I am trying to do a very basic but secure username/password authentication with wcf.
However when I look at the value of the ServiceSecurityContext.Current.PrimaryIdentity; it contains the credentials of my windows machine and claims it is authorised (even though I have not yet done any authorisation) instead of the username and password I provided to the service.
My web.config of the service is as follows
<?xml version="1.0"?>
<configuration>
<appSettings>
<add key="aspnet:UseTaskFriendlySynchronizationContext" value="true" />
</appSettings>
<system.web>
<compilation debug="true" targetFramework="4.5" />
<httpRuntime targetFramework="4.5"/>
</system.web>
<system.serviceModel>
<behaviors>
<serviceBehaviors>
<behavior>
<!-- To avoid disclosing metadata information, set the values below to false before deployment -->
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true"/>
<!-- To receive exception details in faults for debugging purposes, set the value below to true. Set to false before deployment to avoid disclosing exception information -->
<serviceDebug includeExceptionDetailInFaults="true"/>
</behavior>
</serviceBehaviors>
</behaviors>
<bindings>
<wsHttpBinding>
<binding name="WsHttpBindingConfig">
<security mode="TransportWithMessageCredential">
<transport clientCredentialType="None" />
<message clientCredentialType="UserName" />
</security>
</binding>
</wsHttpBinding>
</bindings>
<protocolMapping>
<add binding="wsHttpBinding" scheme="http" />
</protocolMapping>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" />
</system.serviceModel>
<system.webServer>
<modules runAllManagedModulesForAllRequests="true"/>
<!--
To browse web app root directory during debugging, set the value below to true.
Set to false before deployment to avoid disclosing web app folder information.
-->
<directoryBrowse enabled="true"/>
</system.webServer>
</configuration>
and the app.config of the client app is as follows
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<startup>
<supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.5" />
</startup>
<system.serviceModel>
<bindings>
<wsHttpBinding>
<binding name="WSHttpBinding_IService1" />
</wsHttpBinding>
</bindings>
<client>
<endpoint address="http://localhost/WcfSecuredService/Service1.svc"
binding="wsHttpBinding" bindingConfiguration="WSHttpBinding_IService1"
contract="ServiceReference1.IService1" name="WSHttpBinding_IService1">
</endpoint>
</client>
</system.serviceModel>
</configuration>
I call the service with the following code
ServiceReference1.Service1Client clnt = new ServiceReference1.Service1Client();
clnt.ClientCredentials.UserName.UserName = "peter";
clnt.ClientCredentials.UserName.Password = "grr";
string result=clnt.GetSecuredData();
What am I doing wrong?
Please note that both the client app and the service are both running on the same machine. I do not know if the identity is that of the machine running the service or the one passed to it from the client as they are both the same credentials.....
I suppose the other question is possibly "How do I get the username and password that were passed to the service?"
I have worked this out now
I needed to create a custom validation class which I found here How to: Use a Custom User Name and Password Validator
I also needed to make a few changes to the web.config
<?xml version="1.0"?>
<configuration>
<appSettings>
<add key="aspnet:UseTaskFriendlySynchronizationContext" value="true" />
</appSettings>
<system.web>
<compilation debug="true" targetFramework="4.5" />
<httpRuntime targetFramework="4.5"/>
</system.web>
<system.serviceModel>
<behaviors>
<serviceBehaviors>
<behavior>
<serviceCredentials>
<userNameAuthentication userNamePasswordValidationMode="Custom" customUserNamePasswordValidatorType="WcfService1Secure.Auth,WcfService1Secure" />
</serviceCredentials>
<!-- To avoid disclosing metadata information, set the values below to false before deployment -->
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true"/>
<!-- To receive exception details in faults for debugging purposes, set the value below to true. Set to false before deployment to avoid disclosing exception information -->
<serviceDebug includeExceptionDetailInFaults="true"/>
</behavior>
</serviceBehaviors>
</behaviors>
<bindings>
<wsHttpBinding>
<binding name="WsHttpBindingConfig">
<security mode="TransportWithMessageCredential">
<transport clientCredentialType="None" />
<message clientCredentialType="UserName" />
</security>
</binding>
</wsHttpBinding>
</bindings>
<protocolMapping>
<add binding="wsHttpBinding" scheme="https" bindingConfiguration="WsHttpBindingConfig" />
</protocolMapping>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" />
</system.serviceModel>
<system.webServer>
<modules runAllManagedModulesForAllRequests="true"/>
<!--
To browse web app root directory during debugging, set the value below to true.
