I have a basic WCF library project which I am trying to host in console application. The Program.cs file's Main method is as given below:
static void Main(string[] args)
{
// Create a binding and set the security mode to Message.
BasicHttpBinding b = new BasicHttpBinding();//WSHttpBinding(SecurityMode.Message);
Type contractType = typeof(SecureWCFLib.IService1);
Type implementedContract = typeof(SecureWCFLib.Service1);
Uri baseAddress = new Uri("http://localhost:8733/Design_Time_Addresses/SecureWCFLib/Service1/");
ServiceHost sh = new ServiceHost(implementedContract, baseAddress);
sh.AddServiceEndpoint(contractType, b, "Service1");
ServiceMetadataBehavior sm = new ServiceMetadataBehavior();
sm.HttpGetEnabled = true;
sh.Description.Behaviors.Add(sm);
sh.Open();
Console.WriteLine("Listening");
Console.ReadLine();
sh.Close();
}
I have another console application which acts as a client. I am trying to consume the service in Program.cs as given below:
static void Main(string[] args)
{
IService1 productChannel = null;
EndpointAddress productAddress = new EndpointAddress("http://localhost:8733/Design_Time_Addresses/SecureWCFLib/Service1/");
productChannel = ChannelFactory<IService1>.CreateChannel(new BasicHttpBinding(), productAddress);
string result = productChannel.GetData(123);
Console.WriteLine(result);
Console.Read();
}
But I get exception as
{"The remote server returned an error: (404) Not Found."}
Please let me know what I am doing wrong over here.
EndpointAddress productAddress = new EndpointAddress("http://localhost:8733/Design_Time_Addresses/SecureWCFLib/Service1/Service1");
add Services1 to the end of constructor parameter.
client endpointaddress = serviceshost_baseAddress + relative address.
Your code is equale to configuration:
<service name="SecureWCFLib.Service1">
<host>
<baseAddresses>
<add baseAddress="http://localhost:8733/Design_Time_Addresses/SecureWCFLib/Service1/" />
</baseAddresses>
</host>
<endpoint address="Service1" binding="basicHttpBinding" contract="SecureWCFLib.IService1">
</endpoint>
<behaviors>
<!--......-->
<behaviors>
</service>
If you want have access to your web service on IIS express by other clients , you must grant remote access to IIS express's port.
Please see below link .
http://johan.driessen.se/posts/Accessing-an-IIS-Express-site-from-a-remote-computer
http://www.iis.net/learn/extensions/using-iis-express/handling-url-binding-failures-in-iis-express
Related
I am completely new to this Microsoft Dynamics AX 2012 tool and WCF service. I have a self hosted WCF service, where it takes AX 2012 service wsdl URL, AX server domain name, user name and password as inputs and will try to download metadata of this wsdl url without any user authentication mechanism in place.
MY AX 2012 service WSDl URL below:
http://####:8##1/DynamicsAx/Services/TestService?wsdl ---> WSDLEndpoint
I am dynamically creating WSHttpBinding, MetadataExchangeClient and assigned all it's properties and passed my wsdl endpoint.
Below is my sample code :
var binding = new WSHttpBinding(SecurityMode.None) { MaxReceivedMessageSize = int.MaxValue, MaxBufferPoolSize = int.MaxValue };
var mexClient = new MetadataExchangeClient(binding)
{
ResolveMetadataReferences = true,
MaximumResolvedReferences = int.MaxValue,
OperationTimeout = TimeSpan.FromSeconds(TimeOutInSeconds),
HttpCredentials =
new NetworkCredential(Username, Password, Domain)
};
mexClient.GetMetadata(new Uri(WSDLEndpoint), MetadataExchangeClientMode.HttpGet);
Log.Info("Metadata successfully downloaded.");
But above code won't bother about user credentials validation, it directly downloads metadata out of the WSDL URL, but I am looking to validate user credentials and after successful authentication, will download metadata.
Please help me with some authentication approach to introduce on top of wshttpbinding that supports cross platforms.
I don’t fully understand your meaning. Are you trying to create a WCF service with custom username/password authentication? This requires that we configure a certificate on the server-side. I created an example, wishing it is instrumental for you.
