Silverlight 4 - Configure Self-Hosted WCF Service to use SSL - silverlight

I have a Silverlight 4 application that uses WCF services on the same server (self-hosted). Everything works fine, but now I want to convert my WCF services to use SSL. I am using CustomBindings and can't quite find the combination to get this done. I am using relative URLs on the client side, and hope this is not causing a problem. Here are the important bits of my Web.config file:
<behaviors>
<serviceBehaviors>
<behavior name="">
<serviceMetadata httpGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
<dataContractSerializer maxItemsInObjectGraph="6553600"/>
<serviceTimeouts transactionTimeout="00:10:00"/>
</behavior>
</serviceBehaviors>
</behaviors>
<bindings>
<customBinding>
<binding name="MyApp.Web.Services.ProjectService.customBinding0"
receiveTimeout="00:10:00" sendTimeout="00:10:00">
<binaryMessageEncoding />
<httpsTransport maxReceivedMessageSize="2147483647" />
</binding>
</customBinding>
</bindings>
<services>
<service name="MyApp.Web.Services.ProjectService">
<endpoint address="" binding="customBinding" bindingConfiguration="MyApp.Web.Services.ProjectService.customBinding0"
contract="MyApp.Web.Services.ProjectService" />
</service>
My ClientConfig looks like this:
<configuration>
<system.serviceModel>
<bindings>
<customBinding>
<binding name="CustomBinding_ProjectService">
<binaryMessageEncoding />
<httpTransport maxReceivedMessageSize="2147483647" maxBufferSize="2147483647" />
</binding>
</customBinding>
</bindings>
<client>
<endpoint address="../Services/ProjectService.svc" binding="customBinding"
bindingConfiguration="CustomBinding_ProjectService" contract="SearchProxy.ProjectService"
name="CustomBinding_ProjectService" />
</client>
</system.serviceModel>
</configuration>
I just don't understand how the bindings work in both the server and client. I'm hoping someone can point me in the right direction.

A few things:
If you want to use SSL on localhost you'll need to be using IIS Express 7.5 (or full IIS if you're on a server doing dev - unlikely).
You'll need a clientaccesspolicy.xml file stored in the root of the Web application:
<?xml version="1.0" encoding="utf-8"?>
<access-policy>
<cross-domain-access>
<policy>
<allow-from http-request-headers= "SOAPAction">
<domain uri="https://*"/>
</allow-from>
<grant-to>
<resource path="/" include-subpaths="true"/>
</grant-to>
</policy>
</cross-domain-access>
</access-policy>
Example server-side Web.config:
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="SecureBasicHttpBinding">
<security mode="Transport">
<transport clientCredentialType="Certificate" />
</security>
</binding>
</basicHttpBinding>
</bindings>
<behaviors>
<serviceBehaviors>
<behavior name="SomeBehavior" >
<serviceMetadata httpsGetEnabled="true"/>
<serviceDebug includeExceptionDetailInFaults="true"/>
<useRequestHeadersForMetadataAddress>
<defaultPorts>
<add scheme="https" port="443" />
</defaultPorts>
</useRequestHeadersForMetadataAddress>
</behavior>
</serviceBehaviors>
</behaviors>
<serviceHostingEnvironment>
<serviceActivations>
<add relativeAddress="SomeService.svc" service="MySilverlight.Web.SomeService"/>
</serviceActivations>
</serviceHostingEnvironment>
<services>
<service name="MySilverlight.Web.SomeService"
behaviorConfiguration="SomeBehavior">
<endpoint address="SomeService"
binding="basicHttpBinding"
bindingConfiguration="SecureBasicHttpBinding"
bindingNamespace="https://MySilverlight.Web.SomeService"
contract="MySilverlight.Web.ISomeService">
</endpoint>
<endpoint address="mex"
binding="mexHttpsBinding"
contract="IMetadataExchange" />
</service>
</services>
</system.serviceModel>
Example client-side:
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="BasicHttpBinding_ISomeService" maxBufferSize="2147483647"
maxReceivedMessageSize="2147483647">
<security mode="Transport" />
</binding>
</basicHttpBinding>
</bindings>
<client>
<endpoint address="https://localhost/SomeService.svc/SomeService"
binding="basicHttpBinding" bindingConfiguration="BasicHttpBinding_ISomeService"
contract="MySilverlight.Web.SomeServiceReference.ISomeService"
name="BasicHttpBinding_ISomeService" />
</client>
<extensions />
</system.serviceModel>
</configuration>
IIS 7.5 will setup your localhost certificate automatically.

