clients - an asp.net GUI and a data migration application that both connect to the wcf backend to invoke various business transactions. I need my backend to be able to identify and distinguish between which wcf client has made a call to some variant logic. ...

Can we use windows authentication on streamed mode?

Hi pals, I have a WCf service to handle file upload. I have enabled the transfer mode as streamed to send large file of data. I ma bale to achieve till 300 mb. Now i need to provide the security for my service. I have implemented the ntlm authentication for my service. When i hosted it on IIS and enabled the Integrated windows authent...

WCF service which supports several security options

Hi there I was wondering whether it's possible to configure different security options for a single web service without differentiation of the URI. The service should support authentication based on Certificate on the Transport level and based on Username on the Message level. When I define two endpoints where each references its corres...

Impersonation using WCF

Hi, I am trying to expose via WCF Web services, functions that access SQL server (via Entity Framework) using the user's credentials (this is a client/dba requirement because of audit triggers etc. Gave up trying to convince them not to use user's credentials) I am having trouble getting WCF to implement impersonation. (in fact its bee...

WCFTestClient - how can I add username and pass?

Hi All, I'm using the WCFTestClient to debug a service. This normally works like a charm. This particular service is using SSL and I need to pass the user name and password. I can right click and edit the config file, but I do not see a place where I can inject the user name and password. On the normal client app for this service, we pro...

Wcf self hosted service with X.509 certificate connection error

I have a self hosted Wcf service running on Windows XP and am attempting to use Certificates for message security. This is being done via the service and client config files. Both service and client are running on the same machine and I have created certificates for both using makecert.exe. This worked fine when I had clientCredential...

wcf exception - Security processor was unable to find a security header in the message.

Hi, I have a c# application that uses WCF. when I'm trying to approach to a server method I'm getting an exception in the client side (when using diagnostics): Security processor was unable to find a security header in the message. This might be because the message is an unsecured fault or because there is a binding mismatch ...

WCF: How to use AllowInsecureTransport

Within the context of .NET 4 WCF, I am attempting to use the new AllowInsecureTransport attribute so that I can use my custom authentication without using SSL (in our development environment only - we are using SSL in production). My bindings config looks like: <bindings> <wsHttpBinding> <binding name="CustomAuthentication"> ...

Problem in Hosting WCF Service using wsHttpBinding in IIS

I am trying to host my service using following configuration. <system.serviceModel> <services> <service name="Test.MyService" behaviorConfiguration="MyServiceBehavior"> <!-- Service Endpoints --> <endpoint address="MyTestService" binding="wsHttpBinding" bindingConfiguration="WebserviceHttpBin...

WCF Client Impersonation

Can someone point me to a [relatively] simple walk-through on how to properly configure an ASP.Net hosted WCF 4.0 service to impersonate the credentials of a caller for just certain methods of the service, but allow anonymous access to other methods? I've been reading a lot about this on MSDN, but the more I read, the more confused I ge...

Why isn't my IAuthorizationPolicy setting the Thread.CurrentPrincipal with my CustomPrincipal?

For my WCF services I've implemented an IAuthorizationPolicy and hooked it up (and can confirm that it's being used). In the Evaluate() method I am setting a custom principal like so: evaluationContext.Properties["Principal"] = myCustomPrincipal; However, when the service is invoked, Thread.CurrentPrincipal is a GenericPrincipal! My...