Windows Vista Forums
Vista Forums Home Join Vista Forums Windows 7 Forum Vista Tutorials Tags
Welcome to Windows Vista Forums. Our forum is dedicated to helping you find solutions with any problems, errors or issues you are experiencing with Windows Vista. The Vista forum also covers news and updates and has an extensive Windows Vista tutorial section that covers a wide range of tips and tricks.

Go Back   Vista Forums > Misc Newsgroups > Indigo

Vista - Forbidden at HTTP level when using self-hosted for https and Basica Authentication

 
 
Old 03-28-2007   #1 (permalink)
wuzupgee@gmail.com


 
 

Forbidden at HTTP level when using self-hosted for https and Basica Authentication

Hi,
I encountered a problem when doing self-hosted web service using WCF
and hope people can help me here.
I am trying to self-host a web service, using https, and Basic
Authentication. So, I used an MSDN example at
http://msdn2.microsoft.com/en-us/library/ms733775.aspx with some
modification.
The service side configuration has this:
<wsHttpBinding>
<binding name="UsernameWithTransport">
<security mode="Transport">
<transport clientCredentialType="Basic" />
</security>
</binding>
</wsHttpBinding>
and the endpoint uses this configuration.

I added a custom username/password validator as described in
http://msdn2.microsoft.com/en-us/library/aa702565.aspx (but changed
the security mode to transport, since the example on MSDN is using
message). So, on the service side, extra code looks like this:

myServiceHost.Credentials.UserNameAuthentication.UserNamePasswordValidationMode
=
System.ServiceModel.Security.UserNamePasswordValidationMode.Custom;
myServiceHost.Credentials.UserNameAuthentication.CustomUserNamePasswordValidator
= new CustomUserNameValidator();
// CustomUserNameValidator implementation here ...

On the client, I did this in the code:
client.ClientCredentials.UserName.UserName = "test1";
client.ClientCredentials.UserName.Password = "1tset";

Client side config matches the service config, so I have:
<wsHttpBinding>
<binding name="WSHttpBinding_ICalculator" >
<security mode="Transport">
<transport clientCredentialType="Basic" />
</security>
</binding>
</wsHttpBinding>

I also set the principalPermissionMode to None in the service config.

When the client invokes the service, it got the exception:
HTTP request was forbidden with client authentication scheme 'Basic'.
---> System.Net.WebException: The remote server returned an error:
(403) Forbidden.

The MSDN example is for IIS hosted. I am wondering it is doable at
all in a self-hosted service? If yes, what steps am I missiong. Here
is the whole exception stack on the client:

Unhandled Exception:
System.ServiceModel.Security.MessageSecurityException: The HTTP
request was forbidden with client authentication scheme 'Basic'. --->
System.Net.WebException: The remote server returned an error: (403)
Forbidden.
at System.Net.HttpWebRequest.GetResponse()
at
System.ServiceModel.Channels.HttpChannelFactory.HttpRequestChannel.HttpChannelRequest.WaitForReply
TimeSpan timeout)
--- End of inner exception stack trace ---

Server stack trace:
at
System.ServiceModel.Channels.HttpChannelUtilities.ValidateAuthentication(HttpWebRequest
request, HttpWebResponse response, WebException responseException,
HttpChannelFactory factory)
at
System.ServiceModel.Channels.HttpChannelUtilities.ValidateRequestReplyResponse(HttpWebRequest
request, HttpWebResponse response, HttpChannelFactory factory,
WebException responseException)
at
System.ServiceModel.Channels.HttpChannelFactory.HttpRequestChannel.HttpChannelRequest.WaitForReply(TimeSpan
timeout)
at System.ServiceModel.Channels.RequestChannel.Request(Message
message, TimeSpan timeout)
at
System.ServiceModel.Dispatcher.RequestChannelBinder.Request(Message
message, TimeSpan timeout)
at System.ServiceModel.Channels.ServiceChannel.Call(String action,
Boolean oneway, ProxyOperationRuntime operation, Object[] ins,
Object[] outs, TimeSpan timeout)
at System.ServiceModel.Channels.ServiceChannel.Call(String action,
Boolean oneway, ProxyOperationRuntime operation, Object[] ins,
Object[] outs)
at
System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage
methodCall, ProxyOperationRuntime operation)
at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage
message)

Exception rethrown at [0]:
at
System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage
reqMsg, IMessage retMsg)
at
System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData&
msgData, Int32 type)
at SoapClient.xp_dev3.IService1.MyOperation1(String myValue)
at SoapClient.xp_dev3.Service1Client.MyOperation1(String myValue)
in :\DotNetWebService\WCFSamples\SoapClient\Service References
\xp_dev3.cs:line 119
at SoapClient.Program.Client.Main() in F:\DotNetWebService
\WCFSamples\SoapClient\Program.cs:line 25

If I set the <transport clientCredentialType="None" /> on both client
and service config, it invocation works.

Thanks in advance for any help.
Jason


My System SpecsSystem Spec
 

Thread Tools


Similar Threads
Thread Forum
FTP, HTTP, HTTPS Protocols Vista General
HTTP 403 Forbidden Vista General
HTTP Error 403.7 - Forbidden: SSL client certificate is required Vista networking & sharing


Vista Forums is an independent web site and has not been authorized,
sponsored, or otherwise approved by Microsoft Corporation.
"Windows Vista", the Start Orb, and related materials are trademarks of Microsoft Corp.
© Designer Media Ltd

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46