Expose A WCF Service Via Forms Authentication In IIS - How To Make The Metadata
Aug 16, 2010
We've got some WCF services we're hosting via IIS. The application in general uses Forms Authentication, and we'd like to continue making that available for web service clients. We just have a <authorization><deny users="?"> in our web.config and some authentication/redirection goodness that gets everything done.
The problem is we'd like for users to be able to access the metadata for the services without authentication. Can they visit /services/v1/ArtifactService.svc?wsdl anonymously and yet still require authentication for /services/v1/ArtifactService.svc/rest/GetArtifacts?studyId=123? If so, I can't figure out the right incantation in the configuration.
The best I can think of is to set an absolute URL in the metadata service behavior, but then I have to doctor the path on install anywhere we deploy. (<serviceMetadata httpGetEnabled="true" httpGetUrl=[URL]
View 2 Replies
Similar Messages:
Feb 11, 2010
I'm kinda new to web services and want to make sure I am doing things correctly.
I have a custom object which has sub objects as well. (let's say Company object, sub object is collection of Employee objects)
I want the web service to return a collection of Company objects. Do I make the service return a Dataset and custom generate a dataset with datatables representing the different objects?
What is the best way to do this? I tried to just serialize it, but that doesn't seem to work either.
I tried this dll
[URL]
But the output XML doesn't seem to include the sub object.
View 1 Replies
Mar 22, 2011
At random, we get the "Metadata publishing for this service is currently disabled." message. There is nothing I can do to make it go away, iisreset, deleting all websites, stopping all sites, etc. If I open any site, I get that same message. The only site that remains functional is Outlook Web Access, the other 20 ASP.NET just fail. Is there a way to trace where the message is coming from? I have no default binding in IIS (Removed the default site), and the site keeps responding with this message after stopping the sites that bind to the specific url. The frustrating is that there is nothing I can do to reproduce or solve the error, even the more drastic steps.
View 1 Replies
Aug 18, 2010
I created a WCF Service Library and there're 2 services (http endpoint and https endpoint) in the App.cofig file. The WCF Service Host had not problem to host the http endpoint but failed to host the https endpoint with these messages:
WCF Service Host cannot find any metadata. Additional Info: The service cannot be started. This service has no endpoint defined. Please add at least one endpoint for the service in config file and try again.
What's wrong with the configuration?
Excerpt of App.config file:
...
<behaviors>
<serviceBehaviors>
<behavior name="WcfSecurityService.ServiceBehavior">
<serviceMetadata httpGetEnabled="true" httpGetUrl="mex" />
<serviceDebug includeExceptionDetailInFaults="true"/>
<serviceCredentials>
<userNameAuthentication
userNamePasswordValidationMode="Custom"
customUserNamePasswordValidatorType="WcfSecurityService.MyValidator, WcfSecurityService"/>
</serviceCredentials>
</behavior>
<behavior name="WcfSecurityService.SecuredServiceBehavior">
<serviceMetadata httpsGetEnabled="true" httpsGetUrl="securedmex" />
<serviceDebug includeExceptionDetailInFaults="true"/>
<serviceCredentials>
<userNameAuthentication
userNamePasswordValidationMode="Custom"
customUserNamePasswordValidatorType="WcfSecurityService.MyValidator, WcfSecurityService"/>
<serviceCertificate
findValue="CN=MyRSARootCA_LocalHost" storeLocation="LocalMachine" storeName="My"
x509FindType="FindBySubjectDistinguishedName" />
</serviceCredentials>
</behavior>
</serviceBehaviors>
</behaviors>
<bindings>
<wsHttpBinding>
<binding name="WcfSecurityService.TransportMsgBinding">
<!-- UsernameToken over Transport Security -->
<security mode="TransportWithMessageCredential">
<message clientCredentialType="UserName"/>
</security>
</binding>
<binding name="WcfSecurityService.UnsecuredBinding">
<security mode="None"></security>
</binding>
</wsHttpBinding>
</bindings>
<services>
<!--
<service name="WcfSecurityService.Service"
behaviorConfiguration="WcfSecurityService.ServiceBehavior">
<host>
<baseAddresses>-->
<!--<add baseAddress="http://localhost/WcfSecurityService/" />-->
<!-- SvcUtil.exe need Cassini Server (not IIS)-->
<!--<add baseAddress="http://localhost:8002/WcfSecurityService/" />
</baseAddresses>
</host>
<endpoint address=""
binding="wsHttpBinding"
contract="WcfSecurityService.IService"
bindingConfiguration="WcfSecurityService.UnsecuredBinding">
<identity>
<dns value="localhost"/>
</identity>
</endpoint>
<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange"/>
</service>-->
<service name="WcfSecurityService.SecuredService"
behaviorConfiguration="WcfSecurityService.SecuredServiceBehavior">
<host>
<baseAddresses>
<!--<add baseAddress="https://localhost/WcfSecurityService/" />-->
<!-- SvcUtil.exe need Cassini Server (not IIS)-->
<add baseAddress="https://localhost:8003/WcfSecurityService/" />
</baseAddresses>
</host>
<endpoint address="https://localhost:8003/WcfSecurityService/"
binding="wsHttpBinding"
contract="WcfSecurityService.IService"
bindingConfiguration="WcfSecurityService.TransportMsgBinding">
<identity>
<dns value="localhost"/>
</identity>
</endpoint>
<endpoint address="securedmex" binding="mexHttpsBinding" contract="IMetadataExchange"/>
</service>
</services>
...