Server-side.
class Program
{
static void Main(string[] args)
{
Uri uri = new Uri("http://localhost:21011");
WSHttpBinding binding = new WSHttpBinding();
binding.Security.Mode = SecurityMode.Message;
binding.Security.Message.ClientCredentialType = MessageCredentialType.UserName;
using (ServiceHost sh = new ServiceHost(typeof(MyService), uri))
{
sh.AddServiceEndpoint(typeof(IService), binding, "");
ServiceMetadataBehavior smb;
smb = sh.Description.Behaviors.Find<ServiceMetadataBehavior>();
if (smb == null)
{
smb = new ServiceMetadataBehavior()
{
HttpGetEnabled = true
};
sh.Description.Behaviors.Add(smb);
}
sh.Credentials.ServiceCertificate.SetCertificate(StoreLocation.LocalMachine, StoreName.My, X509FindType.FindByThumbprint, "5ba5022f527e32ac02548fc5afc558de1d314cb6");
Binding mexbinding = MetadataExchangeBindings.CreateMexHttpBinding();
sh.AddServiceEndpoint(typeof(IMetadataExchange), mexbinding, "mex");
sh.Opened += delegate
{
Console.WriteLine("Service is ready");
};
sh.Closed += delegate
{
Console.WriteLine("Service is clsoed");
};
sh.Open();
Console.ReadLine();
//pause
sh.Close();
Console.ReadLine();
}
}
}
[ServiceContract]
public interface IService
{
[OperationContract]
string Test();
}
public class MyService : IService
{
public string Test()
{
return DateTime.Now.ToString();
}
}
On the Client-side, we create a client proxy by adding service reference.
ServiceReference1.ServiceClient client = new ServiceClient();
client.ClientCredentials.UserName.UserName = "administrator";
client.ClientCredentials.UserName.Password = "abcd1234!";
var result = client.Test();
Console.WriteLine(result);
The configuration automatically generated on the client-side.
<system.serviceModel>
<bindings>
<wsHttpBinding>
<binding name="WSHttpBinding_IService">
<security>
<message clientCredentialType="UserName" />
</security>
</binding>
</wsHttpBinding>
</bindings>
<client>
<endpoint address="http://10.157.13.69:21011/" binding="wsHttpBinding"
bindingConfiguration="WSHttpBinding_IService" contract="ServiceReference1.IService"
name="WSHttpBinding_IService">
<identity>
<certificate encodedValue="blabla… " />
</identity>
</endpoint>
</client>
</system.serviceModel>
In the above example, the client should provide username/password to be authenticated by the server so that call the remote service.
https://learn.microsoft.com/en-us/dotnet/framework/wcf/feature-details/message-security-with-a-user-name-client
Feel free to let me know if there is anything I can help with.
I'm experiencing a problem with WCF client connections using a self-created certificate.
Certificate created as follows:
Makecert -r -pe -n "CN=MySslSocketCertificate" -b 01/01/2015 -e 01/01/2025 -sk exchange -ss my
Server code:
Public Sub StartWcfServer()
Dim binding As New NetTcpBinding()
binding.Security.Mode = SecurityMode.Transport
binding.Security.Transport.ProtectionLevel = Net.Security.ProtectionLevel.EncryptAndSign
binding.Security.Transport.ClientCredentialType = TcpClientCredentialType.Certificate
binding.TransferMode = TransferMode.Streamed
Dim baseAddress As New Uri($"net.tcp://192.168.1.1:1234/WcfServer")
_serviceHost = New ServiceHost(GetType(WcfServer), baseAddress)
_serviceHost.Credentials.ServiceCertificate.SetCertificate(StoreLocation.CurrentUser, StoreName.My, X509FindType.FindByIssuerName, "MySslSocketCertificate")
_serviceHost.Credentials.ClientCertificate.Authentication.RevocationMode = X509RevocationMode.NoCheck
_serviceHost.Credentials.ClientCertificate.Authentication.CertificateValidationMode = ServiceModel.Security.X509CertificateValidationMode.None
_serviceHost.Credentials.ClientCertificate.Authentication.TrustedStoreLocation = StoreLocation.CurrentUser
ServicePointManager.ServerCertificateValidationCallback = New RemoteCertificateValidationCallback(AddressOf ValidateServerCertificate)
ServicePointManager.SecurityProtocol = SecurityProtocolType.Ssl3 Or SecurityProtocolType.Tls12