Can you update the service reference on the client project? That should update the clientconfig file with the correct binding. One thing I am noticing right now is that you're using <httpTransport> on the client binding and <httpsTransport> on the service. Try changing the client to use <httpsTransport> as well.
Also, if your SL app is downloaded from an HTTP:// address, then a call to a service in HTTPS is considered to be a cross-domain call, so you'll need a cross-domain policy file as well.

Related

Trouble with endpoints of my wcf

My WCF service web.config.
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<connectionStrings>
<add name="ZesdaagseResultsContext" connectionString="Data Source=194.33.112.88\partywhere;Initial Catalog=ZesdaagseResults;Persist Security Info=True;User ID=*********;Password=******************/;MultipleActiveResultSets=True"
providerName="System.Data.SqlClient" />
</connectionStrings>
<system.serviceModel>
<services>
<service name="WcfOpzet.MobileService" behaviorConfiguration="MexBehavior">
<endpoint binding="webHttpBinding" contract="WcfOpzet.IMobileService" behaviorConfiguration="webHttpBehavior" />
<endpoint contract="IMetadataExchange" binding="mexHttpBinding" address="mex" />
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="MexBehavior">
<serviceMetadata httpGetEnabled="true" />
</behavior>
</serviceBehaviors>
<endpointBehaviors>
<behavior name="webHttpBehavior">
<webHttp />
</behavior>
</endpointBehaviors>
</behaviors>
</system.serviceModel>
<startup>
<supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.0" />
</startup>
<system.web>
<compilation debug="true" />
</system.web>
</configuration>
My wcf client MobileServiceReference.ClientConfig.
<configuration>
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="webHttpBinding"
maxBufferSize="2147483647"
maxReceivedMessageSize="2147483647">
<security mode="None" />
</binding>
</basicHttpBinding>
</bindings>
<client>
<endpoint address="http://zesdaagse.mobi-app.be/WCFUrl/MobileService.svc"
binding="basicHttpBinding"
bindingConfiguration="webHttpBinding"
contract="MobileService.IMobileService"
name="webHttpBinding"
/>
</client>
<!--<behaviors>
<endpointBehaviors>
<behavior name="webHttpBehavior">
<webHttp/>
</behavior>
</endpointBehaviors>
</behaviors>-->
</system.serviceModel>
</configuration>
My Error when I run my Windows Phone Application.
There was no endpoint listening at http://zesdaagse.mobi-app.be/WCFUrl/MobileService.svc that could accept the message. This is often caused by an incorrect address or SOAP action. See InnerException, if present, for more details.
Explanation
I searched but I don't get it fixed. There is something wrong with my endpoints but I don't know what.
Ah, now I see it
You are using the basicHttpBinding in your client and the webHttpBinding (REST) in your service... That's probably the reason why it's not working, no?
Extra FYI: I tried to call your service myself and now I get a 405, which probably means you didn't specify the [WebGet] or [WebInvoke] attributes to your service operations.
With the following client side config, you should be able to call your service (after attributing your operations with WebGet)
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<startup>
<supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.5" />
</startup>
<system.serviceModel>
<bindings>
<webHttpBinding>
<binding name="webHttpBinding"
maxBufferSize="2147483647"
maxReceivedMessageSize="2147483647">
<security mode="None" />
</binding>
</webHttpBinding>
</bindings>
<client>
<endpoint address="http://zesdaagse.mobi-app.be/WCFUrl/MobileService.svc"
binding="webHttpBinding"
bindingConfiguration="webHttpBinding"
contract="MobileService.IMobileService"
name="webHttpBinding"
behaviorConfiguration="webHttpBehavior"
/>
</client>
<behaviors>
<endpointBehaviors>
<behavior name="webHttpBehavior">
<webHttp/>
</behavior>
</endpointBehaviors>
</behaviors>
</system.serviceModel>
</configuration>

