Check here: http://developers.de/blogs/damir_dobric/archive/2006/07/31/890.aspx and http://msdn.microsoft.com/en-us/library/ff648505.aspx Transport seems to require HTTPS to encrypt credentials and throws an exception if there is no SSL. TransportCredentialOnly will send the credentials in plain text and unencrypted and is recommended for testing ONLY! Good Luck!!
From the error, I think you need to add an x509 Security key or credentials, something like this: var credentials = new X509CertificateCredentials( Certificate.Get(), new SecurityKeyIdentifier( new NamedKeySecurityKeyIdentifierClause( “kid”, “6B7ACC520305BFDB4F7252DAEB2177CC091FAAE1”))); eg this part: new SecurityKeyIdentifier( new NamedKeySecurityKeyIdentifierClause( “kid”, “6B7ACC520305BFDB4F7252DAEB2177CC091FAAE1”) Also, make sure your certificate is installed in your root store.
If you want to look at the traffic with Fiddler, you probably want to go the route of changing the machine.config file so that all .NET applications will send traffic through Fiddler. This helps ensure that you capture data from processes running in services, etc. Open machine.config in the folder C:\Windows\Microsoft.NET\Framework\v4.0.30319\Config. Note that if you … Read more
It is probably possible, but hugely complicated. We had a project using Dynamics which moved to ADFS, and required adding lots of extra code around refreshing tokens (code form autorefreshsecuritytoken.cs, deviceidmanager.cs and toolserviceproxies.cs from the SDK) and that was still using the SDK for everything. Bare in mind you also need windows.identification installed in the … Read more
Security in WCF actually consists of several features. The difference between those two is how are messages signed and encrypted. Transport security provides only point-to-point channel security. It means that HTTPS establish secure channel only between client and server exposed to client. But if this server is just a load balancer or reverse proxy server … Read more
If you need to send UserName over HTTPS you can use standard approach (if your WSDL is correctly defined this should be created for you automatically by adding service reference): <bindings> <basicHttpBinding> <binding name=”secured”> <security mode=”TransportWithMessageCredential”> <message clientCredentialType=”UserName” /> </security> </binding> </basicHttpBinding> </bindings> <client> <endpoint name=”…” address=”https://…” contract=”…” binding=”basicHttpBinding” bindingConfiguration=”secured” /> </client> Ar you can … Read more
We had this issue as the host server had been updated to use TLS V1.2 and we were connecting using standard SSL. This was an update made as part of pen testing of the sites. We saw the issue in code connection, but not browsers going to the wsdl. Below code resolved: if (System.Net.ServicePointManager.SecurityProtocol == … Read more
A service application includes a website host already setup for you. A service library is a library of services that a host can reference and startup. If you start with a service library (recommended) you can then choose any host you wish (a windows service, IIS/ASP.NET, or even a console application) and you’d just reference … Read more