Authentication WCF - WCF-WCF

Similar Messages

• Multiple authentication in One WCF Service

  Hello,
  I need to use some authentication in my WCF Service, could you please if it is possible to use multiple authentication in One WCF Service? If it is possible, how to implement it.
  Thank you.

  Hi helloGoodman,
  I wonder if you mean that you want to use multiple authentication in One WCF Service endpoint, if so in WCF 4.5, it is supported to use multiple authentication in a single endpoint, for more information,
  please try to refer to the following articles:
  #Using Multiple Authentication Schemes with WCF:
  https://msdn.microsoft.com/en-us/library/hh556235(v=vs.110).aspx .
  http://blogs.msdn.com/b/james_osbornes_blog/archive/2011/11/04/2-auth-modes-on-1-endpoint-using-multiple-authentication-schemes-with-serviceauthorizationmanager.aspx .
  If you mean that you want to use multiple authentication in One WCF Service not in a single endpoint, then I will recommand you use multiple endpoints and in each endpoint you can use the independent authentication mode which you want.
  Best Regards,
  Amy Peng
  We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
  Click
  HERE to participate the survey.

• UsnernameToken authentication failed using WCF-BasicHttp adapter

  I have read the other topic that is identical to this, but there is no detail as to what was actually changed to allow Kerrey to override the default 256 character limit. So I figured I would start a new thread and see if someone can show me what my binding
  file should include to override this setting.
  thanks,
  Chuck
  Charles

  So, the problem is that somewhere in the BizTalk/WCF bridge layer, a password is cut off at 256.  The WCF-Custom Adapter has the same issue.
  You have two options.
  Biding File:
  Export a binding file.
  Trim all but the one Send Port where you need the long password.
  Fine the Password element in the TransportTypeData blob.  Yes, it's escaped Xml so edit carefully.
  Enter you long password, save.
  Import Binding file, then delete (so you don't have the clear test password anymore).
  SSO:  (This is the 'better' option)
  Create an SSO Affiliate Application
  Set the Service Credentials.  SSO will accept the long password.
  Set Use Single SignON and your Affiliate application in the Client Credentials dialog on the Security Tab.
  Somewhere prior to the Adapter (Orchestration, Send Pipeline) set the BTS.SSOTicket Context Property
  I've never tried the binding file option but SSO works great and is designed for such scenarios (storing passwords).

• Root element is missing - Response from a WCF service - WCF-Custom adapter

  hi BizTalk experts,
  In the production environment, as soon as the response is getting subscribed by the orchestration, the orchestration instance is getting suspended and the error that shows up in console is 
  "Root element is missing".
  I have checked the actual response message in the console it is a well formed xml. This is happening only for a few responses from the WCF services. A majority of them are getting processed successfully. I have tried getting the parsing the response in a
  pipeline (using custom pipeline component, the production one uses xml receive) and pass it to the orchestration, but it fails giving the same error.
  Thanks in advance.

  Do you have any mapping done on the response message from the WCF service . ?
  If so Better to copy the suspended message coming from the WCF service and validate against the custom response Schema you have created.
  Note : You can try running fiddler tool to check the response from from the web service incase of failure.
  Also try logging the message in the event viewer or any debug tool.
  Thanks
  Abhishek