Silverlight WCF Service Deployment setup

I have been trying to deploy my Silverlight app with a WCF service and I keep getting a communication error when calling the service. I want you all to take a look at my config files and see if you guys see anything out of place. My WCF service is located within the same project.
Web.Config
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="PCCWITCGenerator.Web.Services.ITCGeneratorService.customBinding0"
closeTimeout="03:00:00"
openTimeout="03:00:00"
receiveTimeout="03:00:00"
sendTimeout="03:00:00">
</binding>
</basicHttpBinding>
</bindings>
<behaviors>
<serviceBehaviors>
<behavior name="ITCGeneratorService">
<serviceMetadata httpGetEnabled="True"/>
<serviceDebug includeExceptionDetailInFaults="true"/>
</behavior>
</serviceBehaviors>
</behaviors>
<services>
<service behaviorConfiguration="ITCGeneratorService" name="ITCGeneratorService">
<endpoint address="/ITCGeneratorService/"
binding="basicHttpBinding"
bindingConfiguration="PCCWITCGenerator.Web.Services.ITCGeneratorService.customBinding0"
contract="PCCWITCGenerator.Web.Services.ITCGeneratorService">
<identity>
<dns value="localhost"/>
</identity>
</endpoint>
<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange"/>
<host>
<baseAddresses>
<add baseAddress="http://localhost:38095/ITCGeneratorService/PCCWITCGenerator.Web.Services.ITCGeneratorService.svc"/>
</baseAddresses>
</host>
</service>
</services>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" />
</system.serviceModel>
ServiceReferences.ClientConfig
<configuration>
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="CustomBinding_ITCGeneratorService" closeTimeout="03:00:00"
openTimeout="03:00:00" receiveTimeout="03:00:00" sendTimeout="03:00:00"
maxBufferSize="2147483647" maxReceivedMessageSize="2147483647"/>
</basicHttpBinding>
</bindings>
<client>
<endpoint address="http://10.30.20.58:38095/ITCGeneratorService/PCCWITCGenerator.Web.Services.ITCGeneratorService.svc"
binding="basicHttpBinding" bindingConfiguration="CustomBinding_ITCGeneratorService"
contract="ITCGeneratorServiceReference.ITCGeneratorService"
name="CustomBinding_ITCGeneratorService" />
</client>
</system.serviceModel>
</configuration>
clientaccesspolicy.xml
<?xml version="1.0" encoding="utf-8"?>
<access-policy>
<cross-domain-access>
<policy>
<allow-from http-request-headers="SOAPAction">
<domain uri="http://*"/>
</allow-from>
<grant-to>
<resource path="/" include-subpaths="true"/>
<socket-resource port="38095" protocol="tcp" />
</grant-to>
</policy>
</cross-domain-access>
</access-policy>

