consuming webservice using https protocol

Question

I'm developing an application where i have to consume webservice developed in Java using http protocol. I'm developing the application using C#.NET winforms. Everything works fine until now. The webservice is now using SSL security hence the service protocol changed from http to https. I'm facing issues while accessing the https webservice.

I tried accessing the https webservice from the SoapUI by providing the Authenticaion Parameters (UserName and Password) from the Auth tab as shown below:

enter image description here

It is working fine from SoapUI.

but wen i provide the Authenticaion parameters from code as below its not working:

client.ClientCredentials.UserName.UserName = "admin";
client.ClientCredentials.UserName.Password = "*******";

I'm using Security Mode as : TransportWithMessageCredential and ClientCredentialTtype as : Basic

My App.Config file is as below:

<?xml version="1.0" encoding="utf-8" ?>
<configuration>
    <startup> 
        <supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.5" />
    </startup>
  <system.serviceModel>
    <client>
      <endpoint address="https://xyz:8001/HelloWorldAPI/HelloWorldWebService"
       binding="wsHttpBinding"
        bindingConfiguration="myhttpsbinding" contract="API.HelloWorldWebService"
        name="HelloWorldWebServicePort" />
    </client>
    <bindings>
      <wsHttpBinding>
        <binding name="myhttpsbinding">
          <security mode="TransportWithMessageCredential">
            <transport clientCredentialType="Basic"/>
          </security>
        </binding>
      </wsHttpBinding>
    </bindings>
  </system.serviceModel>
  <system.net>
    <defaultProxy useDefaultCredentials="true" />
  </system.net>
</configuration>

My Code as below:

using System;
using System.Collections.Generic;
using System.Linq;
using System.Net;
using System.Net.Security;
using System.Security.Cryptography.X509Certificates;
using System.ServiceModel;
using System.Text;
using System.Threading.Tasks;
using testingtool.API;

namespace testingtool
{
    class Program
    {
        static void Main(string[] args)
        {
            new APITool();
        }
    }
    class APITool
    {
        UserInfo userinfo = new UserInfo();
        HelloWorldWebServiceClient client = new HelloWorldWebServiceClient();

        private bool ValidationCallBack(object sender, X509Certificate cert, X509Chain chain, System.Net.Security.SslPolicyErrors error)
        {
            return true;
        }

        public APITool()
        {
            try
            {
                //Authentication parameters
                client.ClientCredentials.UserName.UserName = "admin";
                client.ClientCredentials.UserName.Password = "*****";
                ServicePointManager.ServerCertificateValidationCallback = new System.Net.Security.RemoteCertificateValidationCallback(ValidationCallBack);

                //client ClientCredentials @ Application level
                userinfo.userid = "myusername";
                userinfo.password = "*****";
                GetHelloWorldAPIVersionRequest request = new GetHelloWorldAPIVersionRequest();

                APIVersionInfo versioninfo = new APIVersionInfo();
                versioninfo.userinfo = userinfo;
                request.APIVersionInfo = versioninfo;


                APIVersionInfoResponse response = client.GetHelloWorldAPIVersion(versioninfo);
                Console.WriteLine(response.Version);
            }
            catch (Exception ex)
            {
                Console.WriteLine(ex.ToString());
            }
            Console.ReadLine();
        }
     }
  }

I'm getting following exception:

System.ServiceModel.Security.MessageSecurityException: The HTTP request is unauthorized with client authentication scheme 'Anonymous'. The authentication header received from the server was 'Basic realm="EJBServiceEndpointServlet Realm"'. ---> System.Net.WebException: The remote server returned an error: (401) Unauthorized.

EDIT: from the client i have verified with Fiddler the request window as below: from the AUth tab it is saying that there is no Autherization Header present.

enter image description here

Fiddler Raw Request as below:

CONNECT 10.10.10.110:8001 
HTTP/1.1 Host: 10.10.10.110:8001 
Connection: Keep-Alive 
User-Agent: Apache-HttpClient/4.1.1 (java 1.5)

Any help wouldbe greatly appreciated.

Can you confirm on the server that the request is coming in as HTTPS? Maybe using Fiddler, you can extract the actual message sent. — Patrick Hofman, Jun 13 '14 at 10:22
Thanks for your response,from client end i tried with fiddler , i'm getting 401 error.please see my edited post. — Sudhakar Tillapudi, Jun 13 '14 at 10:39
So if I understand correctly we got clear this is a client problem? That rules out the server side. — Patrick Hofman, Jun 13 '14 at 10:57
@PatrickHofman: Okay, Thanks,so now could you please guide me in solving this issue. — Sudhakar Tillapudi, Jun 13 '14 at 10:59
If I knew the answer I would definitely post it. WCF is so hard to diagnose. If I have some spare time, I will look into this deeper. — Patrick Hofman, Jun 13 '14 at 11:03
@PatrickHofman: Thank you somuch.if you get any idea please dont forget to answer here thanks. — Sudhakar Tillapudi, Jun 13 '14 at 11:05
Since, you are using "TransaportWithMessageCredentials" should your security element be something like this : — Rajesh, Jun 13 '14 at 12:28
@Rajesh:; if i use that then it throws exception : `The provided URI scheme 'https' is invalid; expected 'http'.` — Sudhakar Tillapudi, Jun 13 '14 at 12:33
Since you could access the service from SOAPUI can you compare the raw request from SOAPUI with that from your client application using Fiddler — Rajesh, Jun 13 '14 at 13:47
@Rajesh: Thanks for your response.i need to check that, i will check and let you know. — Sudhakar Tillapudi, Jun 13 '14 at 13:48

score 3 · Answer 1 · answered Jun 17 '14 at 11:48

Wondering if the issue could be with the binding, although hard to say for sure without reviewing the service configuration or seeing the successful soapUI request. (Note: you may want to include a snippet of the message, including the soap header, from the soapUI HTTP Log.)