_serviceHost.AddServiceEndpoint(GetType(IWcfServer), binding, baseAddress)
_serviceHost.Open()
End Sub
Private Function ValidateServerCertificate(sender As Object, certificate As X509Certificate, chain As X509Chain, sslPolicyErrors As SslPolicyErrors) As Boolean
Return True
End Function
Client code:
private void InitialiseWcfClient()
{
var binding = new NetTcpBinding();
binding.Security.Mode = SecurityMode.Transport;
binding.Security.Transport.ProtectionLevel = System.Net.Security.ProtectionLevel.EncryptAndSign;
binding.Security.Transport.ClientCredentialType = TcpClientCredentialType.None;
binding.TransferMode = TransferMode.Streamed;
var url = $"net.tcp://192.168.1.1:1234/WcfServer";
var address = new EndpointAddress(url);
var channelFactory = new ChannelFactory<IWcfServer>(binding, address);
WcfServer = channelFactory.CreateChannel();
}
// call to server which causes the error
WcfServer.CallMethod();
Client-side error:
System.IdentityModel.Tokens.SecurityTokenValidationException: 'The X.509 certificate CN=MySslSocketCertificate chain building failed. The certificate that was used has a trust chain that cannot be verified. Replace the certificate or change the certificateValidationMode. A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider.
Server-side error:
System.Security.Authentication.AuthenticationException: 'The remote certificate is invalid according to the validation procedure.'
Bro,regardless of whether we specify the Authencation mode on the server-side, we should establish the trust relationship between the server and the client when authenticating the client with a certificate.
Namely, we should install the server certificate on the client-side and install the client certificate on the server side. Based on the authentication mode value, the certificate installation place is difference, commonly we should install it in the Local CA. Besides, considering some access permission issues, we had better install the certificate in Local machine store location other than Current User.
Also, when we explicitly specify the security mode to Transport, we should provide a certificate on the server side.
sh.Credentials.ServiceCertificate.SetCertificate(StoreLocation.LocalMachine, StoreName.My, X509FindType.FindByThumbprint, "cbc81f77ed01a9784a12483030ccd497f01be71c");
At the same time, the client is supposed to provide a certificate to represent identity.
factory.Credentials.ClientCertificate.SetCertificate(StoreLocation.LocalMachine, StoreName.My, X509FindType.FindByThumbprint, "9ee8be61d875bd6e1108c98b590386d0a489a9ca");
I have made a demo, ,wish it is helpful to you.
Server.
class Program
{
static void Main(string[] args)
{
using (ServiceHost sh = new ServiceHost(typeof(MyService)))
{
sh.Credentials.ServiceCertificate.SetCertificate(StoreLocation.LocalMachine, StoreName.My, X509FindType.FindByThumbprint, "cbc81f77ed01a9784a12483030ccd497f01be71c");
sh.Open();
Console.WriteLine("serivce is ready....");
Console.ReadLine();
sh.Close();
}
}
}
[ServiceContract]
public interface IService
{
[OperationContract]
string Test();
}
public class MyService : IService
{
public string Test()
{
return DateTime.Now.ToString();
}
}
App.config(Server side)
<system.serviceModel>
<services>
<service name="VM1.MyService">
<endpoint address="" binding="netTcpBinding" contract="VM1.IService" bindingConfiguration="mybinding">
</endpoint>
<endpoint address="mex" binding="mexTcpBinding" contract="IMetadataExchange" ></endpoint>
<host>
<baseAddresses>
<add baseAddress="net.tcp://localhost:5566"/>
</baseAddresses>
</host>
</service>
</services>
<bindings>
<netTcpBinding>
<binding name="mybinding">
<security mode="Transport">
<transport clientCredentialType="Certificate"></transport>
</security>
</binding>
</netTcpBinding>
</bindings>
<behaviors>
<serviceBehaviors>
<behavior>
<serviceMetadata />
</behavior>
</serviceBehaviors>
</behaviors>
</system.serviceModel>
Client.