SSL Certificate bindings:
-------------------------
IP:port : 0.0.0.0:8003
Certificate Hash : d321b6f1d2c4085f36ebbd51e72a3dc3e2332589
Application ID : {4dc3e181-e14b-4a21-b022-59fc669b0914}
Certificate Store Name : MY
Verify Client Certificate Revocation : Enabled
Verify Revocation Using Cached Client Certificate Only : Disabled
Usage Check : Enabled
Revocation Freshness Time : 0
URL Retrieval Timeout : 0
Ctl Identifier : (null)
Ctl Store Name : (null)
DS Mapper Usage : Disabled
Negotiate Client Certificate : Enabled
View 1 Replies
Jan 9, 2010
I would like to extend the HtmlHelper by using metadata (similar to DataAnnotaions metadata). Specifically I want to be able to add a 'Title' attribute to html controls that will then appear as a tooltip on the control. I would like to keep the tooltip text with my model, for example by adding 'Tiltle' metadata to the model as follows:
[DisplayName("User Id")]
[Title("Enter your 10 digit user id")]
property UserId { get; set; }
So the questions are:
1. How do I add metadata (such as 'Title') to my model?
2. How do I access this metadata in my HtmlHelper extension method?
[code]....
View 4 Replies
Jan 23, 2010
I am writing two ASP.NET apps. One is a web service that provides xml data and the other is a web client that will use the service to display and manipulate data. I would like for the web service to do the membership authentication and authorization. Is there any way to simply point the login controls in my client application to the web service instead of to a database. I assume I would have to provide the necesarry methods in my web service interface, which would then use the membership provider database I created and pass the results back through to the client.
Is this possible? I have seen many articles on security provisioin from a web service but none has really been what I am looking for. I was hoping that, since my service and my client are both written in ASP.NET, there might be some built functionality that would benefit me.
View 8 Replies
Feb 9, 2011
I am invoking a WCF web service (.NET 4.0) via jQuery $.ajax() from an ASP.NET page. How can I secure the WCF service such that only authenticated ASP.NET users can invoke the service's methods? Do I need to imperatively check the forms authentication cookie manually in each service method, or is there a more declarative approach?
View 1 Replies
Aug 2, 2010
I am using forms authentication in a MVC 2 project.
I have this in my web.config:
<authorization>
<deny users="?" />
</authorization>
I want the /Content folder to be available to users that haven't been authenticated yet. The login view uses the css in that folder, which should be available at login time.
View 2 Replies
Jul 2, 2010
I have a webservice that's behind form's authentication. The site that hosts the service also serves as a site that requires a user to log in via the login page.I have a second site that needs to be able to access the service that the first site hosts. However, when attempting to access the service, it fails because the service requires that the user is logged in.
View 1 Replies
Aug 7, 2012
i have one web service how can i give access to that web service to many user(with secure method). Now i am checking url and only doing for one site. So what should i do.
View 1 Replies
Sep 22, 2010
I have a web application - .net 4. The client is having a requirement that he want to send email to his users on a regular basis about his new courses etc.
The webapplication created will hosted on a "Shared hosting environment" with no excess to windows services - file system other than the web root folder through FTP.
Due to shared hosting i cannot create a windows service for him which will check the database - if there are any scheduled mail to send every 5 min.
So my question is - Is there anyway i can run a wcf web service or any other web based service or page or handler which can keep running and automatically checks the database for any new scheduled mails - if yes start sending it automatically in an different thread.
View 2 Replies
Feb 14, 2010
Is it possible to expose server control as properties? See below.
[Code]....
Now If i pass Panel1, it's string. Casting error. How do i get around this.