Set to false before deployment to avoid disclosing web app folder information.
-->
<directoryBrowse enabled="true"/>
</system.webServer>
</configuration>
and the app.config
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<startup>
<supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.5" />
</startup>
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="BasicHttpBinding_IService1" />
</basicHttpBinding>
<wsHttpBinding>
<binding name="WSHttpBinding_IService1">
<security mode="TransportWithMessageCredential">
<transport clientCredentialType="None" />
<message clientCredentialType="UserName" />
</security>
</binding>
</wsHttpBinding>
</bindings>
<client>
<endpoint address="https://localhost/WcfService1Secure/Service1.svc"
binding="wsHttpBinding" bindingConfiguration="WSHttpBinding_IService1"
contract="ServiceReference1.IService1" name="WSHttpBinding_IService1" />
</client>
</system.serviceModel>
</configuration>
Now the user is validated on the request and the username is available using
ServiceSecurityContext.Current.PrimaryIdentity;
hi you should add a method that can accept login and password on your server side and store them in a variables or db
your method should look like this
ServiceReference1.Service1Client clnt = new ServiceReference1.Service1Client();
clnt.ClientCredentials.UserName.UserName = "peter";
clnt.ClientCredentials.UserName.Password = "grr";
clnt.SignUp(clnt);
or
clnt.SignUp(login,password);
what you are doing can work on a standalone application but not in a webcall
your call to method service will have something like
http://MyService/IMyContract/MyAction1
Hope this help
If you are using PerSession instance then you can call first Authenticate on server and on successful maintain a flag on server, subsequent call will check for the flag before executing. that means client need to make first call to Authenticate method and then only call other methods.
If not using PerSession instance you can create own proxy class for the server and while creating proxy instance accept LoginName/Password which it can pass in header on each call and on server side implement custom ServiceAuthorizationManager, it can retrieve credential from OperationContext.Current.IncomingMessageHeaders and validates it.
Related
I'm working with visual Studio 2015. I have a Xamarin Cross-Platfom's project.
My WCF Rest Service works fine with http. I tried to use HTTPS but I receive a "404 error not found" when I try to access my resource.
You will find below the configs files:
web.config
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<appSettings>
<add key="aspnet:UseTaskFriendlySynchronizationContext" value="true" />
</appSettings>
<system.web>
<compilation debug="true" targetFramework="4.5.2" />
<httpRuntime targetFramework="4.5.2" />
</system.web>
<system.serviceModel>
<services>
<service name="PrototypeBHost.PrototypeB" behaviorConfiguration="ServiceBehaviour">
<endpoint address="" binding="webHttpBinding" bindingConfiguration="webHttpTransportSecurity"
behaviorConfiguration="restfulBehavior"
contract="PrototypeBHost.IprototypeB" />
<endpoint contract="IMetadataExchange" binding="mexHttpsBinding" address="mex" />
</service>
</services>
<bindings>
<webHttpBinding>
<binding name="webHttpTransportSecurity">
<security mode="Transport" />
</binding>
</webHttpBinding>
</bindings>
<behaviors>
<endpointBehaviors>
<behavior name="restfulBehavior">
<webHttp/>
</behavior>
</endpointBehaviors>
<serviceBehaviors>
<behavior name="ServiceBehaviour">
<!-- To avoid disclosing metadata information, set the values below to false before deployment -->
<serviceMetadata httpsGetEnabled="true" httpGetEnabled="false"/>
<!-- To receive exception details in faults for debugging purposes, set the value below to true. Set to false before deployment to avoid disclosing exception information -->
<serviceDebug includeExceptionDetailInFaults="false" />
</behavior>
</serviceBehaviors>
</behaviors>
<protocolMapping>
<add binding="basicHttpsBinding" scheme="https" />
</protocolMapping>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" />
</system.serviceModel>
<system.webServer>
<modules runAllManagedModulesForAllRequests="true" />
<!--
To browse web app root directory during debugging, set the value below to true.
Set to false before deployment to avoid disclosing web app folder information.
