Am I correct in understanding that a WCF Service could be setup with "Transport Security", + "Certificate Authentication" and without a "Client Certificate" installed client side? My scenario would be: WCF Services on Remote Server Windows Forms Client shipped potentially to hundreds of users (authenticates users (against DB) and per...
My question is in regards to the best (aka "least painful") way to secure access to a WCF service that is only exposed to our company's internal users. The goal is to ensure that the service is only accessed via a single windows forms application that each of our users has installed. When the service is called, I want the service to be a...
I have an existing asp.net application that talks to load balanced wcf services (iis hosted, in app pool running under account configured as servicePrincipalName, etc.). The wcf services return a few custom faults, all defined with FaultContract(typeof(x), ProtectionLevel = ProtectionLevel.None) -- these services are not exposed to the p...
I have a simple web service whereby the security is handled via forms based authentication. WCFTestService.ServiceClient myService = new WCFTestService.ServiceClient(); myService.ClientCredentials.UserName.UserName = "user"; myService.ClientCredentials.UserName.Password = "secret"; lblResult.Text = myService.GetData(1231); myS...
I have an existing working WPF Application in which I have implemented my own custom authentication to a backend WCF service. When I access this service from WPF, setup the ServiceProxy as follows: proxy.ClientCredentials.UserName.UserName = "test"; proxy.ClientCredentials.UserName.Password = "pass"; and because I'm using HTTPS the ui...
Can anyone provide some links to good information on setting up Silverlight 2.0 to authenticate to a WCF Service through ASP.NET Forms Authentication? ...
I have a .Net 3.5 SP1 WCF service running under IIS 7 on a Windows 2008 machine. When I try to connect to this service from an IIS hosted WCF service running under IIS 5.0 (Windows XP) .Net 3.5 SP1, I get the following error: The token provider cannot get tokens for target: http://(URL for WCF service) I've built a simple console appl...
All, I have a WCF web service (let's called service "B") hosted under IIS using a service account (VM, Windows 2003 SP2). The service exposes an endpoint that use WSHttpBinding with the default values except for maxReceivedMessageSize, maxBufferPoolSize, maxBufferSize and some of the time outs that have been increased. The web service...
[I know this is quite subjective, and dependant on various considerations, so I'm just finishing for ideas to see what people think on the subject, and what considerations they are taking...] We have an asp.net application exposed publicly (username/password authentication required), which, in turn, uses a set of WCF services in the bac...
I've written simple WCF service using netTcpBinding and security mode="Message" and clientCredentialType="UserName". Everythink works fine when I pass valid username and password, session is established the way I wanted. However when the credentials are wrong exception is thrown though I can't catch it in my client application in try cat...
Hi, First of all I apologize for my english... Then: I have a problem! I wrote the code for a simple WCF Service and with the configuration #1 all works fine. Conf #1 - server <configuration> <system.serviceModel> <services> <service name="WCFservice.Service" behaviorConfiguration="WCFservice.ServiceBehav...
I have a WCF web service that I am hosting in IIS (actually running within the Visual Studio web host i.e. Cassini). I have a file that I have to access in the root of the web directory from the service, and am having trouble figuring out the user identity that the service accesses the directory as. I've given permission to ASPNET, NET...
Hi! First of all I apologize for my english... As I wrote in title I need to secure my WCF Service. I always used message security mode using ClientCredentialType="Certificate", checking in this way: <serviceCertificate findValue="cn=abc" storeLocation="LocalMachine" storeName="TrustedPeople" x509FindType="FindBySubjectDistinguishedName...
Hope someone can help! I am calling a WCF service using JSON but I am not able to get the user credentials out. We are using Kerberos so IIS is setup as the following: Server-side tasks: IIS server is member of domain Set IIS server computer account in AD Users & Computers MMC as "Trusted for Delegation" IIS Server must be rebooted f...
I have a WCF service which is secured with username and password (using SqlMembershipProvider). I'd like to log EVERY (succeeded and failed) login attempt to this service and save user credentials to the database using Logging Application Block. When I turn on WCF logging and trace it with Logging Application Block, i get something like ...
Hi, as in title I want to see the code of the messages exchanged in local testing. I want to do it to ensure that they are really encrypted as I set to do. Can someone help me? Thanks, Alberto ...
Is it possible to impersonate a client's identity when invoking a netTcp endpoint operation via configuration? There is a section within the WCF config client as shown below: <client> <endpoint address="net.tcp://localhost:8081/tcpExample" binding="netTcpBinding" bindingConfiguration="myTcpBinding" contract="TestTcp.IHelloTc...
Can i get the requester windows IPrincipal when he comsume WCF service? ...
I have been searching n the web on how and if it is possible to verify that the calling application is digitally signed with the correct certificate. This is for internal use for my corporation. we want to digitally sign our applications and only let our digitally signed applications to access our wcf services. is this a configuration o...
how to encrypt soap message in silverlight.. i am currently looking for ideas... as silverlight doesn't support WCF Message Security.. i have gone through a post by Peter Bromberg but it is also not discussing the idea about when how to exchange public/private keys or sort of... ...