Geek Answers Handbook

Call an ASMX service that is protected by Windows credentials

I was provided with a web service (ASMX) to use witch. I need to use Windows credentials for.

So, I set up the client VPN and named WSDL saved as an XML file and generated a proxy class using svcutil.exe , so far so good ...

I call the service as

 // Web Service client = new CmListSync.Models.WebCorePlayersSoapClient(); client.ClientCredentials.Windows.AllowedImpersonationLevel = System.Security.Principal.TokenImpersonationLevel.Impersonation; client.ClientCredentials.Windows.ClientCredential = new System.Net.NetworkCredential(cUser, cPass, cDoma);

and in web.config I have this setting:

  <system.serviceModel> <bindings> <wsHttpBinding> <binding name="WebCorePlayersSoap" closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00" bypassProxyOnLocal="false" transactionFlow="false" hostNameComparisonMode="StrongWildcard" maxBufferPoolSize="524288" maxReceivedMessageSize="65536" messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true" allowCookies="false"> <readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384" maxBytesPerRead="4096" maxNameTableCharCount="16384" /> <reliableSession ordered="true" inactivityTimeout="00:10:00" enabled="true" /> <security mode="None"> <transport clientCredentialType="Windows" proxyCredentialType="None" realm="" /> <message clientCredentialType="Windows" algorithmSuite="Default" negotiateServiceCredential="true" /> </security> </binding> </wsHttpBinding> </bindings> <client> <endpoint address="http://vm-wssrv01/players.asmx" binding="wsHttpBinding" bindingConfiguration="WebCorePlayersSoap" contract="WebCorePlayersSoap" name="WebCorePlayersSoap" /> </client> </system.serviceModel>

but when I try to call the service, I get an exception:

The HTTP request is not authorized using the Anonymous client authentication scheme. The authentication header received from the server was "Basic realm = \" vm-wssrv01 \ "'.

What am I missing? should the service authenticate normally as I provided windows credentials? What else should I do?

What I tried:

  • set the security mode to Message and I got the same error as in the question above
  • set security mode to TransportWithMessageCredential . I got: provided that the "http" URI is invalid; expected 'https'. \ r \ nParameter name: via
  • set the security mode to Transport , and I got: the binding check failed because WSHttpBinding does not support reliable transport security sessions (HTTPS). Could not open factory channel or service host. Use message protection for secure messaging over HTTP.

From John Saunders comment:

I switched to basicHttpBinding

  <system.serviceModel> <bindings> <basicHttpBinding> <binding name="WebCorePlayersSoap" closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00" bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard" maxBufferPoolSize="524288" maxReceivedMessageSize="65536" messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true" allowCookies="false"> <readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384" maxBytesPerRead="4096" maxNameTableCharCount="16384" /> <security mode="None"> <transport clientCredentialType="Windows" proxyCredentialType="Windows" realm="vm-wssrv01" /> <message clientCredentialType="UserName" algorithmSuite="Default" /> </security> </binding> </basicHttpBinding> </bindings> <client> <endpoint address="http://vm-wssrv01/players.asmx" binding="basicHttpBinding" bindingConfiguration="WebCorePlayersSoap" contract="WebCorePlayersSoap" name="WebCorePlayersSoap" /> </client> </system.serviceModel>

and tried to change security mode to:

  • TransportWithMessageCredential {"The provided URI scheme" http "is not valid," https "is expected. \ R \ nParameter: via"}

  • TransportCredentialOnly {"The HTTP request was unauthorized using the Negotiate client authentication scheme. The authentication header received from the server was" Basic realm = \ "vm-wssrv01 \" '. "}

  • Message {"Binding to BasicHttp requires that BasicHttpBinding.Security.Message.ClientCredentialType is equivalent to the BasicHttpMessageCredentialType.Certificate credential type for secure messages. Select" Transport "or" TransportWithMessageCredential "for the" UserName "credential.

  • Transport {"The provided URI scheme" http "is invalid," https "is expected. \ R \ nParameter: via"}

  • None {"The HTTP request was not authorized using the Anonymous client authentication scheme. The authentication header received from the server was" Basic realm = \ "vm-wssrv01 \" '. "}

I'm running out of ideas :( A service is only HTTP, not HTTPS, and I don't have a certificate to use ...

+4
source share
1 answer

after 3 days and with a lot of help from John Saunders , as he stated that the only possible binding for the ASMX service would be basicHttpBinding (my search for an answer became much more focused) I realized:

In the caller of the service, you must use client.ClientCredentials.UserName as:

 // Web Service client = new CmListSync.Models.WebCorePlayersSoapClient(); client.ClientCredentials.UserName.UserName = cUser; client.ClientCredentials.UserName.Password = cPass;

and in terms of configuration, you must use:

  <system.serviceModel> <bindings> <basicHttpBinding> <binding name="WebCorePlayersSoap" closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00" bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard" maxBufferPoolSize="524288" maxReceivedMessageSize="65536" messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true" allowCookies="false"> <readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384" maxBytesPerRead="4096" maxNameTableCharCount="16384" /> <security mode="TransportCredentialOnly"> <transport clientCredentialType="Basic" /> </security> </binding> </basicHttpBinding> </bindings> <client> <endpoint address="http://vm-wssrv01/players.asmx" binding="basicHttpBinding" bindingConfiguration="WebCorePlayersSoap" contract="WebCorePlayersSoap" name="WebCorePlayersSoap"> <identity> <dns value="localhost" /> </identity> </endpoint> </client> </system.serviceModel>
+5
source

More articles:


All Articles