balexandre
balexandre

Reputation: 75083

Calling an ASMX service that is secured with Windows Credentials

I've been given a Web Service (ASMX) to consume witch I need to use Windows credentials for.

So, I have set up my client VPN and called the WSDL, saved as an XML file and generated the proxy class using the svcutil.exe, so far, so good...

I'm calling the service as

// Web Service
client = new CmListSync.Models.WebCorePlayersSoapClient();
client.ClientCredentials.Windows.AllowedImpersonationLevel = System.Security.Principal.TokenImpersonationLevel.Impersonation;
client.ClientCredentials.Windows.ClientCredential = new System.Net.NetworkCredential(cUser, cPass, cDoma);

and in the web.config I have this setup:

  <system.serviceModel>
    <bindings>
      <wsHttpBinding>
        <binding name="WebCorePlayersSoap" closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00" bypassProxyOnLocal="false" transactionFlow="false" hostNameComparisonMode="StrongWildcard" maxBufferPoolSize="524288" maxReceivedMessageSize="65536" messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true" allowCookies="false">
          <readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384" maxBytesPerRead="4096" maxNameTableCharCount="16384" />
          <reliableSession ordered="true" inactivityTimeout="00:10:00" enabled="true" />
          <security mode="None">
            <transport clientCredentialType="Windows" proxyCredentialType="None" realm="" />
            <message clientCredentialType="Windows" algorithmSuite="Default" negotiateServiceCredential="true" />
          </security>
        </binding>
      </wsHttpBinding>
    </bindings>
    <client>
      <endpoint address="http://vm-wssrv01/players.asmx" binding="wsHttpBinding"
        bindingConfiguration="WebCorePlayersSoap" contract="WebCorePlayersSoap"
        name="WebCorePlayersSoap" />
    </client>
  </system.serviceModel>

but when I try to call the service I get an exception saying:

The HTTP request is unauthorized with client authentication scheme 'Anonymous'. The authentication header received from the server was 'Basic realm=\"vm-wssrv01\"'.

What am I missing? shouldn't the service authenticate normally as I have provided the windows credentials? What more should I do?

What I have tried:


From John Saunders comment:

I have switched to basicHttpBinding

  <system.serviceModel>
    <bindings>
      <basicHttpBinding>
        <binding name="WebCorePlayersSoap" closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00" bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard" maxBufferPoolSize="524288" maxReceivedMessageSize="65536" messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true" allowCookies="false">
          <readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384" maxBytesPerRead="4096" maxNameTableCharCount="16384" />
          <security mode="None">
            <transport clientCredentialType="Windows" proxyCredentialType="Windows" realm="vm-wssrv01" />
            <message clientCredentialType="UserName" algorithmSuite="Default" />
          </security>
        </binding>
      </basicHttpBinding>
    </bindings>
    <client>
      <endpoint address="http://vm-wssrv01/players.asmx" binding="basicHttpBinding"
        bindingConfiguration="WebCorePlayersSoap" contract="WebCorePlayersSoap"
        name="WebCorePlayersSoap" />
    </client>
  </system.serviceModel>

and tried changing the security mode to:

I'm running out of ideas :( The service is HTTP only, not HTTPS and I have no Certificate to use...

Upvotes: 5

Views: 9241

Answers (1)

balexandre
balexandre

Reputation: 75083

after 3 days, and with a big help from John Saunders as he stated that the only possible binding for an ASMX service would be basicHttpBinding (my search for an answer started to be much more focused) I got into this:

In the service caller, one must use the client.ClientCredentials.UserName as:

// Web Service
client = new CmListSync.Models.WebCorePlayersSoapClient();
client.ClientCredentials.UserName.UserName = cUser;
client.ClientCredentials.UserName.Password = cPass;

and in the configuration part, one needs to use:

  <system.serviceModel>
    <bindings>
      <basicHttpBinding>
        <binding name="WebCorePlayersSoap" closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00" bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard" maxBufferPoolSize="524288" maxReceivedMessageSize="65536" messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true" allowCookies="false">
          <readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384" maxBytesPerRead="4096" maxNameTableCharCount="16384" />
          <security mode="TransportCredentialOnly">
            <transport clientCredentialType="Basic" />
          </security>
        </binding>
      </basicHttpBinding>
    </bindings>
    <client>
      <endpoint address="http://vm-wssrv01/players.asmx" binding="basicHttpBinding"
        bindingConfiguration="WebCorePlayersSoap" contract="WebCorePlayersSoap"
        name="WebCorePlayersSoap">
        <identity>
          <dns value="localhost" />
        </identity>
      </endpoint>
    </client>
  </system.serviceModel>

Upvotes: 5

Related Questions