Questions tagged [wcf-security]

Questions related to the authentication and authorization services for Windows Communication Foundation (WCF) applications

Windows Communication Foundation is Microsoft's implementation of the WS-* web service specifications. Its security functionality mainly deals with authentication, authorization and secure over-the-wire transmission of user credentials.

When setting up WCF Security for an application, the following parameters need to be configured:

The type of credential required, e.g. NTLM, plaintext, or certificate authentication
The security mode: transport mode (e.g. SSL), message mode (SOAP message security), or a combination of both
Which endpoint(s) are protected

Once a client successfully connects to an endpoint protected with WCF Security, the server application can examine the security context to determine the identity of the client and to determine its authorizations (which need to be configured separately).

1285 questions

votes

1 answer

How can I use WCF with the basichttpbinding only , SSL and Basic Authentication in IIS?

Is it possible to setup a WCF service with SSL and Basic Authentication in IIS using only the BasicHttpBinding-binding? (I can’t use the wsHttpBinding-binding) The site is hosted on IIS 7, with the following authentication set up: Anonymous…

asked May 25 '10 at 13:09

Tim

votes

3 answers

WCF client endpoint: SecurityNegotiationException without

I'm having a strange situation here. I got it working, but I don't understand why. Situation is as follows: There is a WCF service which my application (a website) has to call. The WCF service exposes a netTcpBinding and requires Transport…

wcf configuration dns wcf-security wcf-client

asked May 06 '10 at 14:10

RoelF

7,483
5
44
67

votes

3 answers

Connect with WCF to a WebService authenticated with username/password

I created a proxy of a Web Service with Visual Studio 2008, and it created for me the following entry in the app.config:

wcf wcf-security wcf-authentication

asked Apr 30 '09 at 09:00

antonioh

2,924
6
26
28

votes

5 answers

WCF Error : 'It is likely that certificate 'my cert' may not have a private key that is capable of key exchange

I have a WCF service I'm trying to host on our production web server (IIS6). I've set the web up and tied our cert to the web. When I try to browse to the service url, I receive the following error in the event log : The exception message is: It is…

c# wcf iis wcf-binding wcf-security

asked Nov 01 '12 at 19:59

Bill Martin

4,825
9
52
86

votes

2 answers

netTCP binding Soap Security Negotiation Failed

I am writing a WCF service requires impersonate and session. It is ok when I tried to call it on my local machine, but on the remote machine it always failed with such error: Security Support Provider Interface (SSPI) authentication failed. The…

c# wcf exception wcf-security wcf-configuration

asked Mar 13 '12 at 11:34

Chengxi Li

votes

3 answers

What's the difference between retrieving WindowsPrincipal from WindowsIdentity and Thread.CurrentPrincipal?

I am trying to work out why attribute based security isn't working as I'd expect in WCF and I suspect it might have something to do with the following: AppDomain.CurrentDomain.SetPrincipalPolicy(PrincipalPolicy.WindowsPrincipal); var identity = new…

c# security active-directory wcf-security windows-principal

asked Dec 30 '10 at 14:36

Kofi Sarfo

3,310
6
23
24

votes

1 answer

Using ASP.NET Membership Provider authentincation in a WCF service

Is there a way to use the same username and password from the membership provider for a WCF service authentication? if so, which binding does it supports? I need to extract a profile variable from the user currently calling the service. Thanks for…

asp.net wcf asp.net-membership wcf-security

asked Apr 10 '10 at 22:51

ryudice

36,476
32
115
163

votes

3 answers

Can not call web service with basic authentication using WCF

I've been given a web service written in Java that I'm not able to make any changes to. It requires the user authenticate with basic authentication to access any of the methods. The suggested way to interact with this service in .NET is by using…

wcf web-services .net-3.5 wcf-security

asked Sep 01 '09 at 23:32

Rex Morgan

2,979
2
21
32

votes

4 answers

WCF Routing with Message Security

I have a WCF service with Message Security Authentication. I want to set up a routing service for Load Balancing. For some reason it doesn't work, I've enabled includeExceptionDetailInFaults to see exceptions, so in the client I see: The client…

wcf wcf-security wcf-routing

asked Feb 08 '12 at 16:59

Maxim

7,268
1
32
44

votes

1 answer

WCF how to pass token for authentication?

I have a WCF service which would like to support basicHttpBinding and webHttpBinding. When the client successfully login, server will generate a token for client to pass to server on all the request make later. Question is how the client can pass…

wcf wcf-security token

asked Apr 09 '10 at 04:46

Kevin

votes

2 answers

How can I simulate CORS on my LOCAL machine?

Is it possible ti create a web site in IIS7 which somehow could look like it sits in a different domain, so that from one of this site's pages I can test Cross-Origin-Resource-Sharing calls to a WCF service in my local host?

.net wcf iis-7 wcf-security cors

asked Feb 20 '13 at 09:23

pencilCake

51,323
85
226
363

votes

2 answers

X.509 certificate can't find with "FindBySubjectName"

After a brutal struggle with WCF Security, I think I'm at the final stage now and can see the light. I've got a Client certificate installed on my server, and is now, as advised, in the Trusted People folder of the certificate store. However, when I…

wcf ssl certificate x509certificate wcf-security

asked Nov 06 '12 at 10:27

Chris Dixon

9,147
5
36
68

votes

2 answers

How to get the X509Certificate from a client request

I have a web-service which I secured using certificates. Now, I want to identify the client by looking at the certificate thumbprint. This means that I have a list of thumbprints on my service somewhere that are linked to some user. Actually, my…

c# wcf web-services wcf-security x509certificate

asked Sep 23 '11 at 11:46

Bas Slagter

9,831
7
47
78

votes

3 answers

How to use custom binding in WCF and keep message security mode with username client credentials?

I have WCF service accessible over Internet which uses wsHttpBinding with message security mode and username client credentials.

c# wcf wcf-security

asked Jun 03 '10 at 16:15

Sergey Smelov

1,081
3
14
26

votes

8 answers

How do I trigger the browser's Basic Authentication dialog from an AJAX call?

I'm using basic authentication to secure a set of WCF web services exposed only inside our corporate network, and I was wondering if there was a way to trigger the browser's credentials dialog to appear from an AJAX call when the web service returns…

javascript ajax wcf basic-authentication wcf-security

asked Nov 10 '14 at 17:42

Richard

Prev 1

…

85 86 Next