• WCF service setup with certificate authentication error

  I have a WCF service setup and I need to use a certificate with it and are getting numerous errors when I attempt to browse it. The 1st error I get is "Security settings for this service require 'Anonymous' Authentication but it is not enabled for
  the IIS application that hosts this service."
  This sounds like a straightforward error message and setting the authentication method in IIS to anonymous resolves being able to browse the service. But I need to use a certificate and setting authentication to anonymous is obviously not right since we
  only want those with the proper certificate to access the service. I have all authentication methods in IIS set to disabled when I get the above error message. I have the SSL settings in IIS for the service set to require a certificate as well. I am using
  IIS 8.5 as well.
  Here is my config file in hoping someone could point me in the correct direction. The service should only work over HTTPS since we are using a certificate and I need the meta data exposed as well hence the mexHttpBinding. I have searched the web but no solution
  is working. Any help is appreciated.
  <?xml version="1.0" encoding="UTF-8"?>
  <configuration>
  <configSections>
  <sectionGroup name="applicationSettings" type="System.Configuration.ApplicationSettingsGroup, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
  <section name="HEALookupProxy.Properties.Settings" type="System.Configuration.ClientSettingsSection, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" requirePermission="false" />
  </sectionGroup>
  </configSections>
  <appSettings>
  <add key="aspnet:UseTaskFriendlySynchronizationContext" value="true" />
  </appSettings>
  <system.web>
  <compilation targetFramework="4.5.1" />
  <httpRuntime targetFramework="4.5.1" />
  <authentication mode="None"></authentication>
  </system.web>
  <system.serviceModel>
  <serviceHostingEnvironment multipleSiteBindingsEnabled="true">
  <baseAddressPrefixFilters >
  <add prefix="https"/>
  </baseAddressPrefixFilters>
  </serviceHostingEnvironment>
  <services>
  <service name="HEALookupProxy.HEALookupService" behaviorConfiguration="HEALookupServiceBehavior">
  <endpoint address="" binding="wsHttpBinding" contract="HEALookupProxy.IHEALookupService" bindingConfiguration="HEALookupConfig" />
  <endpoint contract="IMetadataExchange" binding="mexHttpBinding" address="mex" />
  </service>
  </services>
  <bindings>
  <wsHttpBinding>
  <binding name="HEALookupConfig">
  <security mode="TransportWithMessageCredential">
  <transport clientCredentialType="Certificate"/>
  </security>
  </binding>
  </wsHttpBinding>
  </bindings>
  <behaviors>
  <serviceBehaviors>
  <behavior name="HEALookupServiceBehavior">
  <serviceMetadata httpsGetEnabled="true"/>
  <serviceDebug includeExceptionDetailInFaults="false" />
  <serviceCredentials>
  <serviceCertificate x509FindType="FindBySubjectName" storeLocation="LocalMachine" storeName="My" findValue="certnameremoved" />
  </serviceCredentials>
  </behavior>
  </serviceBehaviors>
  </behaviors>
  </system.serviceModel>
  <system.webServer>
  <modules runAllManagedModulesForAllRequests="true" />
  <!--
  To browse web app root directory during debugging, set the value below to true.
  Set to false before deployment to avoid disclosing web app folder information.
  -->
  <directoryBrowse enabled="false" />
  <security>
  <authorization>
  <remove users="*" roles="" verbs="" />
  <add accessType="Allow" users="user1, user2" />
  </authorization>
  </security>
  </system.webServer>
  </configuration>

  Hi spark29er,
  >>The service should only work over HTTPS since we are using a certificate and I need the meta data exposed as well hence the mexHttpBinding.
  For creating the HTTPS WCF service, first please change the mexHttpBinding to
  mexHttpsBinding as following:
  <endpoint contract="IMetadataExchange" binding="mexHttpsBinding" address="mex" />
  For more information, please try to refer to:
  #Seven simple steps to enable HTTPS on WCF WsHttp bindings:
  http://www.codeproject.com/Articles/36705/simple-steps-to-enable-HTTPS-on-WCF-WsHttp-bindi .
  Then please try to check the following article about how to do the certificate authentication on HTTPS WCF Service:
  http://blogs.msdn.com/b/imayak/archive/2008/09/12/wcf-2-way-ssl-security-using-certificates.aspx .
  Besides, setting the
  includeExceptionDetailInFaults as false can give us more detailed error information.
  Best Regards,
  Amy Peng
  We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
  Click
  HERE to participate the survey.

• Error calling a BizTalk WCF Service with WCFTestClient

  I have published schema as a wcf service (WCF-CustomIsolated). I can browse to the wsdl from the local server and from my PC. I can call the service from a console application running on my pc, but when I attempt to add the service from the wcf test client,
  I get the message:
  Warning: No code was generated.If you were trying to generate a client, this could be because the metadata documents did not contain any valid contracts or servicesor because all contracts/services were discovered to exist in /reference assemblies. Verify
  that you passed all the metadata documents to the tool.Warning: If you would like to generate data contracts from schemas make sure to use the /dataContractOnly option.
  Was there a configuration step I missed?