-->
<directoryBrowse enabled="true" />
</system.webServer>
</configuration>
applicationhost.config
<site name="PrototypeBHost" id="2">
<application path="/" applicationPool="Clr4IntegratedAppPool">
<virtualDirectory path="/" physicalPath="c:\Users\Ludovic\Documents\Visual Studio 2015\Projects\PrototypeB\PrototypeBHost" />
</application>
<bindings>
<!-- <binding protocol="http" bindingInformation="*:9612:192.168.1.106" />
<binding protocol="http" bindingInformation="*:8023:localhost" />-->
<binding protocol="https" bindingInformation="*:9612:192.168.1.106" />
<binding protocol="https" bindingInformation="*:8023:localhost" />
</bindings>
</site>
I followed some tutorials about WCF Rest but I'm a little bit confused with the SSL certificat. Do I need it? How can I attach the ssl certificat to the WCF Rest Service? Did I miss something?
My_WCF_proprieties
I finally found where was the problem, the default certificate with IIS Express doesn't work and cause some trouble.
First, I delete one of the certificate, I use command prompt for VS2015
netsh http delete sslcert ipport=0.0.0.0:44300
after that
I add a self-signed certificate
netsh http add sslcert ipport=0.0.0.0:44300 certhash=fb02ea72ab7443604aa8frib298e43l751ce3606 appid={214124cd-d05b-4309-8p76-9caa44b2b74a}
the command to show all certificates
netsh http show sslcert > output.txt
and it works :)
I am facing an issue when working with my WCF service. I consumed my WCF service in a console application and it works fine till 100 requests (in a loop). But it stops working after 100 requests. I have already used
<serviceThrottling
maxConcurrentCalls="500"
maxConcurrentInstances="500"
maxConcurrentSessions="500"/>
in my config but it has not effect on this issue. I have closed the connection after every call to the service but still the issue persists.
Any help is highly appreciated.
Below is my web.config :
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<connectionStrings>
<add name="PriceGain" connectionString="Server=xyz.abc.com;Database=SomeDB;User Id=appuser;password=xxxxxxx;" providerName="System.Data.SqlClient" />
</connectionStrings>
<appSettings>
<add key="aspnet:UseTaskFriendlySynchronizationContext" value="true" />
</appSettings>
<system.web>
<compilation debug="true" targetFramework="4.0"/>
<httpRuntime/>
</system.web>
<system.serviceModel>
<services>
<service name="AirGainUtilities.Service.Utilities" behaviorConfiguration="UtilitiesBehavior">
<endpoint contract="IMetadataExchange" binding="mexHttpBinding" address="mex" />
<endpoint address="http://192.168.1.1/AirGain.Utilities.Service/Utilities.svc" binding="basicHttpBinding" contract="AirGainUtilities.Service.IUtilities" />
</service>
</services>
<bindings>
<basicHttpBinding>
<binding name="basicHttpBinding" closeTimeout="00:10:00"
openTimeout="00:10:00" receiveTimeout="00:10:00"
sendTimeout="00:10:00" maxBufferPoolSize="2147483647"
maxBufferSize="2147483647" maxReceivedMessageSize="2147483647">
</binding>
</basicHttpBinding>
</bindings>
<behaviors>
<serviceBehaviors>
<behavior name="UtilitiesBehavior">
<!-- To avoid disclosing metadata information, set the values below to false before deployment -->
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />
<!-- To receive exception details in faults for debugging purposes, set the value below to true. Set to false before deployment to avoid disclosing exception information -->
<serviceDebug includeExceptionDetailInFaults="true" />
<serviceThrottling
maxConcurrentCalls="5000"
maxConcurrentInstances="5000"
maxConcurrentSessions="5000"/>
</behavior>
</serviceBehaviors>
</behaviors>
<protocolMapping>
<add binding="basicHttpsBinding" scheme="https" />
<add binding="basicHttpBinding" scheme="http" />
</protocolMapping>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="false" />
</system.serviceModel>
<system.webServer>
<modules runAllManagedModulesForAllRequests="true" />
<!--
To browse web app root directory during debugging, set the value below to true.
Set to false before deployment to avoid disclosing web app folder information.
-->
<directoryBrowse enabled="true" />
<defaultDocument>
<files>
<add value="Utilities.svc" />
</files>
</defaultDocument>
</system.webServer>
</configuration>
Apparently, the problem was an open DB connection in the GetDestinationHotelId method in the Package Class. The DB connections were not closed due to an exception and after 100 open connections MAX CONNECTION POOL LIMIT was reached.
