Stack Overflow
Stack Overflow

Questions tagged [wcf-security]

Questions related to the authentication and authorization services for Windows Communication Foundation (WCF) applications

Windows Communication Foundation is Microsoft's implementation of the WS-* web service specifications. Its security functionality mainly deals with authentication, authorization and secure over-the-wire transmission of user credentials.

When setting up WCF Security for an application, the following parameters need to be configured:

  • The type of credential required, e.g. NTLM, plaintext, or certificate authentication
  • The security mode: transport mode (e.g. SSL), message mode (SOAP message security), or a combination of both
  • Which endpoint(s) are protected

Once a client successfully connects to an endpoint protected with WCF Security, the server application can examine the security context to determine the identity of the client and to determine its authorizations (which need to be configured separately).

1285 questions
0
votes
1 answer

Authenticate user using our database

I read about using a WCF service but past experience reminds me that the service could not be used with a username/password successfully which means if someone found out the URL to the service they could make calls without providing any form of…
Computer
  • 2,149
  • 7
  • 34
  • 71
0
votes
1 answer

C# fine-grained permissions: multiple internal systems, intranet scenario

I have the following scenario: Multiple users (< 100) User accounts in AD (under different groups) Every group in AD corresponds to a internal department; each department have at least one supervisor (One may say) We have cross-supervisioning…
casals
  • 343
  • 4
  • 10
0
votes
1 answer

Silverlight Login page work on machine but not on other machine (window 7)

I face some strange issue in Silverlight 5 on machine which use window 7. I have a Silverlight app and after deploying it, it works fine on all user machine but on some of user machine it does not working. For Example My Username : Test and password…
Hitesh
  • 1,188
  • 5
  • 30
  • 52
0
votes
0 answers

How to create service for WSSE client in WCF

I am trying to call one Web service through WCF, which is having USERNAME AND PASSWORD in SOAP Header. I was able to create SOAP header in Client end, but have to test this from service end. Below is my generated SOAP Envelope from…
Chiranjeevi
  • 161
  • 1
  • 4
  • 22
0
votes
0 answers

WCF part of soap response body is signed instead of entire body

I have created a WCF client to consume a Java web service. The soap 1.1 request and response are signed and encrypted using X509 Certs. I am currently receiving the following exception when attempting to read the response data. Unable to resolve…
jenniferlee
  • 11
  • 1
0
votes
1 answer

LocalUser access for WCF hosted in IIS

I have tried every combination to allow unauthenticated access to WCF as in "Local System" accounts, in IIS without success. Here is what I've most recently tried: wsHttpBinding with Message security and mode set to "None". IIS anonymous access…
Sprague
  • 1,610
  • 10
  • 22
0
votes
1 answer

Avoid to create session in WCF

Is there a way to cancel the creation of the session if the method with the IsInitiating causes a validation error? I am requiring the user and password in the first method and I do not want to create the session if the credentials are not valid.…
Juan Simon
  • 178
  • 9
0
votes
0 answers

WCF REST/JSON Service UserNamePasswordValidator

I'm trying to use basic authentication with my WCF Rest/JSON service. Therefore I've create a class which derives from "UserNamePasswordValidator" and added it to my web.config. In IIS only Basic Authentication is enabled. Unfortunately this class…
stefan
  • 1,336
  • 3
  • 21
  • 46
0
votes
0 answers

Error while returning data in wcf?

When performing GetAll_SamplePriscriptionDrug function of the error message public EpriscriptionSrv() { using (var ctx = new EpriscriptionContext()) { ctx.Configuration.ProxyCreationEnabled = false; LstSamplePriscriptionDrug =…
user1039134
  • 33
  • 6
0
votes
0 answers

OperationContext Properties throw ObjectDisposedException After Writing Custom ServiceHostFactory

UPDATE: During further investigation, I realized that the mistake was not in the custom ServiceHostFactory as I originally thought, but in the way I had wrapped OperationContext internally. I'm going to update this question later today. I recently…
S. Dixon
  • 842
  • 1
  • 12
  • 26
0
votes
1 answer

Why does service allow clients with wrong (but trusted) certificates?

I set expected client certificate to "A": host.Credentials.ClientCertificate.SetCertificate("A", ...); host.Credentials.ServiceCertificate.SetCertificate("B", ...); Binding: new NetTcpBinding { …
Vlad
  • 3,001
  • 1
  • 22
  • 52
0
votes
2 answers

How to Configure a WCF service to work over both https and http

I have been fighting with configuring a WCF service hosted in a silverlight 4 application work over both https and http. so far i have only managed to get it work over either http or https but not both. I need it to be called on both. Below is my…
StackTrace
  • 9,190
  • 36
  • 114
  • 202
0
votes
1 answer

Receive error: Cannot find declaration element 'ActivityId'

This error is beyond my skill set so I apologize if I make some incorrect assumptions: The ActivityId is assigned when the API call is made from the client to the server, so I'm assuming I don't have control on how its generated. Assuming that I…
jrobinson6274
  • 163
  • 2
  • 13
0
votes
1 answer

WCF Net.Tcp transport UserName

I want to only transport UserName maybe like this. Od client sending: client.ClientCredentials.UserName.UserName = "name"; On server service consuming: OperationContext.Current.ServiceSecurityContext.PrimaryIdentity.Name; But its needed some kind…
user1015270
  • 39
  • 6
0
votes
0 answers

WCF Service authentication without Certificate

I am developing a WCF service. I want to authenticate my WCF service with a valid username and password without using any certificate. The username and password should only be supplied once not for every method. I've implemented my custom…
PamZy
  • 123
  • 1
  • 14
1 2 3
85 86