  Hi Jeremy, probably not a configuration issue. I remember reading somewhere the inability of the client to consume the service in such scenarios. I am assuming metadata publishing is enabled. Will try and search the article I read.q
  Praveen Behara
  MCST : BizTalk Server 2006 R2, 2010
  Yup, metadata publishing is enabled. I can browse to the wsdl.   This is a pure message solution, so I'm using a custom disassembler pipeline component to receive the request and generate a response.  When the wcf test client tries to add
  the service, the execute method of my pipeline fires, which seems odd to me, because we're not actually making a request at this point,  only trying to get the meta data I would think.
  When adding the service, wcf test client's request has an action of
  http://schemas.xmlsoap.org/ws/2004/09/transfer/Get with an empty body like this:
  POST http://myserver/MyService/test.svc HTTP/1.1
  Content-Type: application/soap+xml; charset=utf-8
  Host: myserver
  Content-Length: 512
  Expect: 100-continue
  Accept-Encoding: gzip, deflate
  Connection: Keep-Alive
  <s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:a="http://www.w3.org/2005/08/addressing">
  <s:Header>
  <a:Action s:mustUnderstand="1">http://schemas.xmlsoap.org/ws/2004/09/transfer/Get</a:Action>
  <a:MessageID>urn:uuid:8bd3f321-0a94-44f1-9eb4-5575068cc408</a:MessageID>
  <a:ReplyTo>
  <a:Address>http://www.w3.org/2005/08/addressing/anonymous</a:Address>
  </a:ReplyTo>
  <a:To s:mustUnderstand="1">http://myserver/MyService/test.svc</a:To>
  </s:Header>
  <s:Body/>
  </s:Envelope>
  I'm assuming somehow the BizTalk receive location would have to be configured to behave differently under this circumstance instead of passing the message to the pipeline component...

• Don't get WCF with custom Class working

  Hey
  I am starting with playing around with WCF. But I don't get it working. I can't see my Problem and this since a few days...
  So, I will explain in Detail, what I did so far.
  I created a blank ASP.NET Project (VS 2013)
  Within I created 2 files
  The first file is the Contract Interface
  mports System.ServiceModel
  Namespace DataClasses
  <ServiceContract> _
  Public Interface ITestService
  <OperationContract> _
  Function ReturnClass() As List(Of TestDataClass)
  End Interface
  End Namespace
  Ok, the second is the TestDataClass
  Imports System.Data.Services.Common
  Imports System.Runtime.Serialization
  Namespace DataClasses
  <Serializable> _
  <DataContract> _
  Public Class TestDataClass
  <DataMember> _
  Public Property Id As Long
  <DataMember> _
  Public Property Firstname As String
  <DataMember> _
  Public Property Lastname As String
  End Class
  End Namespace
  Ok. - The next Thing, I was doing is to create the "returning" information
  Imports System.ServiceModel.Web
  Namespace Proxy
  Public Class TestData
  Implements DataClasses.ITestService
  Public Function ReturnClass() As List(Of DataClasses.TestDataClass) Implements DataClasses.ITestService.ReturnClass
  Dim retList As New List(Of DataClasses.TestDataClass)
  retList.Add(New DataClasses.TestDataClass With {.Firstname = "My", _
  .Id = 2, _
  .Lastname = "Name"})
  Return retList
  End Function
  End Class
  End Namespace
  Ok - So far, as I understood, This should be all correct. (I hope)
  The next, I did was to add a WCF Data Service 5.6 file
  Within this file I changed the code to this:
  Imports System.Data.Services
  Imports System.Data.Services.Common
  Imports System.Linq
  Imports System.ServiceModel.Web
  Public Class DataModelWcf
  Inherits DataService(Of Proxy.TestData)
  ' This method is called only once to initialize service-wide policies.
  Public Shared Sub InitializeService(ByVal config As DataServiceConfiguration)
  config.SetEntitySetAccessRule("*", EntitySetRights.AllRead)
  'config.SetServiceOperationAccessRule("*", ServiceOperationRights.All)
  config.DataServiceBehavior.MaxProtocolVersion = DataServiceProtocolVersion.V2
  End Sub
  End Class
  OK. - When I now test the Service by clicking on it and run in browser, I get the following:
  <?xml version="1.0" encoding="UTF-8" standalone="true"?>
  -<service xmlns="http://www.w3.org/2007/app" xmlns:app="http://www.w3.org/2007/app" xmlns:atom="http://www.w3.org/2005/Atom" xml:base="http://localhost:1523/DataModelWcf.svc/">
  -<workspace>
  <atom:title>Default</atom:title>
  </workspace>
  </service>
  OK - The Service itself runs. - But I don't get any "Operation". I can't see my failure. - I tested around for the last few days, but I don't have a Clou, what's wrong...
  I also added a Service into the config file (but don't think, that this will make some differences)
  <system.serviceModel>
  <services>
  <service name="WCF_Test.Proxy.TestData">
  <endpoint address="" contract="WCF_Test.DataClasses.ITestService" binding="basicHttpBinding"/>
  <endpoint address="mex" contract="IMetadataExchange" binding="mexHttpBinding"/>
  </service>
  </services>
  <serviceHostingEnvironment aspNetCompatibilityEnabled="true" />
  </system.serviceModel>
  So, thanks for every Little hint to solve this.
  THX - Have  nice Weekend!