Really silly at my end :-(
I'm getting the Error "The remote server returned an unexpected response: (413) Request Entity Too Large."
My Web.Config File XML is
<?xml version="1.0"?>
<configuration>
<appSettings>
<add key="aspnet:UseTaskFriendlySynchronizationContext" value="true" />
</appSettings>
<system.web>
<compilation debug="true" targetFramework="4.5" />
<httpRuntime targetFramework="4.5"/>
</system.web>
<system.serviceModel>
<behaviors>
<serviceBehaviors>
<behavior>
<!-- To avoid disclosing metadata information, set the values below to false before deployment -->
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="false"/>
<!-- To receive exception details in faults for debugging purposes, set the value below to true. Set to false before deployment to avoid disclosing exception information -->
<serviceDebug includeExceptionDetailInFaults="false"/>
</behavior>
</serviceBehaviors>
</behaviors>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" />
</system.serviceModel>
<system.webServer>
<modules runAllManagedModulesForAllRequests="true"/>
<!--
To browse web app root directory during debugging, set the value below to true.
Set to false before deployment to avoid disclosing web app folder information.
-->
<directoryBrowse enabled="true"/>
</system.webServer>
</configuration>
Please Guide me how to increase the Memory Size as well as Buffer, Message Receive and Send Size.
First We have to Define Bindings inside the ServiceModel of Web.config in WCF Service
<bindings>
<basicHttpBinding>
<binding name="PowerTransmissionBinding" closeTimeout="01:00:00" openTimeout="01:00:00" receiveTimeout="01:00:00" sendTimeout="01:00:00"
maxBufferSize="2147483647" maxBufferPoolSize="2147483647" maxReceivedMessageSize="2147483647" transferMode="StreamedRequest" messageEncoding="Mtom" >
<readerQuotas maxDepth="32" maxBytesPerRead="200000000"
maxArrayLength="200000000" maxStringContentLength="200000000" />
</binding>
</basicHttpBinding>
</bindings>
and then we have to Define the EndPoint
<services>
<service name="DataTestingWCF.Service1">
<endpoint
address="processData" binding="basicHttpBinding"
bindingConfiguration="PowerTransmissionBinding"
contract="DataTestingWCF.IService1" />
</service>
</services>
After that we have to Establish this new binding in our Client Application App.config
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="BasicHttpBinding_IService1" sendTimeout="00:10:00"
messageEncoding="Mtom" transferMode="StreamedRequest" />
</basicHttpBinding>
</bindings>
<client>
<endpoint address="http://localhost:8099/Service1.svc/processData"
binding="basicHttpBinding" bindingConfiguration="BasicHttpBinding_IService1"
contract="SuperService.IService1" name="BasicHttpBinding_IService1" />
</client>
</system.serviceModel>
By this we we can achieve the Binding.
Herewith I apex the WCF Web.config XML
<?xml version="1.0"?>
<configuration>
<appSettings>
<add key="aspnet:UseTaskFriendlySynchronizationContext" value="true" />
</appSettings>
<system.web>
<compilation debug="true" targetFramework="4.5" />
<httpRuntime targetFramework="4.5"/>
</system.web>
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="MybasicBinding" closeTimeout="01:00:00" openTimeout="01:00:00" receiveTimeout="01:00:00" sendTimeout="01:00:00"
maxBufferSize="2147483647" maxBufferPoolSize="2147483647" maxReceivedMessageSize="2147483647" transferMode="StreamedRequest" messageEncoding="Mtom" >
<readerQuotas maxDepth="32" maxBytesPerRead="200000000"
maxArrayLength="200000000" maxStringContentLength="200000000" />
</binding>
</basicHttpBinding>
</bindings>
<services>
<service name="DataTestingWCF.Service1">
<endpoint
address="myAddress" binding="basicHttpBinding"
bindingConfiguration="MybasicBinding"
contract="DataTestingWCF.IService1" />
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior>
<!-- To avoid disclosing metadata information, set the values below to false before deployment -->
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="false"/>
<!-- To receive exception details in faults for debugging purposes, set the value below to true. Set to false before deployment to avoid disclosing exception information -->
<serviceDebug includeExceptionDetailInFaults="false"/>
</behavior>
</serviceBehaviors>
</behaviors>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" />
</system.serviceModel>
<system.webServer>
<modules runAllManagedModulesForAllRequests="true"/>
<!--
To browse web app root directory during debugging, set the value below to true.
