CODEWITHSUNDEEP
.netwcfsecuritywcf-binding
Blankman
Blankman

Reputation:

WCF error: The caller was not authenticated by the service

I am trying to access my WCF service on a server from my client console application for testing. I am getting the following error:

The caller was not authenticated by the service

I am using wsHttpBinding. I'm not sure what kind of authentication the service is expecting?



<behaviors>
  <serviceBehaviors>
    <behavior name="MyTrakerService.MyTrakerServiceBehavior">
      <!-- To avoid disclosing metadata information, set the value below to false and remove the metadata endpoint above before deployment -->
      <serviceMetadata httpGetEnabled="true"/>
      <!-- To receive exception details in faults for debugging purposes, set the value below to true.  Set to false before deployment to avoid disclosing exception information -->
      <serviceDebug includeExceptionDetailInFaults="false"/>
    </behavior>
  </serviceBehaviors>
</behaviors>

Update It works if I change my binding to <endpoint "basicHttpBinding" ... /> (from wsHttpBinding) on the IIS 7.0 hosted, windows 2008 server

Upvotes: 44

Views: 113162

Answers (10)

Nani
Nani

Reputation: 1176

I also had the same problem in wsHtppBinding. And I just had to add security mode pointing to none, that solved my problem and no need to switch to basicHttpBinding. Check Here and check how to disable WCF security. Check the below config change for reference:

<wsHttpBinding>
    <binding name="soapBinding">
        <security mode="None">
            <transport clientCredentialType="None" />
            <message establishSecurityContext="false" />
        </security>
    </binding>
</wsHttpBinding>

Upvotes: 0

yiannis
yiannis

Reputation: 430

This can be caused if the client is in a different domain than the server.

I encountered this when testing one of my applications from my PC(client) to my (cloud) testing server and the simplest solution i could think of was setting up a vpn.

Upvotes: 0

Ajay Shankar
Ajay Shankar

Reputation: 395

I was able to resolve the shared issue by following below steps:

  1. Go to IIS-->Sites-->Your Site-->
  2. Features View Pane-->Authentication
  3. Set Anonymous Authentication to Disabled
  4. Set Windows Authentication to Enabled

enter image description here

Upvotes: 1

farhang67
farhang67

Reputation: 789

if needed to specify domain(which authecticates username and password that client uses) in webconfig you can put this in system.serviceModel services service section:

<identity>          
<servicePrincipalName value="example.com" />
</identity>

and in client specify domain and username and password:

 client.ClientCredentials.Windows.ClientCredential.Domain = "example.com";
 client.ClientCredentials.Windows.ClientCredential.UserName = "UserName ";
 client.ClientCredentials.Windows.ClientCredential.Password = "Password";

Upvotes: 0

Brian
Brian

Reputation: 3713

If you're using a self hosted site like me, the way to avoid this problem (as described above) is to stipulate on both the host and client side that the wsHttpBinding security mode = NONE.

When creating the binding, both on the client and the host, you can use this code: 

 Dim binding as System.ServiceModel.WSHttpBinding 
 binding= New System.ServiceModel.WSHttpBinding(System.ServiceModel.SecurityMode.None)

or

 System.ServiceModel.WSHttpBinding binding
 binding = new System.ServiceModel.WSHttpBinding(System.ServiceModel.SecurityMode.None);

Upvotes: 1

kishore
kishore

Reputation: 21

set anonymous access in your virtual directory

write following credentials to your service 

ADTService.ServiceClient adtService = new ADTService.ServiceClient();
adtService.ClientCredentials.Windows.ClientCredential.UserName="windowsuseraccountname";
adtService.ClientCredentials.Windows.ClientCredential.Password="windowsuseraccountpassword";
adtService.ClientCredentials.Windows.ClientCredential.Domain="windowspcname";

after that you call your webservice methods.

Upvotes: 2

Can Bilgin
Can Bilgin

Reputation: 13

Why can't you just remove the security setting altogether for wsHttpBinding ("none" instead of "message" or "transport")?

Upvotes: -2

Sandip
Sandip

Reputation:

I got it.

If you want to use wshttpbinding, u need to add windows credentials as below.

svc.ClientCredentials.Windows.ClientCredential.UserName = "abc";
svc.ClientCredentials.Windows.ClientCredential.Password = "xxx";

thanks

Upvotes: 24

Michael Kniskern
Michael Kniskern

Reputation: 25280

If you use basicHttpBinding, configure the endpoint security to "None" and transport clientCredintialType to "None."

<bindings>
    <basicHttpBinding>
        <binding name="MyBasicHttpBinding">
            <security mode="None">
                <transport clientCredentialType="None" />
            </security>
        </binding>
    </basicHttpBinding>
</bindings>
<services>
    <service behaviorConfiguration="MyServiceBehavior" name="MyService">
        <endpoint 
            binding="basicHttpBinding" 
            bindingConfiguration="MyBasicHttpBinding"
            name="basicEndPoint"    
            contract="IMyService" 
        />
</service>

Also, make sure the directory Authentication Methods in IIS to Enable Anonymous access

Upvotes: 26

Ta01
Ta01

Reputation: 31630

Have you tried using basicHttpBinding instead of wsHttpBinding? If do not need any authentication and the Ws-* implementations are not required, you'd probably be better off with plain old basicHttpBinding. WsHttpBinding implements WS-Security for message security and authentication.

Upvotes: 4

Related Questions