  Hello Zero-G. _,
  >> But I don't get any "Operation". I can't see my failure. - I tested around for the last few days, but I don't have a Clou, what's wrong...
  I am afraid that you have mixed the WCF and WCF Data Service, here is a WCF Service example(it works with the Entity Framework while it is not WCF Data Service):
  http://www.codeproject.com/Articles/127395/Implementing-a-WCF-Service-with-Entity-Framework, please check it, in your case, you are use this mode and you do not need to create WCF Data Services.
  If you want to write a custom method in WCF Data Service, you could refer to this link:
  https://msdn.microsoft.com/en-us/library/dd744841(v=vs.110).aspx, as you can see, although if we declare a custom method, it would not show in the web browser, we call it as adding
  the method after the based service link directly:
  http://localhost:12345/Northwind.svc/GetOrdersByCity
  Or call it by using a client project which could detect this method and call it as in this blog:
  http://blogs.msdn.com/b/dataaccesstechnologies/archive/2009/12/01/way-to-expose-custom-method-in-an-entity-class-from-wcf-data-service.aspx
  Regards,
  Fred.
  We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
  Click
  HERE to participate the survey.

• WCF Rest Service

  Hi,
  What the difference betwwen the wcf rest service and web api? When to choose to use the web api?

  Hi Andrewsys,
  >>What the difference betwwen the wcf rest service and web api?
  For the difference betwwen the WCF Rest Service and Web API, please try to refer to the following information:
  WCF Rest Service:
  To use WCF as WCF
  Rest service you have to enable webHttpBindings.
  It support HTTP GET and POST verbs by [WebGet] and [WebInvoke] attributes respectively.
  To enable other HTTP verbs you have to do some configuration in IIS to accept request of that particular verb on .svc files
  Passing data through parameters using a WebGet needs configuration. The UriTemplate must be specified
  It support XML, JSON and ATOM data format.
  Web API:
  This is the new framework for building HTTP services with easy and simple way.
  Web API is open source an ideal platform for building REST-ful services over the .NET Framework.
  Unlike WCF Rest service, it use the full featues of HTTP (like URIs, request/response headers, caching, versioning, various content formats)
  It also supports the MVC features such as routing, controllers, action results, filter, model binders, IOC container or dependency injection, unit testing that makes it more simple and robust.
  It can be hosted with in the application or on IIS.
  It is light weight architecture and good for devices which have limited bandwidth like smart phones.
  Responses are formatted by Web API’s MediaTypeFormatter into JSON, XML or whatever format you want to add as a MediaTypeFormatter.
  >>When to choose to use the web api?
  Choose Web API when you want to create a resource-oriented services over HTTP that can use the full features of HTTP (like URIs, request/response headers, caching, versioning, various content formats).
  Choose Web API when you want to expose your service to a broad range of clients including browsers, mobiles, iphone and tablets.
  For more information, please try to refer to the following articles:
  https://msdn.microsoft.com/en-us/library/jj823172(v=vs.110).aspx .
  http://www.dotnet-tricks.com/Tutorial/webapi/JI2X050413-Difference-between-WCF-and-Web-API-and-WCF-REST-and-Web-Service.html
  http://blogs.msdn.com/b/fkaduk/archive/2014/01/07/rest-wcf-vs-webapi-throughput.aspx .
  Best Regards,
  Amy Peng
  We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
  Click
  HERE to participate the survey.

