I have read countless forum posts and articles on this issue and am still unable to find a solution.
I am running a WCF service with the following binding:
<customBinding>
<binding name="BasicBinding">
<security authenticationMode="UserNameOverTransport" />
<textMessageEncoding messageVersion="Soap11" />
<httpsTransport />
</binding>
</customBinding>
Everything is working fine and I am locally able to make requests using the appropriate credentials and the response is served as expected. I have just received information from the consuming client that the Soap security header is causing issues for them:
<s:Header>
<o:Security s:mustUnderstand="1" xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<u:Timestamp u:Id="_0">
<u:Created>2017-12-20T19:17:29.322Z</u:Created>
<u:Expires>2017-12-20T19:22:29.322Z</u:Expires>
</u:Timestamp>
</o:Security>
They inform me that the 'mustunderstand' part is incompatible with their system. I have read that changing to a custom binding will fix it, however as you can see above this has been done and is still showing the security header.
I have read about interceptors and manipulating the response object but I've been unable to see how it all fits together. Has anyone actually solved this problem completely? I am basically looking to remove all header information from the response.
Related
I have a service on a remote machine using secure bindings. All of my service configurations are in config files (and I have checked to make sure the right config files are being adjusted.) I have tried to tell the service to timeout at 3 minutes, but every time I make a request that takes longer than a minute, Postman gives me the generic "Could not get any response" page. (It doesn't even give me an error or a stack trace.) This happens exactly at 1 minute. Yes, I even used the stopwatch on my phone to verify it's exactly a minute.
In a different environment that uses non-secure bindings, I know this particular call takes about 90 seconds. I just need this secure environment to wait a little longer!
I'm sorry if my jargon isn't on key, I'm slightly new at this.
My services config file for the WCF service in question looks like this:
<service name="XXX.SolrIndexService.Host.Services.EventIndexService">
<endpoint address="ajax"
behaviorConfiguration="ServerReadCookie"
binding="webHttpBinding"
bindingConfiguration="webHttpsBinding"
contract="XXX.SolrIndexService.DataContracts.IEventIndexService" />
</service>
The actual binding configuration is here:
<webHttpBinding>
<binding name="webHttpBindingWithJsonP" crossDomainScriptAccessEnabled="true">
<security mode="None" />
</binding>
<binding name="webHttpBindingUnsecure" crossDomainScriptAccessEnabled="true">
<security mode="None" />
</binding>
<binding name="webHttpsBinding" crossDomainScriptAccessEnabled="true"
closeTimeout="00:03:00"
openTimeout="00:03:00"
receiveTimeout="00:10:00"
sendTimeout="00:03:00">
<security mode="Transport" />
</binding>
</webHttpBinding>
These are snippets from the entire configs file, I can post the whole thing if anyone thinks that would be helpful. I also used XXX in place of the client's name just because I'm not sure what the etiquette is with that sort of thing.
I've seen lots of posts regarding WCF timeouts and my general impression is that they're mysterious and picky. I've also checked IIS limits for the site that hosts the service, and it has a general Connection Timeout setting of 120 seconds.
Thanks!
Rather than using postman you should use the WCF Client tool
this might give you more feedback
Turns out in my particular case I was hitting my service through a load balancer. I did not attempt to change any settings on the load balancer. Instead I decided to hit the service using the specific machine that it was hosted on. After doing that, my timeout settings were obeyed and I'm no longer timing out before the call can be completed.
I'm not sure if that will help anyone in the future, it's rather specific, but you never know.
I'm working on a solution with a service generated by WSDL. When I call the service I get a Bad Request-Error. I've enabled tracing and the message sent has the following envelope:
<s:Envelope xmlns:a="http://www.w3.org/2005/08/addressing" xmlns:s="http://www.w3.org/2003/05/soap-envelope">
When I try to use cURL I get an error saying "InputStream does not represent a valid SOAP 1.1 Message" and of course works perfectly fine when I change xmlns:s to use SOAP version 1.1.