Set to false before deployment to avoid disclosing web app folder information.
-->
<directoryBrowse enabled="true"/>
</system.webServer>
</configuration>
I am new to WCF so please bear with me.
I have StudentData.svc.vb that implements 2 interfaces from the same IStudentData.vb
The 2 Interfaces are IStudentData and IHeartbeat
Heartbeat is a 1 way Operational Contract _
I am using IIS 7.5 to host this service
the web.config is
<?xml version="1.0"?>
<configuration>
<appSettings>
<add key="aspnet:UseTaskFriendlySynchronizationContext" value="true" />
</appSettings>
<system.web>
<compilation debug="true" strict="false" explicit="true" targetFramework="4.5" />
<httpRuntime targetFramework="4.5"/>
</system.web>
<system.serviceModel>
<bindings />
<client />
<behaviors>
<serviceBehaviors>
<behavior>
<!-- To avoid disclosing metadata information, set the values below to false before deployment -->
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true"/>
<!-- To receive exception details in faults for debugging purposes, set the value below to true. Set to false before deployment to avoid disclosing exception information -->
<serviceDebug includeExceptionDetailInFaults="false"/>
</behavior>
</serviceBehaviors>
</behaviors>
<protocolMapping>
<add binding="basicHttpsBinding" scheme="https" />
<add binding="basicHttpBinding" scheme="http" />
</protocolMapping>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" />
</system.serviceModel>
<system.webServer>
<modules runAllManagedModulesForAllRequests="true"/>
<!--
To browse web app root directory during debugging, set the value below to true.
Set to false before deployment to avoid disclosing web app folder information.
-->
<directoryBrowse enabled="true"/>
</system.webServer>
</
my app.config after creating the service reference is
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<startup>
<supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.5" />
</startup>
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="BasicHttpBinding_IStudentData" maxReceivedMessageSize="2147483647" />
<binding name="BasicHttpBinding_IHeartbeat" maxReceivedMessageSize="2147483647" />
</basicHttpBinding>
</bindings>
<client>
<endpoint address="http://www.ortho-sync.com:8080/StudentData.svc"
binding="basicHttpBinding" bindingConfiguration="BasicHttpBinding_IStudentData"
contract="oStudentData.IStudentData" name="BasicHttpBinding_IStudentData" />
<endpoint address="http://www.ortho-sync.com:8080/StudentData.svc"
binding="basicHttpBinding" bindingConfiguration="BasicHttpBinding_IHeartbeat"
contract="oStudentData.IHeartbeat" name="BasicHttpBinding_IHeartbeat" />
</client>
</system.serviceModel>
</configuration>
IStudentData has a class with a datamember of byte array that I am using to transfer an image.
If I use a small file it transfers and everything works
if I use a 1 meg image I get (413) Request Entity Too Large
I have played with the bindings and end points til I am blue in the face,
anyone please help.
Your service is picking up the default values for the bindings because you have not specified your own default basicHttpBinding or created an endpoint (in the service) that references your own basicHttpBinding.
You can make a binding configuration the default configuration for that binding by omitting the name attribute, like this:
<basicHttpBinding>
<binding maxReceivedMessageSize="2147483647" />
Alternatively, you can create an endpoint explicitly and set the binding configuration for that endpoint by using the bindingConfiguration attribute:
<endpoint address=""
binding="basicHttpBinding"
bindingConfiguration="BasicHttpBinding_IStudentData"
contract="oStudentData.IStudentData"
name="BasicHttpBinding_IStudentData" />
The second example assumes a binding configuration defined with a name of BasicHttpBinding_IStudentData.
You would use either of these in your service config file.
I'm currently stacked with the web service that im creating right now. when Testing it in local it all works fine but when I try to deploy it to the web server it throws me the following error
An error occurred while trying to make a request to URI '...my web service URI here....'. This could be due to attempting to access a service in a cross-domain way without a proper cross-domain policy in place, or a policy that is unsuitable for SOAP services. You may need to contact the owner of the service to publish a cross-domain policy file and to ensure it allows SOAP-related HTTP headers to be sent. This error may also be caused by using internal types in the web service proxy without using the InternalsVisibleToAttribute attribute. Please see the inner exception for more details.
here is my web config.