View 1 Replies
Nov 8, 2010
I have a Web Site project in VS2008, C#, .NET 3.5 and the Access to the Code-Behind has lost it's functionalilty.
i.e. I have a Button on a page... dbl-clk on button should take me to the Click Event of the button. It does nothing?
I tried exporting the Tools|Import Export Settings and re-setting them to the Default for Web Site... still no change...
View 4 Replies
Jun 4, 2010
I have a detailsview that contains a radio button list, and a couple of check boxes. I want to run some code when the radiobuttonlist selection is changed, or when the checkboxes are checked or unchecked. how I can do that even though the controls are nested inside another control?
View 2 Replies
Jan 22, 2011
How to make authentication on Software in .NET
I am new to .NET and C#, but I am very crazy to know tat how to authenticate an application, which we made in C# - .NET so that when we distribute it to the people, the people must authenticate either for the first time or always.
View 1 Replies
Mar 10, 2010
I created a simple gridview user control with a custom property ProfileType which should load different records depending on the ProfileType value when attaching to a web page.
This is my web page:
[code]....
how I can expose user control custom property at its code-behind file.
View 2 Replies
Jan 3, 2010
how can I expose the properties of a hyperlink column in a gridview so I can program then in vb code? For example I want to change the property of the DataNavigateUrlFormatString programatically using vb code? How can I do this?
View 5 Replies
Sep 15, 2010
I am new to Web services and .NET. I have to authenticate a web service that is being accessed using http post. I tried putting a custom soap header and sending it to the service and checking the header in service but the header object is always null in the service.also if i put the user and password options in http headers how can i validate them on the server ? Client code:
private void button1_Click(object sender, EventArgs e)
{
HttpWebRequest request;
[code]...
View 1 Replies
Feb 10, 2011
how to publish a service with authentication
View 2 Replies
Aug 11, 2010
I have created a WCF service that will serve as authentication service for Silverlight client.The problem is that when I make a call to FormsAuthentication.SetAuthCookie in the Login method below, I get a null reference exception. I am following the 'Securing Applications Built on Silverlight and WCF' (http://www.componentart.com/community/blogs/milos/archive/2009/05/07/securing-applications-built-on-silverlight-and-wcf.aspx)
[Code]....
View 1 Replies
Dec 4, 2010
I want to create a web service that can authenticate user from my application. I will be sending user name and password from my app to the web service and that will deny or accept the user. I want to use form authentication using sql server. that this web service can be used by other team in my office so that they can just call the web service and the user will be authenticated.
Also, is it possible to use both form and windows authentication in my web service and authenticate the user both ways.
View 3 Replies
Feb 10, 2010
I am using .NET roles and membership model to manage user accounts in my system back-end.
If the request is come from within my web-app, I can authenticate through form.
But if the user is requesting from else where, maybe their own apps, how to I do authentication?
attach username and password (GET/POST) and then secure the line by SSL? is that what I should do?
View 3 Replies
May 14, 2010
By default web service is enable for windows authentication. But if we want to expose our service to public domain, then I guess we have to use some specific credential for web service authentication. Can anyone tell me how to set those credential at service side and validate it for client and how the client will send those credentials?
View 1 Replies
Dec 30, 2010
We are gonna call web service with username and password. how to implement this on a web service client?
View 1 Replies
Nov 3, 2010
I have a web page that calls a WCF service that makes a sql database call using Integrated Security. I get an error saying, "Login failed for user 'CorpDomainServerName01$'". I want it so that it all layers will execute under the user's AD credetials (working in an intranet), ie: "CorpDomainAlbert". On the server (Win 2008/IIS 7), I have Windows Authentication turned on and everything else off (including Anonymous) under Authentication for both the web client and the WCF service. Here's my client web.config:
<configuration>
<system.web>
<compilation debug="true" targetFramework="4.0"/>
<authentication mode="Windows"/>
<identity impersonate="true"/>
<customErrors mode="Off"/>
</system.web>
<system.serviceModel>
<bindings>
<netTcpBinding>
<binding name="NetTcpBinding_IMyService" closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00" transactionFlow="false" transferMode="Buffered" transactionProtocol="OleTransactions" hostNameComparisonMode="StrongWildcard" listenBacklog="10" maxBufferPoolSize="524288" maxBufferSize="65536" maxConnections="10" maxReceivedMessageSize="65536">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384" maxBytesPerRead="4096" maxNameTableCharCount="16384" />
<reliableSession ordered="true" inactivityTimeout="00:10:00" enabled="false" />
<!--<security mode="Transport">
<transport clientCredentialType="Windows" protectionLevel="EncryptAndSign" />
<message clientCredentialType="Windows" />...........................
View 1 Replies