• ColdFushion calling C# WCF basicHttpBinding not talking

  I am a C# developer that has never done a web service and new to ColdFushion. When I test the service it is great, but I cannot get to the method when I call it in CF. I get the home page, or my latest error says "Cannot perform web service invocation
  GetEmailsFor".
  Help please.
  My web service app.config has ...
  My app.config has this... <services>
  <service name="WCF.GetService">
  <endpoint address="" binding="basicHttpBinding" contract="WCF.IGetService">
  <identity>
  <dns value="localhost" />
  </identity>
  </endpoint>
  <!--<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" />-->
  <endpoint address="mex" binding="mexHttpBinding" contract="WCF.IGetService" />
  <host>
  <baseAddresses>
  <!--<add baseAddress="http://localhost:8733/Design_Time_Addresses/WCF.GetService.svc" />-->
  <add baseAddress="http://dev-wcf/sideswebservice/WCF.GetService.svc" />
  </baseAddresses>
  </host>
  </service>
  </services>
  <behaviors>
  <serviceBehaviors>
  <behavior>
  <!-- To avoid disclosing metadata information,
  set the values below to false before deployment -->
  <serviceMetadata httpGetEnabled="True" httpsGetEnabled="False" />
  <!-- To receive exception details in faults for debugging purposes,
  set the value below to true. Set to false before deployment
  to avoid disclosing exception information -->
  <serviceDebug includeExceptionDetailInFaults="False" />
  </behavior>
  </serviceBehaviors>
  </behaviors>
  My interface has this... [ServiceContract()]
  public interface IGetService
  [OperationContract(Name = "GetEmailsFor")]
  //[OperationContract]
  [WebInvoke(Method="GET",ResponseFormat=WebMessageFormat.Xml, BodyStyle=WebMessageBodyStyle.Wrapped, UriTemplate="xml/{bin}/{population}")]
  //[WebGet]
  List<EmailRecord> GetEmailsFor(string bin, Int32 population);
  //List<EmailRecord> GetEmailsFor(string bin, string population);
  My ColdFushion has this...
  <cfinvoke webservice = "http://dev-wcf/sideswebservice/WCF.GetService.svc?singleWsdl"
  method = "GetEmailsFor"
  refreshwsdl="yes" <!--- temp --->
  returnVariable = "httpResponse">
  <cfinvokeargument name="bin" value="0000210883"/>
  <cfinvokeargument name="population" value=0/>
  </cfinvoke>
  I cannot get them to talk. Only errors.
  I did try making it restful (webHttpBinding), but it would only allow me to return an int or void so I switched. I have seen things that say rpc would work but do not know exactly what to switch to do that.

  Hi Sharlie50,
  >>When I test the service it is great, but I cannot get to the method when I call it in CF
  Based on your description, I know that your WCF Service works great, but it can not be called in
  ColdFushion. Could you please try to use a Console application to do a test to see if it works. If it does not work in a Console application, please try to post a detailed error information in here. If it works in a Console
  application, it seems that there is something wrong with the
  ColdFushion client, then please try to refer to the following articles about how to consume web services in ColdFishion:
  http://help.adobe.com/en_US/ColdFusion/9.0/Developing/WSc3ff6d0ea77859461172e0811cbec22c24-78b4.html.
  http://stackoverflow.com/questions/18924162/can-someone-tell-me-if-colfusion-8-can-consume-a-wcf-service.
  Besides, since the WCF Services works great and the ColdFishion is out of our forum support scope, so it will be better if you try to post your question in ColdFishion Forum for better support:
  https://forums.adobe.com/community/coldfusion .
  Thanks for your understanding.
  Best Regards,
  Amy Peng
  We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
  Click
  HERE to participate the survey.

• Large WCF responses received slowly

  We have WCF-WSHttp request-response WCF-receive locations in Biztalk 2013 that external parties call. Requests are processed in an orhcestration that makes a new WCF request-response to an internal endpoint. The response from the internal
  WCF-endpoint (WCF-Custom using binaryMessageEncoding over httpTransport) is then processed in the ochestration and a response is delivered external party.
  This all is working except when the response message from the internal endpoint is a large message (1-10Mb). For a 10Mb response message it takes around 5-10min for Biztalk to receive it over the receive pipeline (Default XMLDissassembler).
  What can we do to speed up the receive of these large messages?

