wcf-security

Why doesn't WSDL from WCF service include the custom binding for the STS?

I'm writing a C# WCF service that publishes an endpoint using a WSHttpFederationBinding. We have our own security token server providing tokens, for which callers need to use a custom binding. This is all working fine for a C# client I've written: this has a custom binding in its app.config like so: <bindings> <customBinding> <bi...

How to obtain a working X509Certificate for my WCF Service hosting

I am in the process of hosting my WCF services in my asp.net hosting account and I want to use X509Certificate for authentication of communication. Where do I get a certificate in this instance? Make one and then Ftp it to my account? If yes, how do I reference this certificate for use. If No, how do I get one for use please? Do I need t...

WCF UserName authentication and fault contracts

I have a WCF service configured to use custom UserName validation via the overriden Validate() method of the System.IdentityModel.Selectors.UserNamePasswordValidator class. All methods of the contract have been decorated with the FaultContractAttribute to specify a custom SOAP fault as being returnable. When throwing FaultException<T>,...

Trying to get WCF to communicate cross-domains

I'm trying to get two WCF services to communicate with each other in a cross-domain environment such that .NET web application calls service A on Server A in DMZ. Service A then calls Service B via SSL on Server B which is located in a secure Domain. I'm currently able to get Service B up and running fine. I'm able to make calls to ...

Debugging a netTcp WCF binding

I have a netTcp WCF service running in a windows service on a remote machine. The windows service is running as user mydomain\u2 The .config file for the windows service hosted WCF is <security mode="None"> <transport clientCredentialType="None" /> <message clientCredentialType="None" /> </security> Now when ...

Authentification in WCF service.

I have a WCF service deployed on another machine and I want to authenticate the client against the WCF service. I have done the following things : 1) In IIS I have unchecked the Anonymous access and checked the "Integrated Windows Authenfication" check box. 2) My Web config <authentication mode="Windows" /> <bindings> <basicH...

Trying to understand the lifetime of the AuthorizationContext object

Hello, I have a simple authorization setup that checks for certain configured active directory roles in a custom authorization policy (IAuthorizationPolicy) - and adds claims if those roles are possessed. On top of that, I have a subclass of ServiceAuthorizationManager which overrides CheckAccessCore. It verifies possession of some of...

What is the best suited authentication technique for this scenario ?

Please suggest me the best authentication way to implement in the scenario mentioned below: The requirement is I have to deploy a WCF web service in multiple countries across the world. NOTE : All the machines on which the service is deployed are on the same domain. 1.The clients that access this service should fall in the same domain...

Security settings for this service require 'Anonymous' Authentication but it is not enabled for the IIS application that hosts this service.

I am using IIS V5.1. Integrated windows authentication I have a following web config: <system.serviceModel> <bindings> <wsHttpBinding> <binding name="wsHttpEndpointBinding"> <security mode="Transport" /> </binding> </wsHttpBinding> </bindings> <services> <service behaviorConfigura...

How to Configure the Virtual Directory to Require SSL ?

I am using IIS V5.1 I have wcf service application for which I am using security mode = Transport. and wshttpbinding. How can I Configure the Virtual Directory to Require SSL ? ...

Obtaining ClientCredentials from WCF operation

My WCF Service uses a custom credentials validator for custom Message-based security, because I want to ensure each client calling an operation on my web service has a corresponding username and password in my database. Imports System.IdentityModel.Selectors Imports System.IdentityModel.Tokens Public Class CredentialsValidator Inhe...

Can not call web service with basic authentication using WCF

I've been given a web service written in Java that I'm not able to make any changes to. It requires the user authenticate with basic authentication to access any of the methods. The suggested way to interact with this service in .NET is by using Visual Studio 2005 with WSE 3.0 installed. This is an issue, since the project is already ...

Why isn't the Identities property passed to my custom IAuthorisationPolicy?

I'm trying to set up a custom IAuthorisationPolicy that I can give to ServiceAuthorizationBehaviour to install my own IPrincipal implementation. I've followed the instructions here, and written a test that verifies that this works when self-hosting using a NetNamedPipes binding. The problem is, when I try to use this hosted under IIS t...

WCF Security - Data origin security

I have a web service implemented in WCF. This service is only going to be called by a single client, a site with a static IP address. I would like to implement simple security that would verify that all calls to the service are only valid if they came from this particular static IP. What is the best way to do this? ...

WS-Security overhead when using message security

The following is a message logged in Microsoft Service Trace Viewer. I believe it represents a single call to a parameterless method that has an integer return value on a WCF Service (with WsHttpBinding). I am using message level security (with username credentials) and created a development server certificate to get this to work. I am b...

Creating a custom binding in WCF from an existing nettcpbinding

Can anyone tell me how to create a custom binding that reproduces the exact same behavior from the following in WCF? <netTcpBinding> <binding name="SecureTcp" > <security mode="TransportWithMessageCredential"> <transport clientCredentialType="Certificate" /> <message clientCredentialType="UserN...

WCF Pass extra security data through all service calls

Client side I need to pass a piece of information (for this example lets say a string) to every service call I make. The services use this string (currentRole) along with user/pass credentials to retrieve a user's set of claims associated w/their current role. The solutions I have come across thus far are: 1) Modify message headers as...

Programmatically installing certificate revocation list C#

I am using C#/WCF. I have a web service which shall be invoked by the client. This is the service definition: And this is the binding If I understand this correctly, the messages sent from server to client are encrypted with a certificate. Currently I ...

WCF - There was no endpoint listening at net.tcp://..../Querier.svc that could accept the message

WCF - There was no endpoint listening at net.tcp://myserver:9000/SearchQueryService/Querier.svc that could accept the message. I have the net.tcp protocol enabled on the IIS application Windows firewall is off The net.tcp binding is set to port 9000 for the entire IIS application. My web.config is very standard: <system.serviceMode...

how to limit access to a silverlight-enabled data service?

Hello all. We have a Silverlight app which we wrote which calls a Silverlight-enabled data service. The Silverlight app cannot require a login, as it is required to present data to the unauthenticated public. We have some schmoe who took the time to examine our Silverlight app, one way or another figure out what service it is calling, ...