Stack Overflow
Stack Overflow

Questions tagged [wcf-security]

Questions related to the authentication and authorization services for Windows Communication Foundation (WCF) applications

Windows Communication Foundation is Microsoft's implementation of the WS-* web service specifications. Its security functionality mainly deals with authentication, authorization and secure over-the-wire transmission of user credentials.

When setting up WCF Security for an application, the following parameters need to be configured:

  • The type of credential required, e.g. NTLM, plaintext, or certificate authentication
  • The security mode: transport mode (e.g. SSL), message mode (SOAP message security), or a combination of both
  • Which endpoint(s) are protected

Once a client successfully connects to an endpoint protected with WCF Security, the server application can examine the security context to determine the identity of the client and to determine its authorizations (which need to be configured separately).

1285 questions
0
votes
1 answer

Exposing operations based on client

I am really confused about one scenario in WCF. I have on WCF service " SERVICE1" which exposes two operations "OP1" and "OP2". There are two clients consuming the service "CLIENT1" AND "CLIENT2". The condition is "CLIENT1" can only invoke "OP1"…
Gopal
  • 57
  • 6
0
votes
2 answers

Securing WCF with basichttpbinding

I am using basicHttpBinding,message security and x509 certificate in my WCF service(.Net Framework 4.0).The config looks like this:
user1550951
  • 369
  • 2
  • 9
  • 26
0
votes
1 answer

Use Both Certificate and User/Pass to Consume Java Web Service From .Net

I have a .Net c# client that needs to consume a Java web service from a third party. They require both a client cert and user name and password. I have the cert set up but constantly get 401 Unauthorized because I don't think the username and…
Brett Bim
  • 3,190
  • 4
  • 28
  • 26
0
votes
1 answer

is wcf ClientCredential username and password secure?

I have a wcf and upload it on my host on a web farms and use this secure mode:
motevalizadeh
  • 5,244
  • 14
  • 61
  • 108
0
votes
1 answer

Service does not receive client credentials

I cannot seem to authorize service contract operations based on the credentials of the user who is calling my WCF service. Service Web.Config
Remotec
  • 10,304
  • 25
  • 105
  • 147
0
votes
0 answers

How can I correct the WSDL when the policy expression's "normalized form was too large"

So - I've been tasked with creating a proxy client to the following service, but I'm having a heck of a time generating a client that's happy with the requirements. The WSDL is located here:…
djbyter
  • 763
  • 8
  • 28
0
votes
1 answer

how to secure wcf services

I am looking for some architecture advice on the following. I have a set of WCF services that provide an interface to a SQL Server database. These services are not publically exposed and can only be accessed via a VPN. Up to this point the services…
amateur
  • 43,371
  • 65
  • 192
  • 320
0
votes
1 answer

Login failed for user 'NT AUTHORITY\\ANONYMOUS LOGON' when accessing sql server from a wcf service with impersonation

I have a very specific problem with a WCF service I'm using: I have an ASP.NET page with 2 dropdowns: The first one is populated from the ASP.NET code behind. The other one is populated from a WCF service via a jQuery ajax call. Both of them use…
Sven Schelfaut
  • 522
  • 1
  • 7
  • 18
0
votes
1 answer

WCF message authentication with both username and certificate

Long story short: My WCF clients should be able to provide both username and certificate to a service hosted in IIS, where I should use that information to validate requests using a custom policies. Complete story: I have the need to authenticate…
fra
  • 3,488
  • 5
  • 38
  • 61
0
votes
1 answer

makecert.exe generate certificates but (certificates)its does not show in certmgr windows?

C:\windows\system32\makecert.exe -r -n "CN=HanuSoft CA" -pe -sv HanuSoftCA.pvk -a sha1 -len 2048 -b 09/04/2013 -e 09/05/2016 -cy authority HanuSoft.cer after taking password.. Succeed but m not found any certificate in certmgr windows, please any…
kavita verma
  • 75
  • 1
  • 10
0
votes
1 answer

WCF Service with Domain Validation

I am working on a Messaging Application built using WPF and WCF-RESTful site. This application is used inside intranet as well as internet. The application prompts for authentication (custom login screen in the messaging application) when it…
InvincibleInDN
  • 90
  • 1
  • 8
0
votes
1 answer

WCF Message body encryption with SSL

I am new to WCF. I am investigating the right way to have message body encryption over HTTPS (mixing both transport and message level security at the moment) I have HttpsGetEnabled. Using WsHttpBinding, I still see the message body unencrypted …
byte
  • 1,665
  • 1
  • 19
  • 36
0
votes
1 answer

WCF Session Configuration error

i want to enable (SessionMode=SessionMode.Required) in my service, so when i have enabled it then test the service using WCF Client Test it raise the following error: The message could not be processed. This is most likely because the action…
user2431952
  • 17
  • 1
  • 5
0
votes
1 answer

How to get RequestSecurityToken.AppliesTo from a custom SecurityTokenHandler

I'm implementing a custom UserNameSecurityTokenHandler which validates a request token based on 3 things: username, password, and the AppliesTo value of a RequestSecurityToken. While the username and password values are available for me to use, I…
Thuan
  • 1,618
  • 1
  • 10
  • 21
0
votes
1 answer

WCF TCP Binding in a self hosted WinForms App

I have decided to do net.tcp binding in my self hosted wcf app (with transport level encryption). While I had quite an interesting time in getting info on the subject of making a self hosted wcf app work, my current working solution does not…
Louis van Tonder
  • 3,664
  • 3
  • 31
  • 62
1 2 3
85 86