  Hi,
  Have you analysed how much time your Internnal endpoint takes while seding response back  to Orchestration. I would suggest to do some tracing to note the request response time .
  You can the go with BizTalk Optimization if necessary .
  Few Optimization can be done by
  1) Set The MaxReceiveInterval from adm_service(BizTalk Management DB) class table 100 ms from 500(By default).
  2) Increased the Throttling Settings Internal message queue size to 1000 from 100 In new Application Host.
  3) Set the Maximum number of messaging engine threads per CPU to 40 (By default it is 20).
  And for detailed information you can read below link
  http://www.microsoft.com/en-us/download/details.aspx?id=10855
  Thanks
  Abhishek

• WCF - Custom WSDL (Authentication)

  I`m looking for a way to generate a WSDL based on the permissions the user has.
  We using DigistAuthentication for authorization.
  What we have so far..
  When the user logon with his credentials I can produce the WSDL for this user because I have the UserIdentity and I can use IWsdlExportExtension with ExportContract to create the WSDL for this user.
  Whats the problem..
  After a user did logon to the webservice, the service description is created for the first user which logged on. I would like to be able to generate the WSDL (ServiceDescription) for each user.

  Since the authentication is not occurring where the service is hosted, the solution will be to hand-craft a WSDL file, and then tell WCF to reference it using
  externalmetadatalocation.

• WCF - Getting the "The authentication schemes configured on the host ('Anonymous') ....." error

  "The authentication schemes configured on the host ('Anonymous') do not allow those configured on the binding 'BasicHttpBinding' ('Ntlm'). "
  I am brand new to WCF and services in general.  I have turned on the basic, windows & digest auth modes in my iis express.  
  One thing I just noticed in my iis express config file, I had turned on basic auth in the "turn of windows stuff" in the task manager then rebooted, but I just opened the applicationhost.config file on my machine and saw this:
              <authentication>
                  <anonymousAuthentication enabled="true" userName="" />
                  <basicAuthentication enabled="false" />
  shouldn't that basicAuthentication read as true?
  I was given this existing project to make some changes to, but I cant even get it to run on my machine, so I'm assuming something is up with my local iis express settings.
  This project has 3 services in it.  Here is a partial of the webConfig:
          <bindings>
            <basicHttpBinding>
              <binding name="BasicHttpBinding_IDataMaintenanceService" maxBufferSize="2147483647" maxReceivedMessageSize ="2147483647" maxBufferPoolSize="2147483647" >
                <readerQuotas maxDepth="2147483647"
                maxArrayLength="2147483647" maxBytesPerRead="2147483647"
                maxNameTableCharCount="2147483647" maxStringContentLength="2147483647"/>
                <security mode="TransportCredentialOnly" >
                  <transport clientCredentialType="Ntlm"/>
                </security>
              </binding>
              <binding name="BasicHttpBinding_IYearEndProcessingService" maxBufferSize="2147483647" maxReceivedMessageSize ="2147483647" maxBufferPoolSize="2147483647" >
                <readerQuotas maxDepth="2147483647"
                maxArrayLength="2147483647" maxBytesPerRead="2147483647"
                maxNameTableCharCount="2147483647" maxStringContentLength="2147483647"/>
                <security mode="TransportCredentialOnly" >
                  <transport clientCredentialType="Ntlm"/>
                </security>
              </binding>
  Simon.

  Hi battlFrog,
  Well Done!
  I am very glad that you have solved your problem by yourself.
  If you have any others problem, welcome to post it in this forum.
  Best Regards,
  Amy Peng
  We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
  Click
  HERE to participate the survey.

• Windows authentication with WCF-NetTcp adapter

  I have a WCF-NetTcp receive location and I like to set it up with Windows Authentication. (transport security)
  IIS or WAS is not used so the receive port is self-hosted.
  I would like to configure a certain user or group that has permission to send messages to this receive location. All other users/groups must be denied acces. How do I achieve this? I know how to configure windows authentication in the binding but I cannot
  find a way to configure a specific user or group.
  I am using BizTalk Server 2010.

  Hi,
  You should implement a custom behavior extension to achieve this.
  See
  here for an example.
  Regards,
  René
  Thanks, I was already looking in this direction but was hoping this could have been done easier.

• BizTalk exposed WCF 403 - Forbidden: Access is denied WCF

  Im using BizTalk server 2010.cretaed Certificate in IIS and shared to client the same as a public cert.
   Im using httpsTransport with customBinding.followed below url
  http://blogs.msdn.com/b/bizintegration1/archive/2011/08/23/exposing-biztalk-orchestration-as-a-wcf-service-over-ssl.aspx
  When I try to Browse in BizTalk server with https, im able to browse, but in the client side, they are not able to browse
  and they get "403 - Forbidden: Access is denied. You do not have permission to view this directory or page using the credentials that you supplied." Is there anythng that needs to be set in BizTalk or the settings should be done at the client end?
  IIS autehntification mode is anonymous is configued.plz let me know anything to do in biztalk and IIS level
  Regards BizTalkWorship

