bala3569
Reputation: 11010
The HTTP request is unauthorized with client authentication scheme 'Anonymous'?
While trying to invoke a RESTful service(i have used UserNameAuthenticator from this sample for RESTful service Adding basic HTTP auth to a WCF REST service) from my web client application am getting an error like
The HTTP request is unauthorized with client authentication scheme 'Anonymous'. The authentication header received from the server was 'Basic Realm'.
Client CS code
BasicHttpBinding binding = new BasicHttpBinding();
binding.SendTimeout = TimeSpan.FromSeconds(25);
binding.Security.Transport.ClientCredentialType =
HttpClientCredentialType.Basic;
EndpointAddress address = new EndpointAddress("http://localhost:12229/RestServiceImpl.svc");
ChannelFactory<RestService.IRestServiceImpl> factory =
new ChannelFactory<RestService.IRestServiceImpl>(binding, address);
RestService.IRestServiceImpl channel = factory.CreateChannel();
channel.GetStudent();
Client Web.config
<system.serviceModel>
<services>
<service name="RestService.RestServiceImpl">
<endpoint address="http://localhost:12229/RestServiceImpl.svc"
binding="basicHttpBinding" bindingConfiguration="BasicHttpBinding_ExternalSystemsService_v1Interface"
contract="RestService.IRestServiceImpl"
name="ExternalSystemsService_v1Port" />
</service>
</services>
<bindings>
<basicHttpBinding>
<binding name="BasicHttpBinding_ExternalSystemsService_v1Interface"
closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:10:00"
sendTimeout="00:01:00" allowCookies="false" bypassProxyOnLocal="false"
hostNameComparisonMode="StrongWildcard" maxBufferSize="65536"
maxBufferPoolSize="524288" maxReceivedMessageSize="65536"
messageEncoding="Text" textEncoding="utf-8" transferMode="Buffered"
useDefaultWebProxy="true">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
maxBytesPerRead="4096" maxNameTableCharCount="16384" />
<security mode="TransportCredentialOnly">
<transport clientCredentialType="None" proxyCredentialType="None"
realm="" />
<message clientCredentialType="UserName" algorithmSuite="Default" />
</security>
</binding>
</basicHttpBinding>
</bindings>
</system.serviceModel>
and RESTful service Web.config
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="webHttpTransportSecurity">
<security mode="TransportCredentialOnly">
<transport clientCredentialType="None" proxyCredentialType="None" realm="" />
<message clientCredentialType="UserName" algorithmSuite="Default" />
</security>
</binding>
</basicHttpBinding>
</bindings>
<services>
<service name="RestService.RestServiceImpl">
<endpoint name="ExternalSystemsService_v1Port" address="" binding="basicHttpBinding" bindingConfiguration="BasicHttpBinding_ExternalSystemsService_v1Interface" contract="RestService.IRestServiceImpl"></endpoint>
</service>
</services>
<behaviors>
<endpointBehaviors>
<behavior>
<webHttp />
</behavior>
</endpointBehaviors>
<serviceBehaviors>
<behavior name="SecureRESTSvcTestBehavior">
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="false" />
<serviceDebug includeExceptionDetailInFaults="true" />
<serviceCredentials>
<userNameAuthentication userNamePasswordValidationMode="Custom" customUserNamePasswordValidatorType="RESTfulSecuritySH.CustomUserNameValidator, RESTfulSecuritySH" />
</serviceCredentials>
</behavior>
</serviceBehaviors>
</behaviors>
<serviceHostingEnvironment multipleSiteBindingsEnabled="true" />
</system.serviceModel>
Any suggestion?
Upvotes: 1
Views: 17048
Answers (1)
JustinDSN
Reputation: 61
One thing that sticks out to me is that in your Client CS Code you programmatically set the transport's client credential type:
binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Basic;
But in both the client and server configuration file you set the message client credential type. Notice how the transport element's clientCredentialType attribute is set to "None" and message element's clientCredentialType is set to "UserName":
<transport clientCredentialType="None" proxyCredentialType="None" realm="" />
<message clientCredentialType="UserName" algorithmSuite="Default" />
I always try to get it working in development with security turned off and then slowly turn it back on.
Also is this a new development project? I was curious why you're using WCF over ASP.NET Web API for a RESTful service.
Upvotes: 2
Related Questions
- WCF REST Service works fine on local , gives Unauthorized (401) error on Remote server whereas the service has Anonymous access
- How to fix "The HTTP request was forbidden with client authentication scheme 'Anonymous'"
- Getting 403 Forbidden error. The HTTP request was forbidden with client authentication scheme 'Anonymous'
- Exception = The HTTP request is unauthorized with client authentication scheme 'Anonymous'
- MessageSecurityException: The HTTP request was forbidden with client authentication scheme 'Anonymous'" when accessing credential secured WCF service
- Cannot Get WCF Basic authentication to authenticate user
- Reproduce Issue: The http request was forbidden with client authentication scheme 'anonymous'
- The authentication schemes configured on the host ('Anonymous') do not allow those configured on the binding 'WebHttpBinding' ('Basic')
- "The HTTP request is unauthorized with client authentication scheme 'Anonymous'"
- WCF Service webHttpBinding Anonymous Authentication