In the WSDL the binding is:
<soap:binding transport="http://schemas.xmlsoap.org/soap/http" />
which as, from what I've found, SOAP 1.1.
How can I modify the WSDL or the generated code to send the message with correct SOAP version?
All there was to it was to add textMessageEncoding in the binding
<customBinding>
<binding name="wsHttpEndpointBinding">
<textMessageEncoding messageVersion="Soap11" />
I've looked up and down and I can't seem to find a way to have a simple WCF service (with either basicHttpBinding or wsHttpBinding) authenticate against this sort of config:
<authentication mode="Forms">
<forms cookieless="UseCookies">
<credentials passwordFormat="Clear">
<user name="test" password="pass"/>
</credentials>
</forms>
</authentication>
Basically, I want to hardcode a simple user/pass (don't ask why) and make sure my WCF service uses this.
On the client side I have this:
client.ClientCredentials.UserName.UserName = "test";
client.ClientCredentials.UserName.Password = "pass";
But the credentials do not seem to get passed on. The HttpContext.Current.User.Identity is never authenticated on the WCF side.
I've tried playing with the settings below trying to use everything from None, Transport, Message... but only None seems to let the service run (but no credentials are being sent/used). Other settings seem to require a X509 certificate (as I've found out in this great example).
<wsHttpBinding>
<binding name="userHttp">
<security mode="None">
<message clientCredentialType="UserName"/>
</security>
</binding>
</wsHttpBinding>
So, all in all... I want to create a very simple WCF service (that runs over HTTP - not HTTPS) with even simpler plain text username/password authentication. Should be possible but I am already lost. The best solution involves honoring <user /> entries but I'd be happy with any other simple implementation. It doesn't need to use cookies. As far as I am concerned it may as well send username/password on each service method call.
If you want to send user/pass in the message level without ssl then use ClearUsernameBinding. If you want the same in the transport level then use TransportCredentialOnly.
<binding name="BasicHttpEndpointBinding">
<security mode="TransportCredentialOnly">
<transport clientCredentialType="Windows" />
</security>
</binding>
I am trying to consume a java-based service from .Net 4.0. (C# Console/Windows Service)
I have added the service reference using VS's Add Service Reference Dialog.
The service is hosted on WebSphere 8 and WSDL definition is generated using cxf.
Client app is running on Windows Server 2008 R2 SP1. But I don't think any windows update is applied after SP1.
Problem is from time to time All the calls to service methods return an exception. The error is as follows:
The content type text/xml;charset=UTF8 of the response message does not match the content type of the binding (application/soap+xml; charset=utf-8).
If using a custom encoder, be sure that the IsContentTypeSupported method is implemented properly.
The first 1024 bytes of the response were: '<?xml version="1.0" encoding="UTF-8"?><wsdl:definitions name="MyServiceImplService" targetNamespace="http://impl.webService.myService.com/" xmlns:ns1="http://webService.myService.com/" xmlns:ns2="http://cxf.apache.org/bindings/xformat" xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:soap12="http://schemas.xmlsoap.org/wsdl/soap12/" xmlns:tns="http://impl.webService.myService.com/" xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<wsdl:import location="http://10.1.1.1/myService/webService/myService?wsdl=myService.wsdl" namespace="http://webService.myService.com/"></wsdl:import>
<wsdl:binding name="MyServiceImplServiceSoapBinding" type="ns1:myService">
<soap12:binding style="document" transport="http://schemas.xmlsoap.org/soap/http"></soap12:binding>
<wsdl:operation name="disableCard">
<soap12:operation soapAction="" style="documen'..