<?xml version="1.0"?>
<configuration>
<configSections>
</configSections>
<system.webServer>
<modules runAllManagedModulesForAllRequests="true">
</modules>
<validation validateIntegratedModeConfiguration="false" />
<security>
<requestFiltering>
<requestLimits maxAllowedContentLength="2000000000" />
</requestFiltering>
</security>
</system.webServer>
<connectionStrings>
<add name="........" providerName="System.Data.SqlClient" />
</connectionStrings>
<appSettings>
<!-- Testing -->
<add key="DataConnectionString" value="..........." />
</appSettings>
<system.web>
<compilation debug="true" targetFramework="4.0">
<buildProviders>
<add extension=".rdlc" type="Microsoft.Reporting.RdlBuildProvider, Microsoft.ReportViewer.WebForms, Version=10.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />
</buildProviders>
</compilation>
<httpRuntime executionTimeout="1200" maxRequestLength="2000000" />
</system.web>
<system.serviceModel>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" />
<behaviors>
<serviceBehaviors>
<behavior name="Service1">
<serviceMetadata httpGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
<dataContractSerializer maxItemsInObjectGraph="2000000000" />
</behavior>
<behavior name="">
<serviceMetadata httpGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="false" />
</behavior>
<behavior name="nextSPOTServiceBehavior">
<serviceMetadata httpsGetEnabled="true"/>
<serviceDebug includeExceptionDetailInFaults="true" />
<dataContractSerializer maxItemsInObjectGraph="2000000000" />
</behavior>
</serviceBehaviors>
</behaviors>
<bindings>
<basicHttpBinding>
<binding name="SecureBasic" closeTimeout="00:10:00"
openTimeout="00:10:00" receiveTimeout="00:10:00" sendTimeout="00:10:00"
maxBufferSize="2147483647" maxReceivedMessageSize="2147483647">
<security mode="Transport" />
<readerQuotas maxArrayLength="2000000" maxStringContentLength="2000000"/>
</binding>
<binding name="BasicHttpBinding_IDownloadManagerService" closeTimeout="00:10:00"
openTimeout="00:10:00" receiveTimeout="00:10:00" sendTimeout="00:10:00"
maxBufferSize="2147483647" maxReceivedMessageSize="2147483647">
<security mode="Transport" />
</binding>
</basicHttpBinding>
</bindings>
<services>
<service behaviorConfiguration="nextSPOTServiceBehavior" name="NextSPOTDownloadManagerWebServiceTester.Web.WebServices.DownloadManagerService">
<endpoint binding="basicHttpBinding" bindingConfiguration="SecureBasic" name="basicHttpSecure" contract="NextSPOTDownloadManagerWebServiceTester.Web.WebServices.IDownloadManagerService" />
<!--<endpoint binding="basicHttpBinding" bindingConfiguration="" name="basicHttp" contract="NextSPOTDownloadManagerWebServiceTester.Web.WebServices.IDownloadManagerService" />-->
<!--<endpoint address="" binding="basicHttpBinding" bindingConfiguration="BasicHttpBinding_IDownloadManagerService" contract="NextSPOTDownloadManagerWebServiceTester.Web.WebServices.IDownloadManagerService" />
<endpoint address="mex" binding="mexHttpsBinding" contract="IMetadataExchange" />-->
</service>
</services >
</system.serviceModel>
</configuration>
Client access Policy
<?xml version="1.0" encoding="utf-8" ?>
<access-policy>
<cross-domain-access>
<policy>
<allow-from http-request-headers="*">
<domain uri="http://*"/>
<domain uri="https://*"/>
</allow-from>
<grant-to>
<resource path="/" include-subpaths="true"/>
</grant-to>
</policy>
</cross-domain-access>
</access-policy>
CROSS Domain policy
<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain- policy.dtd">
<cross-domain-policy>
<allow-http-request-headers-from domain="*" headers="*"/>
</cross-domain-policy>
This sounds like the error you get when you are trying to use silverlight to access a webservice from where it is not hosted. If this is the case you need to add a clientaccesspolicy.xml to your web application folder.
MSDN article on allowing crossdomain access for a silverlight application.