class Program
{
static void Main(string[] args)
{
Uri uri = new Uri("net.tcp://vabqia969vm:5566");
NetTcpBinding binding = new NetTcpBinding();
binding.Security.Mode = SecurityMode.Transport;
binding.Security.Transport.ClientCredentialType = TcpClientCredentialType.Certificate;
ChannelFactory<IService> factory = new ChannelFactory<IService>(binding, new EndpointAddress(uri));
factory.Credentials.ClientCertificate.SetCertificate(StoreLocation.LocalMachine, StoreName.My, X509FindType.FindByThumbprint, "9ee8be61d875bd6e1108c98b590386d0a489a9ca");
IService service = factory.CreateChannel();
try
{
var result = service.Test();
Console.WriteLine(result);
}
catch (Exception)
{
throw;
}
}
}
[ServiceContract]
public interface IService
{
[OperationContract]
string Test();
}
Result.
One more thing must be noted that we should ensure the client certificate have the client authentication Intended purposes.
Feel free to let me know if there is anything I can help with.
I've searched thoroughly, and found several answers to this problem, but none of them apply.
I have a .NET 4.0 WCF service hosted by windows services using a named pipe endpoint. This is set to start automatically on boot. I have a client that consumes the service.
When the server is rebooted, the service will start normally, but the client will get the following error:
1: There was no endpoint listening at net.pipe://localhost/WCFSQLService/ that could accept the message. This is often caused by an incorrect address or SOAP action. See InnerException, if present, for more details.
2: The pipe endpoint 'net.pipe://localhost/WCFSQLService/' could not be found on your local machine.
If the client and service are both restarted, the problem resolves itself.
As others have pointed out, both the Net.Pipe Listener Adapter is running and the WCF Non-HTTP Activation is checked:
We've even tried setting the service to delayed start, but no joy. One would assume it was something wrong with the endpoint or config or normal WCF stuff, but when the service and client are both restarted everything works. Additionally, this only happens on 1 machine. If necessary I can provide endpoint information and code.
Client:
NetNamedPipeBinding binding = new NetNamedPipeBinding();
EndpointAddress endpoint = new EndpointAddress(endpointAddress);
ChannelFactory<IWCFSQLService> channel = new ChannelFactory<IWCFSQLService>(binding, endpoint);
IWCFSQLService client = channel.CreateChannel();
// do client calls
channel.Close();
Host
class Program
{
static void Main(string[] args)
{
ServiceBase[] servicesToRun = new ServiceBase[]
{
new WinServiceHost(),
};
ServiceBase.Run(servicesToRun);
}
}
public class WinServiceHost : ServiceBase
{
private readonly ServiceManager serviceManager = new ServiceManager();
protected override void OnStart(string[] args)
{
base.OnStart(args);
serviceManager.OpenHost<MyService>();
}
protected override void OnStop()
{
base.OnStop();
serviceManager.CloseAll();
}
}
public class ServiceManager
{
private readonly List<ServiceHost> serviceHosts = new List<ServiceHost>();
public void CloseAll()
{
foreach (ServiceHost serviceHost in serviceHosts)
{
serviceHost.Close();
}
}
public void OpenHost<T>()
{
Type type = typeof(T);
ServiceHost serviceHost = new ServiceHost(type);
serviceHost.Open();
serviceHosts.Add(serviceHost);
}
}
config
<system.serviceModel>
<services>
<service behaviorConfiguration="behaviorConfig" name="MyService">
<endpoint address="" binding="netNamedPipeBinding" bindingConfiguration="clientNamedPipeBinding"
contract="IMyService">
<identity>
<dns value="localhost" />
</identity>
</endpoint>
<host>
<baseAddresses>
<add baseAddress="net.pipe://localhost/MyService" />
</baseAddresses>
</host>
</service>
</services>
<bindings>
<netNamedPipeBinding>
<binding name="clientNamedPipeBinding">
<readerQuotas maxArrayLength="65536" maxBytesPerRead="65536" />
</binding>
</netNamedPipeBinding>
</bindings>
<behaviors>
<serviceBehaviors>
<behavior name="behaviorConfig">
<serviceMetadata httpGetEnabled="false" httpGetUrl="" />
<serviceDebug includeExceptionDetailInFaults="true" />
<serviceSecurityAudit auditLogLocation="Application" suppressAuditFailure="true" serviceAuthorizationAuditLevel="Failure" messageAuthenticationAuditLevel="SuccessOrFailure" />
</behavior>
</serviceBehaviors>
</behaviors>
</system.serviceModel>
Maybe the server is killing the named pipe? Try to re-open the channel on the client periodically until it recovers maybe.