  This is because your client has not provided the certificate while browsing the service URL.
  If they (client) have installed the certificate in correct folder and then while browsing folder the service, client should provide the certificate through browser.
  For Internet Explorer, a pop-up should with all the certificates
  installed in their personal store. They need to select the certificate that they already installed in it.
  Look into this article (from
  On the client side: section onwards) for how to browse the service from IE by providing the certificate.
  http://blogs.msdn.com/b/asiatech/archive/2014/02/13/how-to-configure-iis-client-certificate-mapping-authentication-for-iis7.aspx
  Note: Above article is just relavant to you from
  On the client side: section onwards i.e for instructing your client to use certificate while browsing.
  FireFox
  You will get an error that says “HTTP Error 403.7 – Forbidden” “The page you are attempting to access requires your browser to have a Secure Sockets Layer (SSL)
  client certificate that the Web server recognizes.”
  In
  FireFox go to Tools –> Options –> Advanced –> Encryption –> View Certificates
  Click import and select the certificate with private key file you exported earlier (the .pfx file)
  You will need to clear history now or restart browser
  Just FYI for installing certifate correctly in client side, if they use Windows (off-course):
  MMC, add certificate snap-in for “current user”
  Browse to Certificates (Current User) –> Personal –> Certificates
  Right click this node and select All Tasks and Import from the popup menu
  Follow the steps in the wizard, selecting the public certificate you have shared o client.
  Regards,
  M.R.Ashwin Prabhu
  If this answers your question please mark it accordingly. If this post is helpful, please vote as helpful by clicking the upward arrow mark next to my reply.

• Issue with OSI PI WCF Web Service with wshttpbinding

  Hi Experts,
  System Details:
  SAP MII 14 SP4
  OSI PI Web Service: PITimeSeries
  I am having issue when trying to call OSI PI web service using http post. it is returning status 0 when i am using exception handler in BLS.
  Same web service works fine with basichttpbinding (SOAP 1.1)  but with wshttpbinding (SOAP 1.2) it is giving error.
  Following are Web config binding details for web service.
        <wsHttpBinding>
          <binding name="wsBinding_2011" sendTimeout="00:01:00" receiveTimeout="00:10:00" bypassProxyOnLocal="false" transactionFlow="false" hostNameComparisonMode="StrongWildcard" maxBufferPoolSize="524288" maxReceivedMessageSize="65536" messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true" allowCookies="false">
            <reliableSession ordered="true" inactivityTimeout="00:10:00" enabled="false" />
            <security mode="Message">
              <message clientCredentialType="Windows" negotiateServiceCredential="true" algorithmSuite="Default" establishSecurityContext="true" />
            </security>
          </binding>
        </wsHttpBinding>
  I am not sure it could be the issue with passing windows credentials.
  Did anybody consumed WCF web service with wshttpbinding with security mode as Message and clientCredentialType as Windows.
  Also i was trying to pass MYSAPSSO2 SSO token to service in http post but first i am not sure if this is correct windows token and second which header property of service should be mapped and i am not sure that I am going into correct direction or not.
  Please let me know what i am missing.
  I have tried following other options and tools:
  SOAP UI: basichttpbinding works fine for wshttpbinding receiving Internal Server error in log and Response as
                    The security context token is expired or is not valid.
  MII Web Service Action Block: basichttpbinding works fine for wshttpbinding not able to configure url through wizard because as per                                                                              my discussion with other MII experts MII does not support SOAP1.2. that is one reason for using http post.
  WCF Storm: both bindings works fine (There is option to select windows authentication and Impersonation level as delegation)
  WCF Test Client: Both bindings works fine
  Any help is appreciated.
  Thanks & Regards,
  Manoj Bilthare

  Hi Sam,
  The web service is valid following are details of testing on various tools.
  SOAP UI: basichttpbinding works fine for wshttpbinding receiving Internal Server error in log and Response as The security context token is expired or is not valid.
  MII Web Service Action Block: basichttpbinding works fine for wshttpbinding not able to configure url through wizard because as per my discussion with other MII experts MII does not support SOAP1.2. that is one reason for using http post.
  WCF Storm: both bindings works fine (There is option to select windows authentication and Impersonation level as delegation)
  WCF Test Client: Both bindings works fine
  Please let me know if additional details required.
  Thanks & Regards,
  Manoj Bilthare