WCF 16384 max array length

Been trying to solve this for a day. I cant seen to find any error with my code, please help. Thank you!
I'm using IIS to host the Service and used add service reference for the client.
I have made sure that I added readerquota and correct binding configuration. Still, the error occur when i'm sending image file with size over 16384kb.
Server
<?xml version="1.0"?>
<configuration>
<system.web>
<compilation debug="true" targetFramework="4.0" />
</system.web>
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="BasicHttpBinding_ICotfServerWCF" closeTimeout="00:01:00"
openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00"
allowCookies="false" bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard"
maxBufferSize="20000000" maxBufferPoolSize="20000000" maxReceivedMessageSize="20000000"
messageEncoding="Text" textEncoding="utf-8" transferMode="Buffered"
useDefaultWebProxy="true">
<readerQuotas maxDepth="32"
maxStringContentLength="5242880"
maxArrayLength="2147483646"
maxBytesPerRead="4096"
maxNameTableCharCount="5242880" />
<security mode="None">
<transport clientCredentialType="None" proxyCredentialType="None"
realm="" />
<message clientCredentialType="UserName" algorithmSuite="Default" />
</security>
</binding>
</basicHttpBinding>
</bindings>
<services>
<service name="ServerWCF.ICotfServerWCF">
<endpoint address="http://192.168.2.140:8081/CotfServerWCF.svc" binding="basicHttpBinding" behaviorConfiguration="filebehavior" name="basicHttpBinding" bindingConfiguration="BasicHttpBinding_ICotfServerWCF" contract="ServerWCF.ICotfServerWCF" />
</service>
</services>
<behaviors>
<endpointBehaviors>
<behavior name="filebehavior">
<dataContractSerializer maxItemsInObjectGraph="2000000000"/>
</behavior>
</endpointBehaviors>
<serviceBehaviors>
<behavior>
<!-- To avoid disclosing metadata information, set the value below to false and remove the metadata endpoint above before deployment -->
<serviceMetadata httpGetEnabled="true"/>
<!-- To receive exception details in faults for debugging purposes, set the value below to true. Set to false before deployment to avoid disclosing exception information -->
<serviceDebug includeExceptionDetailInFaults="true"/>
</behavior>
</serviceBehaviors>
</behaviors>
<serviceHostingEnvironment multipleSiteBindingsEnabled="true" />
</system.serviceModel>
<system.webServer>
<modules runAllManagedModulesForAllRequests="true"/>
</system.webServer>
<connectionStrings>
<add name="databaseCS" connectionString="Data Source=(local);Initial Catalog=CotfDatabase;User ID=CotfDbUser; Password=$ing1234;"/>
</connectionStrings>
</configuration>
Client
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="BasicHttpBinding_Client" closeTimeout="00:01:00"
openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00"
allowCookies="false" bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard"
maxBufferSize="6553600" maxBufferPoolSize="5242880" maxReceivedMessageSize="6553600"
messageEncoding="Text" textEncoding="utf-8" transferMode="Buffered"
useDefaultWebProxy="true">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="100000"
maxBytesPerRead="4096" maxNameTableCharCount="100000" />
<security mode="None">
<transport clientCredentialType="None" proxyCredentialType="None"
realm="" />
<message clientCredentialType="UserName" algorithmSuite="Default" />
</security>
</binding>
</basicHttpBinding>
</bindings>
<client>
<endpoint address="http://192.168.2.140:8081/CotfServerWCF.svc"
binding="basicHttpBinding" bindingConfiguration="BasicHttpBinding_Client"
contract="ServerWCF.ICotfServerWCF" name="BasicHttpBinding_ICotfServerWCF" >
</endpoint>
</client>
</system.serviceModel>
</configuration>
I have figured out the issue, after I updated my server and client to the right values and right binding. My client is still sending default configuration. Also, the configuration.svcinfo file is still in default value and not updated. Any ideas?
Do you change quotas config both server and client side.
First are you sure that you have set your HttpRuntime to be more than 4MB. You can do it as shown below:
<httpRuntime maxRequestLength="1572864"/>
The above element is under system.web element. The .NET framework's http runtime doesnt allow data more than 4MB by default.
Your reader quotas on the server and client are a bit different. Make sure that you have the client reader quotas same as that of the server.
Once you have the above and you still have problems then try enabling Tracing on your service and it should tell you the exact reason why your request is failing. To enable tracing follow the article here
The client should also get a behaviorConfiguration that sets the maxItemsInObjectGraph
<system.serviceModel>
<behaviors>
<endpointBehaviors>
<behavior name="ServiceBehavior">
<dataContractSerializer maxItemsInObjectGraph="2147483647"/>
</behavior>
</endpointBehaviors>
</behaviors>
Then.. reference this new behavior on your client endpoint...
<endpoint address="http://youraddresshere"
binding="basicHttpBinding" bindingConfiguration="BasicHttpBinding_IService"
contract="" name="" behaviorConfiguration="ServiceBehavior" />
You could also try increasing your maxBytesPerRead="" value in your client and service settings.

Silverlight - How to consume a WCF service from the client with windows authentication

I have a silverlight 4 application and I need the client to consume a WCF service secured with SSL and using windows authentication. Only members of a certain active directory group should be able to call the WCF service.
Here is my web.config. With the current configuration anyone can call the WCF service. what should be the correct values?
Thanks,
Kruvi
<configuration>
<system.diagnostics>
</system.diagnostics>
<system.web>
<compilation debug="true" targetFramework="4.0" />
<customErrors mode="On" defaultRedirect="~\Errors\Error.htm">
<error statusCode="404" redirect="~\Errors\404.htm"/>
</customErrors>
</system.web>
<connectionStrings>
</connectionStrings>
<system.serviceModel>
<diagnostics>
</diagnostics>
<extensions>
<behaviorExtensions>
<add name="silverlightFaults"
type="ZCUtils.SilverlightFaultBehavior, ZCUtils, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null"/>
</behaviorExtensions>
</extensions>
<behaviors>
<endpointBehaviors>
<behavior name="SilverlightFaultBehavior">
<silverlightFaults />
</behavior>
</endpointBehaviors>
<serviceBehaviors>
<behavior name="ZCBehavior">
<serviceMetadata httpsGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
</behavior>
</serviceBehaviors>
</behaviors>
<bindings>
<basicHttpBinding>
<binding name="BasicHttpBindingSsl" maxReceivedMessageSize="2147483647" maxBufferSize="2147483647">
<security mode="Transport" />
</binding>
</basicHttpBinding>
</bindings>
<serviceHostingEnvironment aspNetCompatibilityEnabled="false" multipleSiteBindingsEnabled="true" />
<services>
<service name="ZC.Web.Services.ZCServices" behaviorConfiguration="ZCBehavior">
<endpoint address="" behaviorConfiguration="SilverlightFaultBehavior"
binding="basicHttpBinding" bindingConfiguration="BasicHttpBindingSsl"
contract="ZC.Web.Services.ZCServices" />
</service>
</services>
</system.serviceModel>
</configuration>
The following article shows how to secure a WCF service with Windows auth for Silverlight clients:
http://msdn.microsoft.com/en-us/library/dd744835(v=vs.95).aspx
This article talks about using the PrincipalPermissionAttribute, which will allow you to restrict with groups can call a particular service operation:
http://msdn.microsoft.com/en-us/library/ms731200.aspx