In any case, you may want to make sure the service is really using ws-security (message level security) by trying the following binding:

<bindings>
  <basicHttpBinding>
    <binding name="httpBinding">
      <security mode="TransportCredentialOnly">
        <transport clientCredentialType="Basic" />
      </security>
    </binding>
  </basicHttpBinding>
</bindings>

score 1 · Answer 2 · answered Jun 16 '14 at 09:10

1

You should change your app config:

    <wsHttpBinding>
        <binding name="myhttpsbinding">
          <security mode="TransportWithMessageCredential">
             <transport clientCredentialType="None" />
             <message clientCredentialType="UserName" establishSecurityContext="false" negotiateServiceCredential="false"/>
          </security>
        </binding>
     </wsHttpBinding>

On transport level you have no authentication, so <transport clientCredentialType="None" /> and on message level you have username|password authentication, so <message clientCredentialType="UserName"

answered Jun 16 '14 at 09:10

Kirill Bestemyanov

11,946
2
24
38

thanks for your response, but now i'm getting following exception `System.ServiceModel.Security.MessageSecurityException: The HTTP request is unauthorized with client authentication scheme 'Anonymous'. The authentication header received from the server was 'Basic realm="EJBServiceEndpointServlet Realm"'. ---> System.Net.WebException: The remote server returned an error: (401) Unauthorized.` – Sudhakar Tillapudi Jun 16 '14 at 09:17
but when i provide the Authentication attributes(username and password) from `SOAP UI` it works fine.i think i mustbe missing something very basic. – Sudhakar Tillapudi Jun 16 '14 at 09:21
Are you sure that this error is not from application level (userinfo.userid = "myusername"; userinfo.password = "*****";)? – Kirill Bestemyanov Jun 16 '14 at 09:24
yes i'm sure that the error is not from application level because when i use same credentials with `http` url it works fine. – Sudhakar Tillapudi Jun 16 '14 at 09:26
what is purpose of this tag in config? Do you have proxy? If no, remove this tag, if yes there should be proxy address – Kirill Bestemyanov Jun 16 '14 at 09:53
i'm using default proxy configuration from IE settings. changed `useDefaultCredentials` property to `true`. – Sudhakar Tillapudi Jun 16 '14 at 10:22
Could you show request from fiddler (raw inspector). – Kirill Bestemyanov Jun 17 '14 at 05:11
This cannot be your raw request. It contains only http headers without request body. – Kirill Bestemyanov Jun 17 '14 at 08:24
@KirillBestemyanov it is the raw request - see http://en.wikipedia.org/wiki/Tunneling_protocol - scroll to `Tunneling to circumvent firewall policy` – wal Jun 17 '14 at 12:11

wal · Answer 3 · 2014-06-17T12:24:54.790

are you going thru a proxy server? If yes, are the details entered into IE ? Are you able to browse https pages in IE? If yes, this should be picked up by each WebRequest that makes an https call as it needs to issue a CONNECT to the proxy server (which its doing) but in your call the Proxy-Authorization header is missing. This should be your focus - try a plain WebRequest to say https:// google.com and see what you get in fiddler.

You may have an issue with your proxy server forwarding on your request. Are you able to try https on a different network not behind a proxy?

score 0 · Answer 4 · edited Jun 17 '17 at 12:11

0

Maybe this link can help.

It explains how to configure your endpoint in case of REST/SOAP WebServices

Can not call web service with basic authentication using WCF

edited Jun 17 '17 at 12:11

user229044

232,980
40
330
338

answered Jun 18 '14 at 12:19

sternze

1,524
2
9
15

score 0 · Answer 5 · answered May 17 '21 at 05:30

I have given <security mode="Transport" /> inside binding and issue solved for calling HTTPS service. Full code:

<system.serviceModel>
    <bindings>
      <basicHttpBinding>       
        <binding name="ServiceSoap">
            <security mode="Transport" />
        </binding>
      </basicHttpBinding>
    </bindings>
    <client>      
      <endpoint address="https://yourlink/Service.asmx" binding="basicHttpBinding" bindingConfiguration="ServiceSoap" contract="EmployeeService.ServiceSoap" name="ServiceSoap"/>
    </client>
  </system.serviceModel>

score -1 · Answer 6 · answered Jun 23 '14 at 08:15

-1

Its binding issue you need to use custom binding here is example.

http://webservices20.blogspot.com/

answered Jun 23 '14 at 08:15

Muhammad Arshad

107
8

consuming webservice using https protocol

6 Answers6