Here's my client app's WCF config:
<system.serviceModel>
<bindings>
<customBinding>
<binding name="MyServiceImplServiceSoapBinding">
<textMessageEncoding messageVersion="Soap12" />
<httpTransport />
</binding>
</customBinding>
</bindings>
<client>
<endpoint address="http://10.1.1.1/myService/webService/myService?wsdl"
binding="customBinding" bindingConfiguration="MyServiceImplServiceSoapBinding"
contract="MyServiceReference.myService" name="MyServiceImplPort" />
</client>
</system.serviceModel>
I don't think this has anything to do with WCF configuration since all the methods work fine and all of a sudden, All of them return this exception.
The error seems to show up randomly with no apparent reason. Sometimes after 2 days and ~1,000,000 requests and sometimes after half an hour. But when this exception shows up, every call to the service returns this exception.
On the service side, there's no log that the call even reaches the java application. Seems like WebSphere sends the wsdl definition instead of passing my call to service.
Closing and relaunching the client app does not make the error go away. Only a complete system restart makes the error to disappear. (Update: it seems like removing ?wsdl from the endpoint address, removed the need to restart the system and restarting the client app is enough to make it work again.)
When facing the error, I have called the service methods with Soap UI and got the results with no exception. So there's probably nothing wrong on the service side.
My only guess is that this is a bug in .Net Framework 4.0.
Any help is greatly appreciated.
I created WCF service and testing WCF client using stand alone application. I was able to view this service using Internet Explorer also able to view in Visual studio service references. Here is the error message.
"The content type text/html; charset=UTF-8 of the response message does not match the content type of the binding (text/xml; charset=utf-8)."
Could you please advice what could be wrong?
Thank you.
Since the returned content type is text/html, I suspect your call result in a server-side error outside of WCF (you are receiving an HTML error page).
Try viewing the response with a web debugging proxy such as Fiddler.
(Edit based on comments) :
Based on your comments, I see that your WCF is hosted under Sharepoint 2010, in a form-authenticated site.
The error you are receiving is due to the fact that your your WCF client is NOT authenticated with sharepoint -- it does not have a valid authentication cookie. Sharepoint then return an HTTP Redirect to an html page (the login.aspx page); which is not expected by your WCF client.
To go further you will have to obtain an authentication cookie from Sharepoint (see Authentication Web Service) and pass it to your WCF client.
(Updated edit) :
Mistake: The site is using claim based authentication.
Although this is not necessarily due to cookies or form authentication, the explaination of the provided error message remain the same. An authentication problem cause a redirection to an HTML page, which is not handled by the WCF client.
This may be helpful, check the url rewrite rules in ISS 7. This issue will occur if is you didn't configure rule properly.
It sounds like your application is expecting XML but is receiving plain text. What type of object are you passing in?
text/html is SOAP 1.1 header and Content-Type: application/soap+xml is SOAP 1.2
Verify your bindings and return header.
It should be same either 1.1 or 1.2
Add the following code to the web.config server project
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="basicHttpBinding_IService">
<security mode="Transport">
<transport clientCredentialType="None" proxyCredentialType="None"/>
</security>
</binding>
</basicHttpBinding>
</bindings>
<services>
<service name="Service">
<endpoint address="" name="BasicHttpBinding_IService"
binding="basicHttpBinding"
bindingConfiguration="basicHttpBinding_IService"
contract="IService" />
</service>
then update client web service,After the update, the following changes are made web.config
<bindings>
<basicHttpBinding>
<binding name="BasicHttpBinding_IService">
<security mode="Transport" />
</binding>
</basicHttpBinding>
</bindings>
<endpoint address="https://www.mywebsite.com/Service.svc"
binding="basicHttpBinding" bindingConfiguration="BasicHttpBinding_IService"
contract="Service.IService" name="BasicHttpBinding_IService" />
I hope to be useful
i was getting this error in NavitaireProvider while calling BookingCommit service (WCF Service Reference)
so, when we get cached proxy object then it will also retrived old SigninToken which still may not be persisted
so that not able to authenticate
so as a solution i called Logon Service when i get this exception to retrieve new Token