WCF on IIS 7 Errors

I am currently making a WCF service and while I was developing the service acted like it should (Using Visual Studio Web Expres). I have a silverlight application who is consuming the service.
I wrote the WCF service in a class Library and is implemented by a ASP.NET Web Application. While I was using the Visual Studio ASP.NET Development Server the service was happy and gave me everything I asked for.
Now I implemented the service on an IIS 7 Server. And the service doesnt return what I ask for anymore. Instead in Chrome I get the following message:
But If I surf to the service url then the service say's it is ready to rock and roll:
As you can see in the Error I get from Chrome is that the text the service returns is the Source code from that "surf to" page.
My Web.config service model:
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="basicHttpBinding_OnlineCreatorServiceContract" closeTimeout="00:01:00"
openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00"
maxBufferPoolSize="2147483647" maxBufferSize="2147483647"
maxReceivedMessageSize="2147483647">
<readerQuotas maxDepth="2147483647"
maxStringContentLength="2147483647"
maxArrayLength="2147483647"
maxBytesPerRead="2147483647"
maxNameTableCharCount="2147483647" />
<security mode="None" />
</binding>
</basicHttpBinding>
</bindings>
<services>
<service behaviorConfiguration="OnlineCreatorServiceBehavior"
name="OnlineCreator.ServiceLibrary.OrderDataService">
<endpoint address="" binding="basicHttpBinding" bindingConfiguration="basicHttpBinding_OnlineCreatorServiceContract"
name="basicHttpBinding" contract="OnlineCreator.ServiceLibrary.IOrderDataService" />
<endpoint address="mex" binding="mexHttpBinding" name="mexHttpBinding"
contract="IMetadataExchange" />
</service>
</services>
<behaviors>
<endpointBehaviors>
<behavior name="OnlineCreator.Web.OnlineCreatorServiceAspNetAjaxBehavior">
<enableWebScript />
</behavior>
</endpointBehaviors>
<serviceBehaviors>
<behavior name="OnlineCreatorServiceBehavior">
<serviceMetadata httpGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="false" />
</behavior>
</serviceBehaviors>
</behaviors>
<serviceHostingEnvironment multipleSiteBindingsEnabled="true" />
</system.serviceModel>
And my ServiceReferences.ClientConfig:
<configuration>
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="basicHttpBinding" maxBufferSize="2147483647" maxReceivedMessageSize="2147483647">
<security mode="None" />
</binding>
</basicHttpBinding>
</bindings>
<client>
<endpoint address="http://subdomain.domain.com/mapWithServiceInIt/OnlineCreatorService.svc"
binding="basicHttpBinding" bindingConfiguration="basicHttpBinding"
contract="OnlineCreatorService.IOrderDataService" name="basicHttpBinding" />
</client>
</system.serviceModel>
</configuration>
Because my service is on a subdomain I have used to following ClientAccessPolicy.xml:
<?xml version="1.0" encoding="utf-8" ?>
<access-policy>
<cross-domain-access>
<policy>
<allow-from http-request-headers="*">
<domain uri="*"/>
</allow-from>
<grant-to>
<resource path="/" include-subpaths="true"/>
</grant-to>
</policy>
</cross-domain-access>
</access-policy>
As you can see this can't be the problem, but for completeness sake I have putted it here.
This is my first WCF service and it worked perfectly till I putted it on the IIS server. Does anyone has a clue why I get this error and how to fix it?
After I have dug deeper in WCF and IIS I found out that you need to activate WCF on the server. And that is quite the process. To do it right I cleared my current site on IIS to have a fresh start and then followed to following pages to get the WCF to work:
http://blah.winsmarts.com/2008-4-Host_a_WCF_Service_in_IIS_7_-and-amp;_Windows_2008_-_The_right_way.aspx
http://msdn.microsoft.com/en-us/library/ms751527.aspx
http://blogs.msdn.com/b/blambert/archive/2009/02/13/enable-iis.aspx
http://edinkapic.blogspot.com/2009/02/talking-to-wcf-service-from-silverlight.html
I made a very simpel HelloWorld service to test everything and as soon as it all worked I ported it to my service. That first gave me an exception. But that was soon fixed because the connection strings weren't set right.

Resources