I'm busy writing a file server/client tool that basically uses a hosted Service to send and receive data to and from the server. Since this solution will be used by many different people, its not really advisable to have them go and edit the App.Config file for their setup. What I would like to do is change this at runtime so that the user(s) have full control over the settings to use. So, this is my App.Config file:
<system.serviceModel>
<services>
<service name="FI.ProBooks.FileSystem.FileRepositoryService">
<endpoint name="" binding="netTcpBinding"
address="net.tcp://localhost:5000"
contract="FI.ProBooks.FileSystem.IFileRepositoryService"
bindingConfiguration="customTcpBinding" />
</service>
</services>
<bindings>
<netTcpBinding>
<binding name="customTcpBinding" transferMode="Streamed" maxReceivedMessageSize="20480000" />
</netTcpBinding>
</bindings>
</system.serviceModel>
What I would like to do is to change only the address (in this example, net.tcp://localhost:5000) when the application is executed. So I must be able to read the current value and display that to the user, and then take their input and save it back into that field.
The test below may help you. Essentially the steps are
Instantiate an instance of the host that reads the configuration from the .config file;
Create a new instance of EndpointAddress using the same configuration as the old one, but changing the uri and assign it to the Address property of your ServiceEndpoint.
[TestMethod]
public void ChangeEndpointAddressAtRuntime()
{
var host = new ServiceHost(typeof(FileRepositoryService));
var serviceEndpoint = host.Description.Endpoints.First(e => e.Contract.ContractType == typeof (IFileRepositoryService));
var oldAddress = serviceEndpoint.Address;
Console.WriteLine("Curent Address: {0}", oldAddress.Uri);
var newAddress = "net.tcp://localhost:5001";
Console.WriteLine("New Address: {0}", newAddress);
serviceEndpoint.Address = new EndpointAddress(new Uri(newAddress), oldAddress.Identity, oldAddress.Headers);
Task.Factory.StartNew(() => host.Open());
var channelFactory = new ChannelFactory<IFileRepositoryService>(new NetTcpBinding("customTcpBinding"), new EndpointAddress(newAddress));
var channel = channelFactory.CreateChannel();
channel.Method();
(channel as ICommunicationObject).Close();
channelFactory = new ChannelFactory<IFileRepositoryService>(new NetTcpBinding("customTcpBinding"), oldAddress);
channel = channelFactory.CreateChannel();
bool failedWithOldAddress = false;
try
{
channel.Method();
}
catch (Exception e)
{
failedWithOldAddress = true;
}
(channel as ICommunicationObject).Close();
Assert.IsTrue(failedWithOldAddress);
}
you can create the service instance providing a configuration name and endpoint. So you can use;
EndpointAddress endpoint = new EndpointAddress(serviceUri);
var client= new MyServiceClient(endpointConfigurationName,endpoint )
look at msdn article.
I'm trying to add ad-hoc discovery to a simple WCF service-client setup (currently implemented by self hosting in a console app). Debugging using VS2010 on windows 7, and doing whatever I can find in online tutorial, but still - the discovery client simply finds nothing. Needless to say if I open a client to the correct service endpoint I can access the service from the client.
service code:
using (var selfHost = new ServiceHost(typeof(Renderer)))
{
try
{
selfHost.Open();
...
selfHost.Close();
service app.config:
<?xml version="1.0"?>
<configuration>
<system.serviceModel>
<services>
<service name="TestApp.Renderer">
<host>
<baseAddresses>
<add baseAddress="http://localhost:9000" />
</baseAddresses>
</host>
<endpoint address="ws" binding="wsHttpBinding" contract="TestApp.IRenderer"/>
<endpoint kind="udpDiscoveryEndpoint"/>
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior>
<serviceDiscovery/>
<serviceMetadata httpGetEnabled="True"/>
</behavior>
</serviceBehaviors>
</behaviors>
</system.serviceModel>
</configuration>
client discovery code:
DiscoveryClient discoveryClient = new DiscoveryClient(new UdpDiscoveryEndpoint());
var criteria = new FindCriteria(typeof(IRenderer)) { Duration = TimeSpan.FromSeconds(5) };
var endpoints = discoveryClient.Find(criteria).Endpoints;
The 'endpoints' collection always comes out empty. I've tried running the service and client from the debugger, from a command line, from an admin command line - everything, but to no avail (all on the local machine, of course, not to mantion I'll need it running on my entire subnet eventually)
Any help would be appreciated :-)
Here is a super simple discovery example. It does not use a config file, it is all c# code, but you can probably port the concepts to a config file.
