Geek Answers Handbook

WCF service (wsHttpBinding) behind the F5 load balancer

current setting: - I have a WCF service with wsHttpBding, see the service configuration below - I used ServiceHostFactory to solve the problem of the incorrect location and address of the soap circuit, changing them from the machine name to the correct server hostname - my test client (WCFStorm), I I can create a proxy server, see all the methods and call them successfully. - my dev environment (client-> HTTPS → service) works fine.

problems: - prod environment (client → HTTPS → F5 → HTTP → service) - my service is behind the F5 load balancer that unloads SSL - my test client (WCFStorm), I can generate a proxy server and see all the methods, but when I I call any of the methods, I get a remote server, error 404 not found

  • my service configuration: <services> <service behaviorConfiguration="Service1Behavior" name="MyService"> <endpoint name="secure" address="" binding="wsHttpBinding" bindingConfiguration="custBinding" contract="IService"/> <endpoint address="mex" binding="mexHttpsBinding" contract="IMetadataExchange" /> </service> </services> <bindings> <wsHttpBinding> <binding name="custBinding"> <security mode="Transport"> <transport clientCredentialType="None" /> <message clientCredentialType="None" negotiateServiceCredential="false" establishSecurityContext="false" /> </security> </binding> </wsHttpBinding> </bindings> <behaviors> <serviceBehaviors> <behavior name="Service1Behavior"> <serviceMetadata httpsGetEnabled="true" httpGetEnabled="true" httpGetUrl="http://myserver/MyService.svc"/> <serviceDebug includeExceptionDetailInFaults="true"/> <dataContractSerializer maxItemsInObjectGraph="6553600" /> </behavior> </serviceBehaviors> </behaviors> >

  • note that all of my circuit addresses and soap addresses in wsdl are correct in prod, but I just can't call any methods.

Please, help.

+4
source share
4 answers

We have a similar situation, and this is how we work it.

in the service - we changed the binding to use basicHttpBinding and added a key that should be passed with each request.

in the client - we changed http in the configuration to https, and in the basicHttpBindings configuration we changed the security mode to Transport on clientCredentialType="None" .

Hope this helps.

UPDATE: I soon found this article and I updated the configuration and it worked. So now we use wsHttpBinding instead of basicHttpBinding. http://blogs.msdn.com/b/morgan/archive/2010/04/15/setting-up-wcf-with-a-load-balancer-using-ssl-in-the-middle.aspx

+3
source

The problem with your service configuration is that the Transport security mode, where it should actually be None . Since any calls to your service will be HTTP for the F5 load balancer, you cannot use the Transport security mode there (client → HTTPS → F5 → HTTP → service). However, when you call the service from your client, the client configuration must be in Transport security mode, and for the endpoint address there must be an HTTPS address.

  <wsHttpBinding> <binding name="custBinding"> <security mode="None"> <transport clientCredentialType="None" /> <message clientCredentialType="None" negotiateServiceCredential="false" establishSecurityContext="false" /> </security> </binding> </wsHttpBinding>
+1
source

It may be a little late for you, but here's how we do it. Once I generated the proxy, I just change http: in config to https. Now, if I sometimes have to call it ssl, and in other cases without it, I will copy the configuration section and give copies to a different name, and then when you create the client, you can pass the configuration name and it will select the correct one.

0
source

We could not get this work to work with load balancing level 7 - various error messages were returned from the service. Instead, it tunes to level 4 load balancing with no problems.

0
source

More articles:


All Articles