share this interface between host and client program (copy to each program for now)
[ServiceContract]
public interface IWcfPingTest
{
[OperationContract]
string Ping();
}
put this code in the host program
public class WcfPingTest : IWcfPingTest
{
public const string magicString = "djeut73bch58sb4"; // this is random, just to see if you get the right result
public string Ping() {return magicString;}
}
public void WcfTestHost_Open()
{
string hostname = System.Environment.MachineName;
var baseAddress = new UriBuilder("http", hostname, 7400, "WcfPing");
var h = new ServiceHost(typeof(WcfPingTest), baseAddress.Uri);
// enable processing of discovery messages. use UdpDiscoveryEndpoint to enable listening. use EndpointDiscoveryBehavior for fine control.
h.Description.Behaviors.Add(new ServiceDiscoveryBehavior());
h.AddServiceEndpoint(new UdpDiscoveryEndpoint());
// enable wsdl, so you can use the service from WcfStorm, or other tools.
var smb = new ServiceMetadataBehavior();
smb.HttpGetEnabled = true;
smb.MetadataExporter.PolicyVersion = PolicyVersion.Policy15;
h.Description.Behaviors.Add(smb);
// create endpoint
var binding = new BasicHttpBinding(BasicHttpSecurityMode.None);
h.AddServiceEndpoint(typeof(IWcfPingTest) , binding, "");
h.Open();
Console.WriteLine("host open");
}
put this code in the client program
private IWcfPingTest channel;
public Uri WcfTestClient_DiscoverChannel()
{
var dc = new DiscoveryClient(new UdpDiscoveryEndpoint());
FindCriteria fc = new FindCriteria(typeof(IWcfPingTest));
fc.Duration = TimeSpan.FromSeconds(5);
FindResponse fr = dc.Find(fc);
foreach(EndpointDiscoveryMetadata edm in fr.Endpoints)
{
Console.WriteLine("uri found = " + edm.Address.Uri.ToString());
}
// here is the really nasty part
// i am just returning the first channel, but it may not work.
// you have to do some logic to decide which uri to use from the discovered uris
// for example, you may discover "127.0.0.1", but that one is obviously useless.
// also, catch exceptions when no endpoints are found and try again.
return fr.Endpoints[0].Address.Uri;
}
public void WcfTestClient_SetupChannel()
{
var binding = new BasicHttpBinding(BasicHttpSecurityMode.None);
var factory = new ChannelFactory<IWcfPingTest>(binding);
var uri = WcfTestClient_DiscoverChannel();
Console.WriteLine("creating channel to " + uri.ToString());
EndpointAddress ea = new EndpointAddress(uri);
channel = factory.CreateChannel(ea);
Console.WriteLine("channel created");
//Console.WriteLine("pinging host");
//string result = channel.Ping();
//Console.WriteLine("ping result = " + result);
}
public void WcfTestClient_Ping()
{
Console.WriteLine("pinging host");
string result = channel.Ping();
Console.WriteLine("ping result = " + result);
}
on the host, simply call the WcfTestHost_Open() function, then sleep forever or something.
on the client, run these functions. It takes a little while for a host to open, so there are several delays here.
System.Threading.Thread.Sleep(8000);
this.server.WcfTestClient_SetupChannel();
System.Threading.Thread.Sleep(2000);
this.server.WcfTestClient_Ping();
host output should look like
host open
client output should look like
uri found = http://wilkesvmdev:7400/WcfPing
creating channel to http://wilkesvmdev:7400/WcfPing
channel created
pinging host
ping result = djeut73bch58sb4
this is seriously the minimum I could come up with for a discovery example. This stuff gets pretty complex fast.
Damn! it was the firewall... for some reason all UDP communication was blocked - disabling the firewall solved the problem. Now I only need to figure out the correct firewall configuration...